Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/IPCDCp9MtxJM86P3X1u3_eW1KTY.roa
File:                     IPCDCp9MtxJM86P3X1u3_eW1KTY.roa (raw, json)
Hash identifier:          O17n4iEZgASBWxZpsyw8N+9YLkqYhycGcU5Yfp6+vtU=
Subject key identifier:   20:F0:83:0A:9F:4C:B7:12:4C:F3:A3:F7:5F:5B:B7:FD:E5:B5:29:36
Certificate issuer:       /CN=37d6706a2e270cb486bb47243463ccbbf9f4d5ca
Certificate serial:       03BAB879
Authority key identifier: 37:D6:70:6A:2E:27:0C:B4:86:BB:47:24:34:63:CC:BB:F9:F4:D5:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N9Zwai4nDLSGu0ckNGPMu_n01co.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/IPCDCp9MtxJM86P3X1u3_eW1KTY.roa
Signing time:             Sat 01 Jan 2022 16:02:42 +0000
ROA not before:           Sat 01 Jan 2022 16:02:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        188.116.35.0/24 maxlen: 24
                          185.206.120.0/24 maxlen: 24
                          2a10:a200::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62568569 (0x3bab879)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37d6706a2e270cb486bb47243463ccbbf9f4d5ca
        Validity
            Not Before: Jan  1 16:02:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=20f0830a9f4cb7124cf3a3f75f5bb7fde5b52936
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5d:da:1f:7d:61:76:db:54:9f:27:c7:8b:b6:
                    2b:52:fb:2c:c6:6a:9b:11:2b:70:2f:43:e3:03:21:
                    2d:7c:84:42:dd:b4:f7:63:54:0a:e7:51:58:d4:68:
                    e0:f3:a4:1d:4c:2c:79:e3:9d:4a:65:58:89:8e:5f:
                    78:49:44:bb:75:4d:e6:c1:f0:1e:39:70:1b:d4:3e:
                    9d:3c:91:ff:c3:30:88:b1:11:ed:e0:55:86:4c:88:
                    e9:c8:45:69:dd:a2:39:25:a8:4a:cc:a5:1b:22:c9:
                    a8:e9:f6:b6:69:fc:31:96:2f:fc:ad:c9:36:24:2e:
                    37:ee:5a:ae:3f:71:67:a6:6d:3a:95:87:53:96:2e:
                    b2:1e:fd:52:be:35:04:a3:14:ac:b6:7e:5b:d0:01:
                    1d:a3:94:21:58:dd:06:c3:49:39:07:76:88:48:c5:
                    25:f6:fe:e2:8e:91:3d:6b:eb:09:5d:8e:91:06:7b:
                    8e:48:0c:05:d3:e2:93:82:f9:ed:3b:8e:ac:d7:1c:
                    0c:0c:55:5c:e0:99:bc:c9:ae:95:54:24:58:48:6c:
                    c4:ee:dd:b6:14:61:c2:50:7a:f9:cc:be:f4:13:6b:
                    ed:43:00:71:04:a6:51:7e:0d:95:60:7b:f0:71:3f:
                    3c:66:67:29:33:e8:30:04:62:12:b9:ff:ec:32:3e:
                    55:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:F0:83:0A:9F:4C:B7:12:4C:F3:A3:F7:5F:5B:B7:FD:E5:B5:29:36
            X509v3 Authority Key Identifier:
                keyid:37:D6:70:6A:2E:27:0C:B4:86:BB:47:24:34:63:CC:BB:F9:F4:D5:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N9Zwai4nDLSGu0ckNGPMu_n01co.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/IPCDCp9MtxJM86P3X1u3_eW1KTY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/N9Zwai4nDLSGu0ckNGPMu_n01co.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.120.0/24
