Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/dIPaP3aykCmJG_JHRIZHXeP89wo.roa
File:                     dIPaP3aykCmJG_JHRIZHXeP89wo.roa (raw, json)
Hash identifier:          7lcrrtuXOz0RJJPdp9XNIMGn6CXINGYQ1mqQoclEC+Y=
Subject key identifier:   74:83:DA:3F:76:B2:90:29:89:1B:F2:47:44:86:47:5D:E3:FC:F7:0A
Certificate issuer:       /CN=739f3ebcd26792b913c1dcb9941996e998f16078
Certificate serial:       37798BB1
Authority key identifier: 73:9F:3E:BC:D2:67:92:B9:13:C1:DC:B9:94:19:96:E9:98:F1:60:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/dIPaP3aykCmJG_JHRIZHXeP89wo.roa
Signing time:             Sat 01 Jan 2022 14:55:47 +0000
ROA not before:           Sat 01 Jan 2022 14:55:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35063
IP address blocks:        217.171.48.0/20 maxlen: 24
                          46.29.144.0/21 maxlen: 24
                          85.237.160.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 930712497 (0x37798bb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=739f3ebcd26792b913c1dcb9941996e998f16078
        Validity
            Not Before: Jan  1 14:55:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7483da3f76b29029891bf2474486475de3fcf70a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c3:b9:2c:fe:29:cc:a6:bc:5e:a1:f3:e6:dc:
                    27:1d:67:97:65:7c:77:e3:e8:8b:c8:86:73:fc:de:
                    eb:cd:c4:a8:32:49:e1:9b:27:a7:ec:48:b9:f7:6c:
                    ac:d6:f8:d8:be:61:84:6b:5d:ab:68:bf:60:1d:f5:
                    d9:e0:34:42:c4:90:e9:c4:50:fe:39:06:25:29:e2:
                    ca:70:13:87:97:fe:5b:7c:11:22:57:f2:d9:25:bc:
                    e1:76:c3:54:6a:90:33:c1:8d:c2:8a:10:33:07:72:
                    f9:9e:ae:54:19:77:a2:33:0e:0d:9d:2d:f5:3e:90:
                    91:c1:d3:64:d1:f4:c7:68:a2:80:42:95:53:66:b5:
                    f6:40:8a:0c:44:ea:72:29:58:7c:5b:e7:3f:89:a6:
                    4f:e9:d6:57:af:89:79:75:9c:2c:50:7d:a1:89:b6:
                    27:ee:d5:86:81:e0:73:ad:09:34:e6:eb:a1:af:d0:
                    db:3b:8a:32:07:60:4d:92:7a:ef:98:97:1a:a5:79:
                    02:7e:af:6c:f3:f7:a2:b9:db:60:08:90:e9:55:d4:
                    1f:df:af:fe:00:ad:e4:64:77:23:cb:f1:84:e6:ff:
                    85:ce:4a:89:01:3d:1c:cb:4f:48:b1:62:1d:b6:3e:
                    e8:88:bd:27:53:86:76:29:7b:c1:c3:c5:b4:88:3e:
                    5e:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:83:DA:3F:76:B2:90:29:89:1B:F2:47:44:86:47:5D:E3:FC:F7:0A
            X509v3 Authority Key Identifier:
                keyid:73:9F:3E:BC:D2:67:92:B9:13:C1:DC:B9:94:19:96:E9:98:F1:60:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/dIPaP3aykCmJG_JHRIZHXeP89wo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/c58-vNJnkrkTwdy5lBmW6ZjxYHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.29.144.0/21
