Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/01420d1ZRcIA269UfvVopvrYi5c.roa
File:                     01420d1ZRcIA269UfvVopvrYi5c.roa (raw, json)
Hash identifier:          nNyN/FNi33etJcjaX5S/hZcbEt09oPRMj//x2pmUpC8=
Subject key identifier:   D3:5E:36:D1:DD:59:45:C2:00:DB:AF:54:7E:F5:68:A6:FA:D8:8B:97
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       11C3CE2F
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/01420d1ZRcIA269UfvVopvrYi5c.roa
Signing time:             Sat 01 Jan 2022 15:05:40 +0000
ROA not before:           Sat 01 Jan 2022 15:05:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20521
IP address blocks:        82.118.228.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 298044975 (0x11c3ce2f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Jan  1 15:05:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d35e36d1dd5945c200dbaf547ef568a6fad88b97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:03:97:dc:b0:07:a0:b9:6d:10:e8:84:a5:3a:
                    02:b9:9b:93:0b:9b:4e:c3:b3:98:76:03:ad:88:98:
                    82:3f:77:c1:04:03:ba:83:d2:45:ad:3e:f8:e1:41:
                    0d:0a:4c:ed:22:e6:52:d2:36:f5:82:5a:52:b9:35:
                    dd:07:5d:a9:b2:c2:11:3b:8f:c7:a4:5b:e0:11:c6:
                    b0:a8:cd:61:1b:6e:af:73:10:a4:3b:d2:fc:fa:76:
                    04:ab:07:39:03:36:96:ce:4e:5f:f2:1b:ca:d7:75:
                    8f:1d:46:64:42:54:ff:10:94:ae:12:56:2b:cc:c1:
                    00:ba:3b:8e:a8:89:03:81:d2:90:0b:4f:71:b5:99:
                    e0:f7:98:df:ed:51:bf:dc:84:89:26:68:3f:2a:b0:
                    26:27:a1:94:8d:88:8e:6e:bb:bf:25:ff:b9:c8:60:
                    45:3d:2d:4c:3b:5c:03:58:51:92:65:fc:af:4b:cb:
                    d3:7b:c9:27:04:0d:d4:e6:98:17:d6:68:f1:55:60:
                    f6:5b:9a:78:e8:b9:36:ac:81:58:97:82:af:12:3c:
                    47:7c:47:1e:1d:eb:c6:9a:5f:fe:3e:26:66:cb:dc:
                    ea:2d:a3:16:df:75:b6:f3:3c:d8:2e:21:56:65:6a:
                    00:00:ea:c0:55:c6:0d:77:65:46:f8:9d:fc:97:be:
                    1b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:5E:36:D1:DD:59:45:C2:00:DB:AF:54:7E:F5:68:A6:FA:D8:8B:97
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/01420d1ZRcIA269UfvVopvrYi5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.118.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:f2:13:f4:1d:af:f4:5c:ee:59:1e:b1:ab:fd:05:27:7c:77:
         f6:b3:84:e8:f1:4e:5d:34:cf:80:a1:a2:95:f3:58:07:57:75:
         8e:b0:ec:00:06:1d:57:fc:8f:7f:2d:b1:73:ea:d5:2f:e6:5b:
         5b:ad:07:08:b5:4c:f0:bb:eb:59:43:c9:e3:1f:11:b9:3d:03:
         f7:09:db:08:66:d7:4e:82:fd:0b:a6:39:bd:ff:fa:c3:26:c8:
         80:85:0d:3c:71:40:fe:81:f4:7a:30:83:2d:49:55:b0:27:64:
         43:9b:d7:5c:aa:d3:31:5d:a2:a6:d6:4b:af:a8:5a:41:c8:bf:
         56:6e:12:58:20:cd:fa:9b:34:bb:5b:81:af:3c:a8:c0:22:3f:
         cb:b0:ba:39:ff:04:dc:fe:36:55:27:c1:99:9b:5b:70:8e:94:
         2e:6a:46:e5:44:44:89:d3:af:bf:55:8e:d1:cd:96:30:c2:ab:
         04:dc:ef:90:32:9e:fd:09:79:7f:59:7e:6b:4f:c1:3c:bb:31:
         c7:7c:c4:36:22:51:cb:ae:a4:99:35:58:3b:62:b1:c5:4e:7d:
         26:02:63:c2:c0:96:73:4e:45:be:cf:de:62:91:cc:c7:48:02:
         e2:a4:02:72:18:f9:06:40:c1:1e:e9:6d:98:b2:e7:ef:fc:0d:
         7f:6f:6a:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEcPOLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MzVlYWM2NGVhNDgwMmU2ODI0Njg2ZjdjMGQyMDFmMmM4NWNiMmFhMB4XDTIyMDEw
MTE1MDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM1ZTM2ZDFkZDU5
NDVjMjAwZGJhZjU0N2VmNTY4YTZmYWQ4OGI5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0Dl9ywB6C5bRDohKU6ArmbkwubTsOzmHYDrYiYgj93wQQD
uoPSRa0++OFBDQpM7SLmUtI29YJaUrk13QddqbLCETuPx6Rb4BHGsKjNYRtur3MQ
pDvS/Pp2BKsHOQM2ls5OX/Ibytd1jx1GZEJU/xCUrhJWK8zBALo7jqiJA4HSkAtP
cbWZ4PeY3+1Rv9yEiSZoPyqwJiehlI2Ijm67vyX/uchgRT0tTDtcA1hRkmX8r0vL
03vJJwQN1OaYF9Zo8VVg9luaeOi5NqyBWJeCrxI8R3xHHh3rxppf/j4mZsvc6i2j
Ft91tvM82C4hVmVqAADqwFXGDXdlRvid/Je+GysCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTTXjbR3VlFwgDbr1R+9Wim+tiLlzAfBgNVHSMEGDAWgBTDXqxk6kgC5oJG
hvfA0gHyyFyyqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3cxNnNaT3BJQXVhQ1JvYjN3TklCOHNoY3Nxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvY2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8x
LzAxNDIwZDFaUmNJQTI2OVVmdlZvcHZyWWk1Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
Y2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8xL3cxNnNaT3BJQXVh
Q1JvYjN3TklCOHNoY3Nxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFJ25DANBgkqhkiG9w0BAQsFAAOC
AQEAOfIT9B2v9FzuWR6xq/0FJ3x39rOE6PFOXTTPgKGilfNYB1d1jrDsAAYdV/yP
fy2xc+rVL+ZbW60HCLVM8LvrWUPJ4x8RuT0D9wnbCGbXToL9C6Y5vf/6wybIgIUN
PHFA/oH0ejCDLUlVsCdkQ5vXXKrTMV2iptZLr6haQci/Vm4SWCDN+ps0u1uBrzyo
wCI/y7C6Of8E3P42VSfBmZtbcI6ULmpG5UREidOvv1WO0c2WMMKrBNzvkDKe/Ql5
f1l+a0/BPLsxx3zENiJRy66kmTVYO2KxxU59JgJjwsCWc05Fvs/eYpHMx0gC4qQC
chj5BkDBHultmLLn7/wNf29qlw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org