Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/ddhN7yqiZkro3P5iiap59B5Pa7M.roa
File:                     ddhN7yqiZkro3P5iiap59B5Pa7M.roa (raw, json)
Hash identifier:          c2fokB6laq83FhNVrbaJtIEMQsNyPIiOgR8TTJZWWx8=
Subject key identifier:   75:D8:4D:EF:2A:A2:66:4A:E8:DC:FE:62:89:AA:79:F4:1E:4F:6B:B3
Certificate issuer:       /CN=f764eed15c52b4c8110a222963dc7b7d4ba2d146
Certificate serial:       3488105F
Authority key identifier: F7:64:EE:D1:5C:52:B4:C8:11:0A:22:29:63:DC:7B:7D:4B:A2:D1:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/ddhN7yqiZkro3P5iiap59B5Pa7M.roa
Signing time:             Sat 01 Jan 2022 04:55:43 +0000
ROA not before:           Sat 01 Jan 2022 04:55:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202920
IP address blocks:        84.38.131.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 881332319 (0x3488105f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f764eed15c52b4c8110a222963dc7b7d4ba2d146
        Validity
            Not Before: Jan  1 04:55:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75d84def2aa2664ae8dcfe6289aa79f41e4f6bb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:4d:74:ff:69:cd:17:58:ff:2a:83:ef:ee:e1:
                    ba:3a:b7:94:ee:1a:3b:ac:09:30:08:04:48:a3:c4:
                    14:76:16:de:db:63:57:de:99:ba:ea:3e:10:29:5a:
                    8b:e3:32:35:25:ef:58:96:27:6b:7d:a1:c6:f7:31:
                    cd:40:ec:c0:1c:45:e7:02:ee:2e:85:8d:4f:2d:22:
                    08:9f:52:a2:1b:63:9e:9d:3e:d5:b0:89:e2:7d:b7:
                    33:2d:10:3b:fd:76:29:67:80:99:43:e8:05:7f:db:
                    92:63:82:4f:d3:f0:6c:94:49:13:db:37:cb:02:a0:
                    9c:53:87:f1:d8:39:f4:c5:cb:e7:7b:e8:3c:7f:4f:
                    bc:96:d6:e1:b8:af:e7:2d:5e:e4:a3:e9:cc:38:0b:
                    c1:05:43:b4:d9:0b:f7:7c:29:72:53:40:af:2f:3f:
                    fd:64:34:e4:64:1c:c3:71:c8:c1:82:59:0a:22:ae:
                    98:35:e8:e4:ec:93:d1:be:2d:a6:5c:a4:78:f3:24:
                    98:2f:e8:9d:eb:b6:7b:40:d2:4d:81:81:4e:f9:c7:
                    ac:5d:cd:46:ba:f8:d2:27:31:63:73:4c:ae:a3:ec:
                    c2:ed:10:87:73:85:03:6b:04:91:e8:16:11:b4:1e:
                    f0:82:de:e7:dc:87:f0:31:97:8f:86:37:ff:be:2d:
                    20:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:D8:4D:EF:2A:A2:66:4A:E8:DC:FE:62:89:AA:79:F4:1E:4F:6B:B3
            X509v3 Authority Key Identifier:
                keyid:F7:64:EE:D1:5C:52:B4:C8:11:0A:22:29:63:DC:7B:7D:4B:A2:D1:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/ddhN7yqiZkro3P5iiap59B5Pa7M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/92Tu0VxStMgRCiIpY9x7fUui0UY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.38.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:98:41:72:5b:81:e9:28:96:f3:fb:c3:b0:c4:c8:fe:67:48:
