Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/s7ubmki31frlXxlHxJzXMI_VVYA.roa
File:                     s7ubmki31frlXxlHxJzXMI_VVYA.roa (raw, json)
Hash identifier:          IlOhloZkb0OukqlLZolZXO1toU22A0FKcZET7h1iNEU=
Subject key identifier:   B3:BB:9B:9A:48:B7:D5:FA:E5:5F:19:47:C4:9C:D7:30:8F:D5:55:80
Certificate issuer:       /CN=a2e606c7e93fed36ef90d42ce4a97260bb8aa9c1
Certificate serial:       09D4FDE1
Authority key identifier: A2:E6:06:C7:E9:3F:ED:36:EF:90:D4:2C:E4:A9:72:60:BB:8A:A9:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ouYGx-k_7TbvkNQs5KlyYLuKqcE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/s7ubmki31frlXxlHxJzXMI_VVYA.roa
Signing time:             Sat 01 Jan 2022 01:54:07 +0000
ROA not before:           Sat 01 Jan 2022 01:54:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60733
IP address blocks:        88.218.136.0/22 maxlen: 24
                          2a09:ab80::/29 maxlen: 60

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 164953569 (0x9d4fde1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2e606c7e93fed36ef90d42ce4a97260bb8aa9c1
        Validity
            Not Before: Jan  1 01:54:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b3bb9b9a48b7d5fae55f1947c49cd7308fd55580
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:83:9b:af:17:36:c9:6c:a2:74:68:9d:98:0f:
                    a7:34:85:e3:24:f1:be:fd:55:37:7d:28:50:3f:24:
                    17:1c:ba:b3:c3:01:d3:a3:d7:19:10:c7:85:e4:37:
                    49:05:bb:c9:ca:7f:d3:a0:27:8e:a5:3f:17:19:91:
                    ce:8e:0c:3d:53:3c:c4:01:8a:47:9e:68:11:14:53:
                    a8:83:83:70:5d:5f:a6:6b:99:b0:1a:c8:3e:92:ef:
                    6f:8a:0e:0f:8e:3d:ec:28:84:ab:b4:84:a1:4d:7a:
                    85:49:d2:a7:dd:0a:85:df:b3:2f:41:43:47:a9:14:
                    02:fb:69:52:23:61:ad:f8:99:e9:2d:f0:b2:91:96:
                    81:ef:15:80:4f:10:64:ae:15:6c:2d:95:29:3e:b7:
                    d3:24:00:4b:fc:65:ae:b2:df:5e:ab:7b:c3:a2:00:
                    64:a0:0d:73:ff:a1:c3:7c:7a:d8:7d:65:ab:15:64:
                    5c:68:89:cc:64:ef:5e:33:1a:76:aa:18:a9:4e:5f:
                    7e:8b:ac:2e:b9:61:50:de:0d:91:5e:b6:60:56:53:
                    cd:df:d4:19:89:2e:6c:24:8e:53:a4:00:f1:f9:82:
                    db:43:1c:53:5e:bb:25:a4:46:18:66:d8:a6:18:95:
                    ce:2a:39:1a:ce:4f:f1:76:3f:2b:dc:5b:21:7e:5a:
                    2d:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:BB:9B:9A:48:B7:D5:FA:E5:5F:19:47:C4:9C:D7:30:8F:D5:55:80
            X509v3 Authority Key Identifier:
                keyid:A2:E6:06:C7:E9:3F:ED:36:EF:90:D4:2C:E4:A9:72:60:BB:8A:A9:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ouYGx-k_7TbvkNQs5KlyYLuKqcE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/s7ubmki31frlXxlHxJzXMI_VVYA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/ouYGx-k_7TbvkNQs5KlyYLuKqcE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.136.0/22
