Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/3-dCVBA83E4NvgRPFp-ov1jIOCs.roa
File:                     3-dCVBA83E4NvgRPFp-ov1jIOCs.roa (raw, json)
Hash identifier:          bym+oMvBsfOaCyOYNNSU+QLrH3B9P3h8vKaTCdvVNOs=
Subject key identifier:   DF:E7:42:54:10:3C:DC:4E:0D:BE:04:4F:16:9F:A8:BF:58:C8:38:2B
Certificate issuer:       /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial:       383A8134
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/3-dCVBA83E4NvgRPFp-ov1jIOCs.roa
Signing time:             Sat 01 Jan 2022 10:03:45 +0000
ROA not before:           Sat 01 Jan 2022 10:03:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39040
IP address blocks:        77.95.120.192/26 maxlen: 26
                          77.95.120.128/27 maxlen: 27
                          77.95.120.160/27 maxlen: 27
                          77.95.120.0/24 maxlen: 24
                          212.103.64.0/24 maxlen: 24
                          2a02:388::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 943358260 (0x383a8134)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
        Validity
            Not Before: Jan  1 10:03:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dfe74254103cdc4e0dbe044f169fa8bf58c8382b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:51:6d:5e:fa:66:dd:1b:20:fa:5b:20:07:b0:
                    69:4f:46:95:0b:df:40:e2:fa:9c:4c:6b:07:3a:e6:
                    ed:14:fa:fc:c1:a2:23:77:86:2b:7c:b5:f5:cb:a5:
                    d1:60:3f:08:fb:66:05:32:d9:f9:35:2f:65:48:80:
                    ce:77:13:b3:1a:ba:97:f9:cb:7e:51:eb:3f:ae:26:
                    85:5f:fb:ce:40:44:fc:22:db:78:ca:ce:2b:fd:19:
                    77:68:51:2b:43:de:43:7c:65:b8:04:e5:a9:2d:75:
                    4a:d7:14:b3:a8:40:a1:83:e8:d6:4e:66:94:8e:83:
                    26:0f:f9:c5:c3:c3:4d:d3:ad:ff:61:35:cc:4d:56:
                    93:d7:49:32:68:6f:10:ff:4e:32:f9:17:dc:4d:ac:
                    94:6f:97:2a:36:9d:a2:6d:38:d2:db:55:88:26:5e:
                    e6:66:30:5c:28:bb:03:cb:fb:f1:33:4a:dd:04:a7:
                    4a:9e:0f:f8:57:b6:f4:e0:ab:71:24:a9:60:01:d1:
                    71:c9:f4:4c:8a:ae:bc:d4:fb:4e:6d:f3:4d:c1:03:
                    17:49:f0:db:1f:eb:3c:b1:1d:15:fa:69:e0:2b:fd:
                    e9:ce:43:b9:96:1a:d9:6c:67:46:62:1c:70:30:14:
                    ae:4c:f0:6b:63:fc:94:da:d5:fc:47:87:b7:bd:8b:
                    76:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:E7:42:54:10:3C:DC:4E:0D:BE:04:4F:16:9F:A8:BF:58:C8:38:2B
            X509v3 Authority Key Identifier:
                keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/3-dCVBA83E4NvgRPFp-ov1jIOCs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.95.120.0/24
                  212.103.64.0/24
