Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/PfDuCoTIfa8Ew-2AVPZ-ldZD5jw.roa
File:                     PfDuCoTIfa8Ew-2AVPZ-ldZD5jw.roa (raw, json)
Hash identifier:          aq7TrR+GLSnb4K3LGLr7gC3H2mjQkNvadl7AJaLZYZQ=
Subject key identifier:   3D:F0:EE:0A:84:C8:7D:AF:04:C3:ED:80:54:F6:7E:95:D6:43:E6:3C
Certificate issuer:       /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial:       0926F977
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/PfDuCoTIfa8Ew-2AVPZ-ldZD5jw.roa
Signing time:             Sat 01 Jan 2022 03:56:39 +0000
ROA not before:           Sat 01 Jan 2022 03:56:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16243
IP address blocks:        144.43.240.0/21 maxlen: 24
                          144.43.252.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153549175 (0x926f977)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
        Validity
            Not Before: Jan  1 03:56:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3df0ee0a84c87daf04c3ed8054f67e95d643e63c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f7:0f:ff:e8:d7:51:94:4c:54:ff:09:12:a1:
                    d7:f6:6e:ad:5d:ee:ee:84:df:fc:ab:53:76:2d:f9:
                    1d:bd:2a:5a:b3:47:8f:9d:26:36:f9:a6:d8:dd:b7:
                    25:e1:15:0b:d8:b3:7a:4c:c0:e4:e1:69:92:9b:0f:
                    dc:ee:45:d3:7b:d3:fe:b9:2a:0d:2f:ae:7d:03:a9:
                    72:5e:81:e3:93:56:22:42:21:e5:30:cc:23:5e:1f:
                    9c:4b:d4:48:db:02:27:2f:10:27:e1:e7:df:91:fc:
                    38:58:c1:c0:6a:7e:91:77:4c:dd:28:ba:81:31:fe:
                    60:7a:5b:dc:3c:54:86:df:29:ee:63:6f:c3:59:f6:
                    48:3e:dc:23:97:35:05:08:49:2c:37:e5:9f:35:d8:
                    99:50:29:fe:3c:c3:30:7c:ad:64:75:c3:a3:e4:ea:
                    92:50:7d:5d:7e:80:7f:1f:c5:13:7a:c8:67:b0:3a:
                    90:3a:67:28:ca:e1:09:8d:e0:51:40:0e:68:76:3b:
                    b7:d3:da:d8:88:e4:19:d9:a6:2c:a6:1c:db:e1:a9:
                    89:1b:ae:80:48:c8:45:2d:c1:2f:5c:5c:00:38:7c:
                    e0:d8:4f:08:72:53:e9:c3:b7:13:cb:62:e1:12:bf:
                    d0:c0:fc:69:ff:f3:ea:cb:51:ce:c8:69:1b:7b:c4:
                    d9:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:F0:EE:0A:84:C8:7D:AF:04:C3:ED:80:54:F6:7E:95:D6:43:E6:3C
            X509v3 Authority Key Identifier:
                keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/PfDuCoTIfa8Ew-2AVPZ-ldZD5jw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.43.240.0/21
                  144.43.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:99:89:93:cb:90:80:22:3d:a0:57:84:09:18:41:ad:21:86:
         74:35:a8:8b:34:24:c0:6a:f4:04:79:e1:f0:01:3a:42:e9:29:
         b9:29:b8:4a:cb:2c:60:0a:26:3d:88:10:52:03:2f:6f:65:b0:
         27:08:f3:68:f5:2c:51:aa:78:37:0c:69:af:10:a9:94:8b:fd:
         ee:ed:72:4e:db:1d:24:90:a9:fe:c7:1f:3e:f5:92:7d:5e:49:
         c1:75:ff:10:b7:9a:35:b5:07:5d:0a:51:e6:42:b8:15:87:61:
         2d:76:c1:95:3b:ee:35:d0:e9:1f:b6:7f:28:01:d6:b6:0f:04:
         68:b0:62:47:a6:11:a0:19:54:32:58:5e:aa:7a:20:1a:f0:64:
         ea:f2:f0:2c:a0:cb:87:02:be:b9:e1:39:10:31:45:33:ea:2a:
         48:4d:ec:5b:26:50:c3:a1:4e:8c:95:ad:5f:4a:e4:40:54:03:
         b1:c3:0a:94:78:10:e6:8c:dd:07:10:48:21:0f:1c:bb:f4:51:
         01:ec:eb:aa:10:55:aa:52:48:77:f2:9d:cc:e0:b9:86:00:b4:
         15:b8:c1:c3:95:2b:7c:5f:ad:ef:44:ee:9f:07:12:b9:a3:d9:
         7e:9a:49:4b:65:ab:3d:47:3c:d0:83:4b:0d:fa:b0:91:65:e7:
         1e:9f:ab:18
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECSb5dzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDA2OWUxOWUxMmMxMDQwMDRlOGI0Yjc1ZjhhNzc4OWI3ZTExMzk2MB4XDTIyMDEw
MTAzNTYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2RmMGVlMGE4NGM4
N2RhZjA0YzNlZDgwNTRmNjdlOTVkNjQzZTYzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKj3D//o11GUTFT/CRKh1/ZurV3u7oTf/KtTdi35Hb0qWrNH
j50mNvmm2N23JeEVC9izekzA5OFpkpsP3O5F03vT/rkqDS+ufQOpcl6B45NWIkIh
5TDMI14fnEvUSNsCJy8QJ+Hn35H8OFjBwGp+kXdM3Si6gTH+YHpb3DxUht8p7mNv
w1n2SD7cI5c1BQhJLDflnzXYmVAp/jzDMHytZHXDo+TqklB9XX6Afx/FE3rIZ7A6
kDpnKMrhCY3gUUAOaHY7t9Pa2IjkGdmmLKYc2+GpiRuugEjIRS3BL1xcADh84NhP
CHJT6cO3E8ti4RK/0MD8af/z6stRzshpG3vE2XkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ98O4KhMh9rwTD7YBU9n6V1kPmPDAfBgNVHSMEGDAWgBRtBp4Z4SwQQATo
tLdfineJt+ETljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JRYWVHZUVzRUVBRTZMUzNYNHAzaWJmaEU1WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvY2Y2NGY2LTA3ODktNDNlMy1iZDZiLTdiZmYyOTZjNmIwMi8x
L1BmRHVDb1RJZmE4RXctMkFWUFotbGRaRDVqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
Y2Y2NGY2LTA3ODktNDNlMy1iZDZiLTdiZmYyOTZjNmIwMi8xL2JRYWVHZUVzRUVB
RTZMUzNYNHAzaWJmaEU1WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA5Ar8AMEApAr/DANBgkqhkiG9w0B
AQsFAAOCAQEAV5mJk8uQgCI9oFeECRhBrSGGdDWoizQkwGr0BHnh8AE6QukpuSm4
SsssYAomPYgQUgMvb2WwJwjzaPUsUap4NwxprxCplIv97u1yTtsdJJCp/scfPvWS
fV5JwXX/ELeaNbUHXQpR5kK4FYdhLXbBlTvuNdDpH7Z/KAHWtg8EaLBiR6YRoBlU
MlheqnogGvBk6vLwLKDLhwK+ueE5EDFFM+oqSE3sWyZQw6FOjJWtX0rkQFQDscMK
lHgQ5ozdBxBIIQ8cu/RRAezrqhBVqlJId/KdzOC5hgC0FbjBw5UrfF+t70TunwcS
uaPZfppJS2WrPUc80INLDfqwkWXnHp+rGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:39 2024 by rpki-client on console-fra.rpki-client.org