Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/Pqes46HgfnkFP07tbvwU75ZFwDc.roa
File:                     Pqes46HgfnkFP07tbvwU75ZFwDc.roa (raw, json)
Hash identifier:          /3wHkGs8fqTxgJget1tukUM2oKnCHGa5BGBJqFS3i9s=
Subject key identifier:   3E:A7:AC:E3:A1:E0:7E:79:05:3F:4E:ED:6E:FC:14:EF:96:45:C0:37
Certificate issuer:       /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial:       0AF574D4
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/Pqes46HgfnkFP07tbvwU75ZFwDc.roa
Signing time:             Tue 29 Mar 2022 12:37:07 +0000
ROA not before:           Tue 29 Mar 2022 12:37:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197648
IP address blocks:        85.239.40.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 183858388 (0xaf574d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
        Validity
            Not Before: Mar 29 12:37:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3ea7ace3a1e07e79053f4eed6efc14ef9645c037
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:70:66:ef:95:8c:72:ba:c2:b3:1a:cd:d8:52:
                    f2:6b:51:95:20:cf:99:12:11:6c:12:7d:39:41:bd:
                    e7:97:b9:5b:62:9a:8c:dc:65:cf:3f:9d:dd:3f:fe:
                    f4:78:ec:30:9a:06:1a:c6:d9:25:cc:13:68:2d:8e:
                    44:e9:64:92:ba:2e:42:ae:66:bb:0e:c3:2b:7f:52:
                    c0:55:5c:c1:1a:45:a1:36:24:9c:dc:0c:9c:ab:5b:
                    3f:8b:de:5b:93:c1:03:5f:88:75:22:39:23:1e:b4:
                    98:6d:9f:13:13:2a:d7:5b:34:88:b9:45:bc:bc:27:
                    de:2c:50:29:41:f9:9f:0e:e5:0a:a1:f7:75:ab:95:
                    91:f2:ff:c9:e2:71:b8:97:8b:b2:9a:10:3f:00:92:
                    3b:80:65:0a:e9:f5:26:fa:9a:b9:e4:2d:dc:35:52:
                    9f:2a:75:a2:70:3e:60:10:94:2f:9a:d8:84:69:67:
                    7b:1a:dc:b3:c1:87:c7:06:85:1e:fe:96:ea:14:27:
                    7b:9d:30:9e:04:7d:43:95:77:b4:cc:e8:a0:db:e4:
                    94:39:0a:c6:ac:cc:0a:63:c4:a0:c0:55:00:d9:58:
                    bf:f3:54:9f:2f:73:45:3d:1f:a9:2f:ed:45:7d:e8:
                    ad:c7:e1:47:5e:99:b0:88:7f:ed:5d:7c:33:fe:08:
                    a3:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:A7:AC:E3:A1:E0:7E:79:05:3F:4E:ED:6E:FC:14:EF:96:45:C0:37
            X509v3 Authority Key Identifier:
                keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/Pqes46HgfnkFP07tbvwU75ZFwDc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.239.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         54:fb:c0:60:c7:db:f5:51:8a:d9:63:49:ae:5d:79:37:76:e1:
         41:74:33:6c:46:f8:2c:15:73:84:a5:9d:fe:49:19:43:1a:1b:
         ef:ec:ca:63:75:e2:0b:1f:02:63:26:71:97:fb:f7:27:ba:44:
         28:2b:61:2a:72:30:36:5c:69:d4:30:e6:04:d3:d8:3e:cd:16:
         a9:1f:a7:9a:02:70:fe:69:cb:f8:44:d6:79:f1:a5:0f:57:1a:
         9e:8e:a2:87:a3:3f:ae:72:77:47:ee:8d:49:e5:7e:4b:ac:9b:
         9b:48:f0:ea:8e:3c:63:5e:f8:d7:4e:98:e7:4b:2f:52:e2:5b:
         a5:ec:55:35:2b:82:59:13:63:aa:0c:67:a8:2f:53:22:a7:f3:
         f0:b7:72:2f:b1:aa:bd:d8:51:be:d9:67:55:2b:8d:b0:2c:ee:
         38:50:e0:23:0a:0e:74:74:73:99:2e:81:fc:32:5d:ba:64:d0:
         a7:7b:f2:be:4b:d5:c8:a8:f7:53:53:a9:3b:11:12:59:ce:2b:
         b6:e9:f4:26:61:c6:95:a0:44:f6:2f:99:c8:58:32:b1:18:64:
         93:af:9b:ae:55:63:ff:b5:d5:d3:8b:57:fa:61:97:df:db:a0:
         71:49:54:2c:d4:3f:ab:1b:b0:9c:7f:32:b5:34:2b:8f:6b:55:
         54:fe:50:9f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECvV01DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjdlYzk0MjNiZjkwYzgxZDIyZDk0ODQxYzEwMzU3YTU0MjYwMzc5MB4XDTIyMDMy
OTEyMzcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VhN2FjZTNhMWUw
N2U3OTA1M2Y0ZWVkNmVmYzE0ZWY5NjQ1YzAzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxwZu+VjHK6wrMazdhS8mtRlSDPmRIRbBJ9OUG955e5W2Ka
jNxlzz+d3T/+9HjsMJoGGsbZJcwTaC2OROlkkrouQq5muw7DK39SwFVcwRpFoTYk
nNwMnKtbP4veW5PBA1+IdSI5Ix60mG2fExMq11s0iLlFvLwn3ixQKUH5nw7lCqH3
dauVkfL/yeJxuJeLspoQPwCSO4BlCun1JvqaueQt3DVSnyp1onA+YBCUL5rYhGln
exrcs8GHxwaFHv6W6hQne50wngR9Q5V3tMzooNvklDkKxqzMCmPEoMBVANlYv/NU
ny9zRT0fqS/tRX3orcfhR16ZsIh/7V18M/4Io08CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+p6zjoeB+eQU/Tu1u/BTvlkXANzAfBgNVHSMEGDAWgBQ7fslCO/kMgdIt
lIQcEDV6VCYDeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08zN0pRanY1RElIU0xaU0VIQkExZWxRbUEzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8x
L1BxZXM0NkhnZm5rRlAwN3RidndVNzVaRndEYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8xL08zN0pRanY1RElI
U0xaU0VIQkExZWxRbUEzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVXvKDANBgkqhkiG9w0BAQsFAAOC
AQEAVPvAYMfb9VGK2WNJrl15N3bhQXQzbEb4LBVzhKWd/kkZQxob7+zKY3XiCx8C
YyZxl/v3J7pEKCthKnIwNlxp1DDmBNPYPs0WqR+nmgJw/mnL+ETWefGlD1cano6i
h6M/rnJ3R+6NSeV+S6ybm0jw6o48Y174106Y50svUuJbpexVNSuCWRNjqgxnqC9T
Iqfz8LdyL7GqvdhRvtlnVSuNsCzuOFDgIwoOdHRzmS6B/DJdumTQp3vyvkvVyKj3
U1OpOxESWc4rtun0JmHGlaBE9i+ZyFgysRhkk6+brlVj/7XV04tX+mGX39ugcUlU
LNQ/qxuwnH8ytTQrj2tVVP5Qnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:28 2024 by rpki-client on console-ams.rpki-client.org