                  188.116.35.0/24
                IPv6:
                  2a10:a200::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:07:57:f4:d3:d7:87:ad:81:9c:06:6b:95:11:36:9f:4e:d8:
         3e:fd:ea:42:e1:f1:e2:8c:6f:7c:69:51:de:a5:9f:21:26:f5:
         46:8f:47:6e:51:15:43:ee:22:62:7d:90:ca:ba:de:d9:d3:c5:
         e2:e0:e1:40:89:6f:7b:dc:4b:d8:23:93:fc:8f:52:b8:17:60:
         d3:6e:d3:fd:8d:26:37:b8:65:36:3e:42:92:ca:de:62:c3:c2:
         b1:3a:e8:55:c9:77:12:eb:4c:27:f9:38:2c:34:b1:0b:d2:bf:
         bc:86:87:e0:5e:fc:4e:57:18:b3:43:3b:5b:12:8d:27:73:b5:
         f0:06:5d:86:a2:f0:d9:ae:3f:10:6b:e9:d8:67:f8:03:9e:a2:
         3d:06:e5:fc:22:e5:00:ef:4d:00:60:01:d4:64:78:97:59:47:
         73:0c:e3:c0:1c:ce:07:37:a7:3f:b0:de:ed:5b:9f:32:18:a8:
         34:61:3f:ed:1e:6e:74:6c:ac:86:ca:b8:c0:23:d0:b8:91:66:
         a8:fb:89:70:0b:32:43:74:18:e3:41:a3:dc:9a:44:9e:e3:4a:
         9f:1d:d4:f9:f9:16:99:ff:23:43:76:71:b7:b3:e6:f2:07:01:
         32:cd:82:91:1c:66:96:e4:9c:3a:a2:a9:f0:72:1c:94:89:24:
         5b:f6:ac:c4
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEA7q4eTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
N2Q2NzA2YTJlMjcwY2I0ODZiYjQ3MjQzNDYzY2NiYmY5ZjRkNWNhMB4XDTIyMDEw
MTE2MDI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBmMDgzMGE5ZjRj
YjcxMjRjZjNhM2Y3NWY1YmI3ZmRlNWI1MjkzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNd2h99YXbbVJ8nx4u2K1L7LMZqmxErcC9D4wMhLXyEQt20
92NUCudRWNRo4POkHUwseeOdSmVYiY5feElEu3VN5sHwHjlwG9Q+nTyR/8MwiLER
7eBVhkyI6chFad2iOSWoSsylGyLJqOn2tmn8MZYv/K3JNiQuN+5arj9xZ6ZtOpWH
U5Yush79Ur41BKMUrLZ+W9ABHaOUIVjdBsNJOQd2iEjFJfb+4o6RPWvrCV2OkQZ7
jkgMBdPik4L57TuOrNccDAxVXOCZvMmulVQkWEhsxO7dthRhwlB6+cy+9BNr7UMA
cQSmUX4NlWB78HE/PGZnKTPoMARiErn/7DI+VRkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQg8IMKn0y3Ekzzo/dfW7f95bUpNjAfBgNVHSMEGDAWgBQ31nBqLicMtIa7
RyQ0Y8y7+fTVyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L045WndhaTRuRExTR3UwY2tOR1BNdV9uMDFjby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvZGM3NmZmLTJiMzUtNDJiZS1hYjU2LTVkZjJkZTA4YjY5NS8x
L0lQQ0RDcDlNdHhKTTg2UDNYMXUzX2VXMUtUWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
ZGM3NmZmLTJiMzUtNDJiZS1hYjU2LTVkZjJkZTA4YjY5NS8xL045WndhaTRuRExT
R3UwY2tOR1BNdV9uMDFjby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEALnOeAMEALx0IzAPBAIAAjAJAwcA
KhCiAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQACB1f009eHrYGcBmuVETafTtg+/epC
4fHijG98aVHepZ8hJvVGj0duURVD7iJifZDKut7Z08Xi4OFAiW973EvYI5P8j1K4
F2DTbtP9jSY3uGU2PkKSyt5iw8KxOuhVyXcS60wn+TgsNLEL0r+8hofgXvxOVxiz
QztbEo0nc7XwBl2GovDZrj8Qa+nYZ/gDnqI9BuX8IuUA700AYAHUZHiXWUdzDOPA
HM4HN6c/sN7tW58yGKg0YT/tHm50bKyGyrjAI9C4kWao+4lwCzJDdBjjQaPcmkSe
40qfHdT5+RaZ/yNDdnG3s+byBwEyzYKRHGaW5Jw6oqnwchyUiSRb9qzE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:02 2024 by rpki-client on console-fra.rpki-client.org