         ab:a8:19:87:ba:38:ee:e5:0b:ec:c2:7a:8f:79:c1:90:29:0b:
         36:c8:69:13:bf:67:15:70:d3:7d:80:02:88:65:27:d7:8b:73:
         b6:af:b2:98:0f:c6:0b:08:69:aa:e9:32:7f:ec:69:9b:b2:b3:
         2f:7e:50:83:be:78:aa:30:b8:4a:68:36:0a:47:de:2e:d6:6e:
         e6:5d:9c:f7:5d:f3:05:06:9b:dc:b3:cd:f8:76:f2:51:63:0f:
         fb:dc:87:d1:ae:91:78:c0:cc:29:4a:c3:9b:d5:ab:8b:95:f3:
         aa:89:ea:5d:72:ce:8d:b9:f5:9b:b6:1b:4f:1b:69:59:42:d8:
         b7:20:62:47:2e:4c:48:28:e4:68:75:3f:37:36:ee:fd:14:1e:
         35:b9:ad:57:cf:36:e6:62:a5:98:6e:f4:9c:46:1e:22:3c:29:
         3f:ae:4a:e2:52:d3:aa:93:e6:f5:f7:20:26:83:59:84:4a:23:
         8e:fe:56:29:89:c4:bf:f9:5e:fd:67:c1:80:17:bb:42:8a:d9:
         03:5f:44:20:d4:4a:8a:4d:46:97:68:66:23:e7:ca:b8:35:22:
         cd:9e:7d:8a:d2:ed:97:72:d9:b1:c7:cd:75:6d:49:f1:35:e4:
         d2:a7:19:59
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENIgQXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzY0ZWVkMTVjNTJiNGM4MTEwYTIyMjk2M2RjN2I3ZDRiYTJkMTQ2MB4XDTIyMDEw
MTA0NTU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVkODRkZWYyYWEy
NjY0YWU4ZGNmZTYyODlhYTc5ZjQxZTRmNmJiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRNdP9pzRdY/yqD7+7hujq3lO4aO6wJMAgESKPEFHYW3ttj
V96Zuuo+EClai+MyNSXvWJYna32hxvcxzUDswBxF5wLuLoWNTy0iCJ9Sohtjnp0+
1bCJ4n23My0QO/12KWeAmUPoBX/bkmOCT9PwbJRJE9s3ywKgnFOH8dg59MXL53vo
PH9PvJbW4biv5y1e5KPpzDgLwQVDtNkL93wpclNAry8//WQ05GQcw3HIwYJZCiKu
mDXo5OyT0b4tplykePMkmC/oneu2e0DSTYGBTvnHrF3NRrr40icxY3NMrqPswu0Q
h3OFA2sEkegWEbQe8ILe59yH8DGXj4Y3/74tINUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR12E3vKqJmSujc/mKJqnn0Hk9rszAfBgNVHSMEGDAWgBT3ZO7RXFK0yBEK
Iilj3Ht9S6LRRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkyVHUwVnhTdE1nUkNpSXBZOXg3ZlV1aTBVWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvNzQxZjA2LWMzZDEtNDgzYi1iOTA4LTI4YTQ5NTNmMDUzMC8x
L2RkaE43eXFpWmtybzNQNWlpYXA1OUI1UGE3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
NzQxZjA2LWMzZDEtNDgzYi1iOTA4LTI4YTQ5NTNmMDUzMC8xLzkyVHUwVnhTdE1n
UkNpSXBZOXg3ZlV1aTBVWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFQmgzANBgkqhkiG9w0BAQsFAAOC
AQEATZhBcluB6SiW8/vDsMTI/mdIq6gZh7o47uUL7MJ6j3nBkCkLNshpE79nFXDT
fYACiGUn14tztq+ymA/GCwhpqukyf+xpm7KzL35Qg754qjC4Smg2CkfeLtZu5l2c
913zBQab3LPN+HbyUWMP+9yH0a6ReMDMKUrDm9Wri5XzqonqXXLOjbn1m7YbTxtp
WULYtyBiRy5MSCjkaHU/Nzbu/RQeNbmtV8825mKlmG70nEYeIjwpP65K4lLTqpPm
9fcgJoNZhEojjv5WKYnEv/le/WfBgBe7QorZA19EINRKik1Gl2hmI+fKuDUizZ59
itLtl3LZscfNdW1J8TXk0qcZWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:58 2024 by rpki-client on console-ams.rpki-client.org