                IPv6:
                  2a02:388::/32

    Signature Algorithm: sha256WithRSAEncryption
         2c:93:3d:32:cd:d3:db:8b:f0:05:8b:61:21:e3:20:78:ad:6e:
         66:55:28:25:ec:6b:30:a7:a1:e6:36:d3:42:0a:16:da:46:a8:
         97:a0:db:fe:11:da:d5:d5:36:ce:2f:69:1e:a6:e8:c8:1a:e7:
         4e:b3:55:a8:88:0f:b2:de:c7:d5:a0:11:e2:13:ca:f0:bb:3f:
         0a:fd:02:e2:b0:de:7e:79:ba:1d:d4:47:4d:0e:b4:79:c2:90:
         02:c0:ad:4c:18:04:b8:a6:e7:05:b4:17:19:8e:d9:b8:bf:f9:
         32:b6:93:57:ce:a7:0f:95:8e:28:cd:63:ca:11:16:32:48:1f:
         92:f5:84:27:fe:00:d3:7c:e2:b3:c7:30:96:95:8a:0d:6e:ec:
         b6:5c:48:b5:de:45:0a:c5:01:c3:74:aa:55:37:8a:3e:68:42:
         42:b0:90:88:d0:be:aa:09:b4:ec:ac:a3:92:57:e2:cb:1d:03:
         3b:6f:c0:63:c8:a0:a2:45:56:bb:f8:99:c6:02:bd:28:9f:5f:
         76:61:74:bd:ef:b0:56:ac:b6:ba:31:3e:b9:02:69:fa:e5:b3:
         11:6f:7e:02:61:73:82:49:cd:db:82:ed:15:d3:8d:df:ff:d0:
         b9:28:da:22:11:5d:e8:bc:f5:b5:8c:5f:76:64:3a:ee:b8:0f:
         94:94:23:02
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEODqBNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODAxNWNjOGRhMWYxYmJmMzQzZTI2YWIyMDhkZjhiYjI2ZmQ1M2FlMB4XDTIyMDEw
MTEwMDM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZlNzQyNTQxMDNj
ZGM0ZTBkYmUwNDRmMTY5ZmE4YmY1OGM4MzgyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIlRbV76Zt0bIPpbIAewaU9GlQvfQOL6nExrBzrm7RT6/MGi
I3eGK3y19cul0WA/CPtmBTLZ+TUvZUiAzncTsxq6l/nLflHrP64mhV/7zkBE/CLb
eMrOK/0Zd2hRK0PeQ3xluATlqS11StcUs6hAoYPo1k5mlI6DJg/5xcPDTdOt/2E1
zE1Wk9dJMmhvEP9OMvkX3E2slG+XKjadom040ttViCZe5mYwXCi7A8v78TNK3QSn
Sp4P+Fe29OCrcSSpYAHRccn0TIquvNT7Tm3zTcEDF0nw2x/rPLEdFfpp4Cv96c5D
uZYa2WxnRmIccDAUrkzwa2P8lNrV/EeHt72LdiMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTf50JUEDzcTg2+BE8Wn6i/WMg4KzAfBgNVHSMEGDAWgBRYAVzI2h8bvzQ+
Jqsgjfi7Jv1TrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dBRmN5Tm9mRzc4MFBpYXJJSTM0dXliOVU2NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvZDQxNzVkLTE5MmMtNDE4Yy05NzJmLThlZTIxYjc0ZGQ1Ni8x
LzMtZENWQkE4M0U0TnZnUlBGcC1vdjFqSU9Dcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ZDQxNzVkLTE5MmMtNDE4Yy05NzJmLThlZTIxYjc0ZGQ1Ni8xL1dBRmN5Tm9mRzc4
MFBpYXJJSTM0dXliOVU2NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAE1feAMEANRnQDANBAIAAjAHAwUA
KgIDiDANBgkqhkiG9w0BAQsFAAOCAQEALJM9Ms3T24vwBYthIeMgeK1uZlUoJexr
MKeh5jbTQgoW2kaol6Db/hHa1dU2zi9pHqboyBrnTrNVqIgPst7H1aAR4hPK8Ls/
Cv0C4rDefnm6HdRHTQ60ecKQAsCtTBgEuKbnBbQXGY7ZuL/5MraTV86nD5WOKM1j
yhEWMkgfkvWEJ/4A03zis8cwlpWKDW7stlxItd5FCsUBw3SqVTeKPmhCQrCQiNC+
qgm07Kyjklfiyx0DO2/AY8igokVWu/iZxgK9KJ9fdmF0ve+wVqy2ujE+uQJp+uWz
EW9+AmFzgknN24LtFdON3//QuSjaIhFd6Lz1tYxfdmQ67rgPlJQjAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:43 2024 by rpki-client on console-ams.rpki-client.org