Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/dD84yZ-pgYAxsaT5bdGXkRm8Fz4.roa
File:                     dD84yZ-pgYAxsaT5bdGXkRm8Fz4.roa (raw, json)
Hash identifier:          NbT4Cu+acHDSRtzZLS6SXVrKaDNvuUAMf12/WOXnv1Q=
Subject key identifier:   74:3F:38:C9:9F:A9:81:80:31:B1:A4:F9:6D:D1:97:91:19:BC:17:3E
Certificate issuer:       /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial:       0184AE84685B1C87D250B869E9EE0753AC9C
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/dD84yZ-pgYAxsaT5bdGXkRm8Fz4.roa
Signing time:             Fri 25 Nov 2022 11:20:23 +0000
ROA not before:           Fri 25 Nov 2022 11:20:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     32181
IP address blocks:        185.118.78.0/24 maxlen: 24
                          213.21.235.0/24 maxlen: 24
                          213.21.251.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ae:84:68:5b:1c:87:d2:50:b8:69:e9:ee:07:53:ac:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
        Validity
            Not Before: Nov 25 11:20:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=743f38c99fa9818031b1a4f96dd1979119bc173e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:de:54:85:1d:55:c7:2f:26:9f:e9:9b:8f:5b:
                    dd:7e:52:15:1a:79:4a:2d:5e:6b:d2:c3:5a:5f:e4:
                    6c:ef:ed:f7:4a:f1:1a:5e:e9:2e:66:29:f2:8c:29:
                    72:d2:b2:ba:20:34:cc:d3:69:31:48:6f:58:25:fc:
                    6c:cf:16:d0:20:a0:e4:09:e5:79:34:ae:97:b8:29:
                    75:42:21:38:a1:fc:da:73:eb:1d:b2:5d:2a:64:f6:
                    bb:ce:40:09:b5:39:37:67:2a:f6:fd:cc:d0:93:77:
                    d9:f7:21:c7:66:11:a2:e9:cc:a4:58:f9:e3:4f:84:
                    da:34:83:0d:b0:33:3a:d4:bd:a3:36:a1:10:3f:72:
                    db:bd:79:ec:73:66:88:eb:8b:17:dd:3f:f6:d0:1b:
                    ac:36:5f:e3:0e:cc:b1:72:d5:fb:50:d1:36:12:70:
                    8d:c1:10:ed:c9:56:3a:0c:c0:a7:5d:d4:d8:13:0e:
                    9b:e6:bd:10:ee:6f:48:0e:e9:d6:3c:98:3c:2c:99:
                    88:66:cd:7b:72:96:8f:85:a3:11:42:85:c0:7d:62:
                    8d:5f:13:3a:0a:10:51:f5:a6:f4:32:b6:e8:2a:4e:
                    b2:b9:e1:32:e9:e1:f8:61:ef:4e:f5:c8:8d:86:dd:
                    4b:15:2f:c7:9e:58:8b:6f:89:35:bd:6c:53:ca:18:
                    26:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:3F:38:C9:9F:A9:81:80:31:B1:A4:F9:6D:D1:97:91:19:BC:17:3E
            X509v3 Authority Key Identifier:
                keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/dD84yZ-pgYAxsaT5bdGXkRm8Fz4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.118.78.0/24
                  213.21.235.0/24
                  213.21.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:6e:27:11:4c:0e:72:4a:ec:63:02:41:eb:09:01:e5:16:b1:
         a8:b8:c1:a3:d7:5d:aa:38:59:24:cc:e5:6b:79:8f:b0:e0:f3:
         20:f0:3c:43:6f:20:7b:bd:4b:22:d1:ed:b0:45:9f:98:ef:6a:
         35:51:e0:60:ec:52:d7:29:3b:dc:27:df:89:0e:e9:01:06:22:
         21:a4:e4:b6:32:04:94:16:a8:b5:79:99:6e:3d:b2:26:84:bb:
         6a:b8:6f:75:43:d2:e7:99:85:ad:ec:5c:b7:75:6a:c0:ce:63:
         ae:90:9e:54:1f:e8:fb:d2:92:00:71:fa:07:4b:8f:ef:98:9f:
         f8:9e:77:b0:c4:cf:fb:71:cb:e7:02:f9:35:bb:55:00:db:9f:
         2e:03:35:be:39:87:dd:ac:52:c3:57:1f:32:5a:f0:85:a3:1d:
         2b:ba:d7:50:7c:dd:04:97:f4:af:43:81:2c:d8:e9:33:07:9a:
         62:7c:0e:e0:50:aa:75:a1:6d:78:c8:ed:86:f5:f8:58:2e:4f:
         b4:c5:e4:b2:31:f2:14:e7:61:8b:f9:85:ab:b0:7b:fc:b8:9e:
         f3:aa:f4:07:61:5c:ed:f5:0a:fa:6e:dd:d0:34:32:aa:b5:85:
         a1:a1:c5:f7:99:e7:bd:33:88:cd:b7:77:cc:9e:02:58:3c:00:
         da:c2:f9:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSuhGhbHIfSULhp6e4HU6ycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIxMTI1MTEyMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDNmMzhjOTlmYTk4MTgwMzFiMWE0Zjk2ZGQxOTc5MTE5YmMxNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt5UhR1Vxy8mn+mbj1vdflIVGnlK
LV5r0sNaX+Rs7+33SvEaXukuZinyjCly0rK6IDTM02kxSG9YJfxszxbQIKDkCeV5
NK6XuCl1QiE4ofzac+sdsl0qZPa7zkAJtTk3Zyr2/czQk3fZ9yHHZhGi6cykWPnj
T4TaNIMNsDM61L2jNqEQP3LbvXnsc2aI64sX3T/20BusNl/jDsyxctX7UNE2EnCN
wRDtyVY6DMCnXdTYEw6b5r0Q7m9IDunWPJg8LJmIZs17cpaPhaMRQoXAfWKNXxM6
ChBR9ab0MrboKk6yueEy6eH4Ye9O9ciNht1LFS/HnliLb4k1vWxTyhgmKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHQ/OMmfqYGAMbGk+W3Rl5EZvBc+MB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvZEQ4NHlaLXBnWUF4c2FUNWJkR1hrUm04Rno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuXZOAwQA
1RXrAwQA1RX7MA0GCSqGSIb3DQEBCwUAA4IBAQBtbicRTA5ySuxjAkHrCQHlFrGo
uMGj112qOFkkzOVreY+w4PMg8DxDbyB7vUsi0e2wRZ+Y72o1UeBg7FLXKTvcJ9+J
DukBBiIhpOS2MgSUFqi1eZluPbImhLtquG91Q9LnmYWt7Fy3dWrAzmOukJ5UH+j7
0pIAcfoHS4/vmJ/4nnewxM/7ccvnAvk1u1UA258uAzW+OYfdrFLDVx8yWvCFox0r
utdQfN0El/SvQ4Es2OkzB5pifA7gUKp1oW14yO2G9fhYLk+0xeSyMfIU52GL+YWr
sHv8uJ7zqvQHYVzt9Qr6bt3QNDKqtYWhocX3mee9M4jNt3fMngJYPADawvlr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:38 2024 by rpki-client on console-ams.rpki-client.org