                IPv6:
                  2a09:ab80::/29

    Signature Algorithm: sha256WithRSAEncryption
         bc:a0:94:a0:de:ed:ab:26:77:8f:a0:6f:fd:ee:9d:3c:01:8d:
         87:05:06:07:54:1d:d5:a0:2d:22:5c:71:8e:3e:e3:42:7f:b6:
         33:10:b6:4e:15:46:4b:ee:66:11:b3:42:80:05:59:ea:de:5a:
         0c:15:24:a4:88:3e:06:f6:03:ab:ce:f3:32:c8:94:c9:45:39:
         05:d9:43:dc:ee:d8:4f:99:04:9e:05:ee:6e:8f:36:1a:c5:05:
         88:f8:93:06:41:60:5c:66:6a:4c:0e:19:bb:4b:57:ee:91:72:
         4e:84:f9:dc:4a:29:60:7b:5e:00:de:fa:ba:e3:d6:df:bb:db:
         18:5d:44:26:08:cf:b5:ec:2b:7f:a3:60:a7:ac:70:07:00:fa:
         7a:f3:28:0b:42:10:2a:4e:25:95:a2:b1:7b:42:4f:c2:d3:91:
         d9:9f:f0:4d:f2:e0:5c:d8:ed:66:90:0f:6e:c5:ed:43:40:1d:
         37:44:95:76:11:b1:6b:b2:dc:42:84:9b:e1:bd:43:a5:be:9a:
         73:5e:fd:72:a5:bf:7d:05:cd:1b:ff:c4:18:91:51:89:86:53:
         6c:cf:0e:37:a7:38:48:b9:0c:bf:00:30:e2:bd:c1:20:58:cb:
         fe:a0:54:63:68:d6:c5:c5:e4:c9:9a:19:e6:f5:cd:c0:a7:73:
         aa:77:db:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECdT94TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MmU2MDZjN2U5M2ZlZDM2ZWY5MGQ0MmNlNGE5NzI2MGJiOGFhOWMxMB4XDTIyMDEw
MTAxNTQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjNiYjliOWE0OGI3
ZDVmYWU1NWYxOTQ3YzQ5Y2Q3MzA4ZmQ1NTU4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+Dm68XNslsonRonZgPpzSF4yTxvv1VN30oUD8kFxy6s8MB
06PXGRDHheQ3SQW7ycp/06AnjqU/FxmRzo4MPVM8xAGKR55oERRTqIODcF1fpmuZ
sBrIPpLvb4oOD4497CiEq7SEoU16hUnSp90Khd+zL0FDR6kUAvtpUiNhrfiZ6S3w
spGWge8VgE8QZK4VbC2VKT630yQAS/xlrrLfXqt7w6IAZKANc/+hw3x62H1lqxVk
XGiJzGTvXjMadqoYqU5ffousLrlhUN4NkV62YFZTzd/UGYkubCSOU6QA8fmC20Mc
U167JaRGGGbYphiVzio5Gs5P8XY/K9xbIX5aLX0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSzu5uaSLfV+uVfGUfEnNcwj9VVgDAfBgNVHSMEGDAWgBSi5gbH6T/tNu+Q
1CzkqXJgu4qpwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L291WUd4LWtfN1RidmtOUXM1S2x5WUx1S3FjRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvZDNlMjNmLTBlNWEtNDkyMy1hYjJmLWE5ZWEyMDU3MDQyYi8x
L3M3dWJta2kzMWZybFh4bEh4SnpYTUlfVlZZQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
ZDNlMjNmLTBlNWEtNDkyMy1hYjJmLWE5ZWEyMDU3MDQyYi8xL291WUd4LWtfN1Ri
dmtOUXM1S2x5WUx1S3FjRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAljaiDANBAIAAjAHAwUDKgmrgDAN
BgkqhkiG9w0BAQsFAAOCAQEAvKCUoN7tqyZ3j6Bv/e6dPAGNhwUGB1Qd1aAtIlxx
jj7jQn+2MxC2ThVGS+5mEbNCgAVZ6t5aDBUkpIg+BvYDq87zMsiUyUU5BdlD3O7Y
T5kEngXubo82GsUFiPiTBkFgXGZqTA4Zu0tX7pFyToT53EopYHteAN76uuPW37vb
GF1EJgjPtewrf6Ngp6xwBwD6evMoC0IQKk4llaKxe0JPwtOR2Z/wTfLgXNjtZpAP
bsXtQ0AdN0SVdhGxa7LcQoSb4b1Dpb6ac179cqW/fQXNG//EGJFRiYZTbM8ON6c4
SLkMvwAw4r3BIFjL/qBUY2jWxcXkyZoZ5vXNwKdzqnfbXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:10 2024 by rpki-client on console-ams.rpki-client.org