Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3Cae1jKpOVlW0WcBUSmyt4nKd0I.roa
File:                     3Cae1jKpOVlW0WcBUSmyt4nKd0I.roa (raw, json)
Hash identifier:          Xynf1eygLvX43i075U8Bp2nft7xT9uKQii1C3vZw1GU=
Subject key identifier:   DC:26:9E:D6:32:A9:39:59:56:D1:67:01:51:29:B2:B7:89:CA:77:42
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       018249916BA036370A2222C26EDB030173B3
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3Cae1jKpOVlW0WcBUSmyt4nKd0I.roa
Signing time:             Fri 29 Jul 2022 10:47:23 +0000
ROA not before:           Fri 29 Jul 2022 10:47:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8990
IP address blocks:        45.88.94.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:49:91:6b:a0:36:37:0a:22:22:c2:6e:db:03:01:73:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jul 29 10:47:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dc269ed632a9395956d167015129b2b789ca7742
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:96:a2:bf:50:01:86:9e:e7:29:f2:ac:27:e4:
                    5e:11:e4:63:21:b7:d3:9b:89:aa:ce:5a:4a:27:bc:
                    00:66:41:d2:10:10:3b:bf:36:71:d3:fb:67:8c:3b:
                    8f:e9:d3:93:f8:94:93:87:b6:9f:2e:bd:94:5d:3e:
                    e3:a7:97:b5:d4:40:67:17:82:da:3c:a9:4f:ff:40:
                    41:57:fe:dc:dc:fd:70:39:f3:fc:cd:38:e9:65:4f:
                    3e:f8:fa:26:3a:45:eb:d0:1f:a8:83:7f:1f:33:d8:
                    31:14:22:16:5c:31:b2:9d:6f:b8:66:4e:7a:c7:48:
                    59:3c:40:86:18:21:19:be:2a:be:06:e3:3f:0b:86:
                    9f:32:44:7c:fe:ec:dd:39:ff:95:31:78:f7:ec:41:
                    bb:a0:12:8d:e7:20:6a:5e:88:de:d6:8a:72:c6:d5:
                    06:bd:b8:01:bd:16:6f:15:21:5b:37:d5:37:a1:c4:
                    e7:6f:27:5b:53:3e:96:f4:c6:cf:dd:c0:6e:26:e5:
                    a6:8a:14:2b:fe:21:5c:5b:6c:06:c3:4a:db:e3:09:
                    51:f6:08:26:c5:2f:9b:6c:fd:19:8b:d5:9d:61:54:
                    c3:6e:ba:1f:78:6c:fb:6a:98:cb:e2:9e:3c:d1:c7:
                    98:d3:43:de:67:db:51:41:2e:5b:6e:31:2e:a9:f9:
                    2c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:26:9E:D6:32:A9:39:59:56:D1:67:01:51:29:B2:B7:89:CA:77:42
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3Cae1jKpOVlW0WcBUSmyt4nKd0I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:ac:ab:06:2a:3e:4c:71:cb:e4:d6:63:b3:33:67:f7:4f:94:
         d7:b5:08:50:4f:62:ea:13:60:e5:4e:70:a9:57:91:d6:79:1f:
         7f:c4:a5:8e:f5:42:61:56:e8:62:51:e2:4e:23:33:87:18:6e:
         e4:81:f3:4e:5c:af:31:7a:d2:4b:f9:ec:ab:2e:90:4d:62:5f:
         ee:5c:5b:b1:44:64:5e:2b:de:0a:fa:37:e8:62:9a:14:3c:6b:
         60:73:4f:95:cd:44:04:bd:6b:dd:08:47:38:94:1c:32:ea:14:
         38:67:c0:a1:e1:52:5c:76:d3:a5:c0:36:86:75:0f:af:66:e4:
         fb:f4:13:14:0b:2d:5b:b4:66:f4:97:ca:45:5f:e8:96:83:04:
         d0:4e:eb:dd:68:72:93:b5:76:57:d9:65:57:5f:61:26:ef:0f:
         ff:4e:3e:9e:21:57:62:f4:8e:36:8e:35:d6:6f:0f:3d:43:82:
         b9:65:c6:1a:f1:d8:aa:9a:bb:7a:df:02:28:4e:4a:a1:3e:7e:
         db:29:4e:46:cd:d8:d1:74:8e:5a:c7:04:74:27:f9:4e:95:ae:
         15:4f:e1:6b:5a:22:49:b4:09:65:8a:78:dc:a3:4d:bb:e4:81:
         d2:0d:d9:88:1c:4d:03:e9:11:2e:f2:af:27:32:2a:ba:22:b8:
         c3:b8:17:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJJkWugNjcKIiLCbtsDAXOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzI5MTA0NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzI2OWVkNjMyYTkzOTU5NTZkMTY3MDE1MTI5YjJiNzg5Y2E3NzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5aiv1ABhp7nKfKsJ+ReEeRjIbfT
m4mqzlpKJ7wAZkHSEBA7vzZx0/tnjDuP6dOT+JSTh7afLr2UXT7jp5e11EBnF4La
PKlP/0BBV/7c3P1wOfP8zTjpZU8++PomOkXr0B+og38fM9gxFCIWXDGynW+4Zk56
x0hZPECGGCEZviq+BuM/C4afMkR8/uzdOf+VMXj37EG7oBKN5yBqXoje1opyxtUG
vbgBvRZvFSFbN9U3ocTnbydbUz6W9MbP3cBuJuWmihQr/iFcW2wGw0rb4wlR9ggm
xS+bbP0Zi9WdYVTDbrofeGz7apjL4p480ceY00PeZ9tRQS5bbjEuqfkskwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwmntYyqTlZVtFnAVEpsreJyndCMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvM0NhZTFqS3BPVmxXMFdjQlVTbXl0NG5LZDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVheMA0G
CSqGSIb3DQEBCwUAA4IBAQA2rKsGKj5Mccvk1mOzM2f3T5TXtQhQT2LqE2DlTnCp
V5HWeR9/xKWO9UJhVuhiUeJOIzOHGG7kgfNOXK8xetJL+eyrLpBNYl/uXFuxRGRe
K94K+jfoYpoUPGtgc0+VzUQEvWvdCEc4lBwy6hQ4Z8Ch4VJcdtOlwDaGdQ+vZuT7
9BMUCy1btGb0l8pFX+iWgwTQTuvdaHKTtXZX2WVXX2Em7w//Tj6eIVdi9I42jjXW
bw89Q4K5ZcYa8diqmrt63wIoTkqhPn7bKU5GzdjRdI5axwR0J/lOla4VT+FrWiJJ
tAllinjco0275IHSDdmIHE0D6REu8q8nMiq6IrjDuBfJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:26 2024 by rpki-client on console-fra.rpki-client.org