Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/qdq3ADp5MqJIsYaKv7pqUQyaA28.roa
File:                     qdq3ADp5MqJIsYaKv7pqUQyaA28.roa (raw, json)
Hash identifier:          GObdwEbIz3R+QoJvF5VS4+lJPGpvJrlVugpn9nv5+zk=
Subject key identifier:   A9:DA:B7:00:3A:79:32:A2:48:B1:86:8A:BF:BA:6A:51:0C:9A:03:6F
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       11C538F2
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/qdq3ADp5MqJIsYaKv7pqUQyaA28.roa
Signing time:             Sat 01 Jan 2022 15:05:40 +0000
ROA not before:           Sat 01 Jan 2022 15:05:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25374
IP address blocks:        130.185.230.0/23 maxlen: 23
                          130.185.230.0/24 maxlen: 24
                          130.185.233.0/24 maxlen: 24
                          130.185.231.0/24 maxlen: 24
                          79.124.11.0/24 maxlen: 24
                          79.124.10.0/24 maxlen: 24
                          79.124.10.0/23 maxlen: 23
                          79.124.12.0/24 maxlen: 24
                          79.124.19.0/24 maxlen: 24
                          79.124.18.0/23 maxlen: 23
                          79.124.18.0/24 maxlen: 24
                          79.124.46.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 298137842 (0x11c538f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Jan  1 15:05:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a9dab7003a7932a248b1868abfba6a510c9a036f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:94:d0:65:44:3c:8b:95:99:d3:4b:8c:41:9b:
                    e9:3f:4f:cc:0f:6e:17:f9:2d:c7:76:d7:25:2f:7a:
                    a7:79:5a:e2:84:6d:2e:6e:8b:ca:05:f7:44:4e:a8:
                    83:46:b3:bf:b2:f8:56:ad:db:6b:33:a7:b5:14:c3:
                    a4:da:2d:c9:ba:f8:96:a3:6d:a3:bf:a6:ad:2f:bf:
                    07:30:31:67:25:71:e1:c5:c8:14:0b:25:d3:82:14:
                    78:0f:48:f7:b5:0d:9f:13:ac:b4:3d:6d:fb:44:bf:
                    34:5b:99:b9:d9:87:ba:0f:02:19:01:85:ef:c9:4e:
                    71:89:be:b8:d7:73:5b:fd:96:9e:1a:d9:1e:af:96:
                    bb:98:f0:5e:f6:47:36:83:5a:d9:53:90:c1:a5:60:
                    ea:52:1e:d9:99:7f:cd:15:08:dc:e5:fd:db:b9:15:
                    34:a0:9f:e2:5f:cb:47:ec:82:d9:b7:27:28:14:d9:
                    1f:2e:60:c9:67:f5:d9:10:44:1b:14:05:e4:84:14:
                    0f:7e:dd:70:f3:6c:bb:d8:54:41:66:0f:24:b8:fd:
                    17:57:9d:21:2e:3a:b2:16:41:5c:30:49:da:e7:cf:
                    82:5d:14:47:ce:a0:79:b4:f5:62:2d:54:c7:80:b4:
                    c4:d7:a1:7d:74:68:bc:c3:2b:85:9a:17:70:94:f0:
                    2e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:DA:B7:00:3A:79:32:A2:48:B1:86:8A:BF:BA:6A:51:0C:9A:03:6F
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/qdq3ADp5MqJIsYaKv7pqUQyaA28.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.124.10.0-79.124.12.255