                  85.237.160.0/19
                  217.171.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         3c:a3:27:5d:95:0c:6a:d0:32:a6:e9:31:ef:f0:f0:42:5d:f7:
         26:f0:33:17:54:0c:97:91:86:c1:64:50:a2:0c:24:17:bf:93:
         ac:49:58:c8:71:c2:04:f0:17:cb:fa:7b:2c:b0:a3:d4:bd:96:
         e4:08:63:65:e2:7c:95:b9:ac:43:82:b7:34:dd:98:9b:b9:3c:
         50:fb:7a:e7:14:6a:0d:86:54:d4:ec:7d:cb:db:68:57:48:dd:
         28:36:3a:11:77:b1:7c:9c:22:5a:c5:cf:91:a2:61:f9:12:b4:
         ea:cd:5b:ea:b1:d6:3c:14:72:94:cb:c9:6b:7b:65:b3:d9:33:
         d6:0f:6a:53:ba:3b:4a:39:fb:ee:4e:ca:10:58:2a:24:ec:cd:
         fe:77:a7:a1:ef:c7:ee:98:b7:3e:19:fd:68:bc:5b:00:59:a0:
         dc:fe:d0:96:b8:d7:00:4e:d6:31:07:7b:45:4e:44:c6:8d:4a:
         15:d4:64:a7:a5:8b:d8:e3:b7:16:c7:97:44:87:b0:96:3c:75:
         5a:9a:87:15:59:17:27:7a:5a:ba:c7:d9:28:d9:b4:7a:b9:55:
         79:98:9e:31:7a:82:1b:15:99:76:8e:c2:3e:d0:94:e6:d5:74:
         9f:5d:55:4b:63:e5:08:4e:d6:e3:3a:b1:ea:33:d1:1e:ba:29:
         aa:c6:1c:27
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEN3mLsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzlmM2ViY2QyNjc5MmI5MTNjMWRjYjk5NDE5OTZlOTk4ZjE2MDc4MB4XDTIyMDEw
MTE0NTU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQ4M2RhM2Y3NmIy
OTAyOTg5MWJmMjQ3NDQ4NjQ3NWRlM2ZjZjcwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/DuSz+KcymvF6h8+bcJx1nl2V8d+Poi8iGc/ze683EqDJJ
4Zsnp+xIufdsrNb42L5hhGtdq2i/YB312eA0QsSQ6cRQ/jkGJSniynATh5f+W3wR
Ilfy2SW84XbDVGqQM8GNwooQMwdy+Z6uVBl3ojMODZ0t9T6QkcHTZNH0x2iigEKV
U2a19kCKDETqcilYfFvnP4mmT+nWV6+JeXWcLFB9oYm2J+7VhoHgc60JNObroa/Q
2zuKMgdgTZJ675iXGqV5An6vbPP3ornbYAiQ6VXUH9+v/gCt5GR3I8vxhOb/hc5K
iQE9HMtPSLFiHbY+6Ii9J1OGdil7wcPFtIg+Xh0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBR0g9o/drKQKYkb8kdEhkdd4/z3CjAfBgNVHSMEGDAWgBRznz680meSuRPB
3LmUGZbpmPFgeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2M1OC12Tkpua3JrVHdkeTVsQm1XNlpqeFlIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvZDJkOTllLWE3YzEtNDNlOC05M2Y1LWExMWE5NmQyMTg2MS8x
L2RJUGFQM2F5a0NtSkdfSkhSSVpIWGVQODl3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
ZDJkOTllLWE3YzEtNDNlOC05M2Y1LWExMWE5NmQyMTg2MS8xL2M1OC12Tkpua3Jr
VHdkeTVsQm1XNlpqeFlIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAy4dkAMEBVXtoAMEBNmrMDANBgkq
hkiG9w0BAQsFAAOCAQEAPKMnXZUMatAypukx7/DwQl33JvAzF1QMl5GGwWRQogwk
F7+TrElYyHHCBPAXy/p7LLCj1L2W5AhjZeJ8lbmsQ4K3NN2Ym7k8UPt65xRqDYZU
1Ox9y9toV0jdKDY6EXexfJwiWsXPkaJh+RK06s1b6rHWPBRylMvJa3tls9kz1g9q
U7o7Sjn77k7KEFgqJOzN/nenoe/H7pi3Phn9aLxbAFmg3P7QlrjXAE7WMQd7RU5E
xo1KFdRkp6WL2OO3FseXRIewljx1WpqHFVkXJ3pausfZKNm0erlVeZieMXqCGxWZ
do7CPtCU5tV0n11VS2PlCE7W4zqx6jPRHropqsYcJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:11 2024 by rpki-client on console-ams.rpki-client.org