                  79.124.18.0/23
                  79.124.46.0/24
                  130.185.230.0/23
                  130.185.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:56:c3:7a:0e:16:a3:6c:fd:f2:d8:c3:f3:95:af:14:e4:cb:
         e4:3f:7e:49:4c:5c:64:b9:1d:9b:d9:19:a7:1d:35:8d:b6:82:
         c1:b5:ed:7e:62:e1:78:6c:74:c3:8d:b8:93:d3:68:29:51:65:
         9a:a4:31:eb:ae:e3:f2:b4:26:16:46:af:ad:e0:02:af:79:2f:
         b9:74:9c:d5:e1:00:13:95:23:b3:76:33:ac:29:11:41:26:47:
         cc:97:96:77:6c:c8:76:66:e1:6a:ad:e5:41:4d:44:82:b3:ec:
         69:c1:2b:96:05:98:f4:38:85:c7:12:e8:97:14:b9:29:20:29:
         e8:ad:8f:81:b7:de:6e:46:cc:76:40:78:d3:b7:79:b1:5c:7b:
         fe:d8:98:ac:89:9c:34:42:b0:f4:78:b7:a4:30:5d:00:29:cd:
         6e:cc:54:8c:74:8f:02:c7:60:df:c8:d7:51:9a:3e:36:e0:90:
         8d:8a:de:77:3b:de:96:18:53:c9:a3:f6:e7:cc:b9:b4:d2:f7:
         35:7c:7f:87:96:a1:3b:71:11:63:b4:86:d8:2a:63:11:68:94:
         f5:aa:3a:14:88:f1:60:83:32:a0:7b:e7:4a:2a:9b:52:8f:4d:
         05:90:69:73:27:c1:18:89:39:03:52:de:9d:3d:8c:bc:46:14:
         57:37:2b:cc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEEcU48jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MzVlYWM2NGVhNDgwMmU2ODI0Njg2ZjdjMGQyMDFmMmM4NWNiMmFhMB4XDTIyMDEw
MTE1MDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTlkYWI3MDAzYTc5
MzJhMjQ4YjE4NjhhYmZiYTZhNTEwYzlhMDM2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+U0GVEPIuVmdNLjEGb6T9PzA9uF/ktx3bXJS96p3la4oRt
Lm6LygX3RE6og0azv7L4Vq3bazOntRTDpNotybr4lqNto7+mrS+/BzAxZyVx4cXI
FAsl04IUeA9I97UNnxOstD1t+0S/NFuZudmHug8CGQGF78lOcYm+uNdzW/2WnhrZ
Hq+Wu5jwXvZHNoNa2VOQwaVg6lIe2Zl/zRUI3OX927kVNKCf4l/LR+yC2bcnKBTZ
Hy5gyWf12RBEGxQF5IQUD37dcPNsu9hUQWYPJLj9F1edIS46shZBXDBJ2ufPgl0U
R86gebT1Yi1Ux4C0xNehfXRovMMrhZoXcJTwLpUCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBSp2rcAOnkyokixhoq/umpRDJoDbzAfBgNVHSMEGDAWgBTDXqxk6kgC5oJG
hvfA0gHyyFyyqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3cxNnNaT3BJQXVhQ1JvYjN3TklCOHNoY3Nxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvY2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8x
L3FkcTNBRHA1TXFKSXNZYUt2N3BxVVF5YUEyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
Y2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8xL3cxNnNaT3BJQXVh
Q1JvYjN3TklCOHNoY3Nxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJjAMAwQBT3wKAwQAT3wMAwQBT3wSAwQA
T3wuAwQBgrnmAwQAgrnpMA0GCSqGSIb3DQEBCwUAA4IBAQCNVsN6DhajbP3y2MPz
la8U5MvkP35JTFxkuR2b2RmnHTWNtoLBte1+YuF4bHTDjbiT02gpUWWapDHrruPy
tCYWRq+t4AKveS+5dJzV4QATlSOzdjOsKRFBJkfMl5Z3bMh2ZuFqreVBTUSCs+xp
wSuWBZj0OIXHEuiXFLkpICnorY+Bt95uRsx2QHjTt3mxXHv+2JisiZw0QrD0eLek
MF0AKc1uzFSMdI8Cx2DfyNdRmj424JCNit53O96WGFPJo/bnzLm00vc1fH+HlqE7
cRFjtIbYKmMRaJT1qjoUiPFggzKge+dKKptSj00FkGlzJ8EYiTkDUt6dPYy8RhRX
NyvM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org