Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/549a37-2c00-4b41-abf4-829a1cbe23f2/1/3OiUnnnKx4x03bltISifOqK8f9s.roa
File:                     3OiUnnnKx4x03bltISifOqK8f9s.roa (raw, json)
Hash identifier:          zhz7RuVTyUvmrQQ817JDGrrtZ6pX60o7fjWzkz+i6Ok=
Subject key identifier:   DC:E8:94:9E:79:CA:C7:8C:74:DD:B9:6D:21:28:9F:3A:A2:BC:7F:DB
Certificate issuer:       /CN=6eeb10f0a4b91964541a5e19a9cb83cb7268950e
Certificate serial:       031C0434
Authority key identifier: 6E:EB:10:F0:A4:B9:19:64:54:1A:5E:19:A9:CB:83:CB:72:68:95:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/busQ8KS5GWRUGl4ZqcuDy3JolQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/549a37-2c00-4b41-abf4-829a1cbe23f2/1/3OiUnnnKx4x03bltISifOqK8f9s.roa
Signing time:             Sat 01 Jan 2022 07:59:41 +0000
ROA not before:           Sat 01 Jan 2022 07:59:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30870
IP address blocks:        2.56.224.0/23 maxlen: 23
                          2a09:d240::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52167732 (0x31c0434)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6eeb10f0a4b91964541a5e19a9cb83cb7268950e
        Validity
            Not Before: Jan  1 07:59:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dce8949e79cac78c74ddb96d21289f3aa2bc7fdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:97:e2:8f:27:4c:ed:8f:d0:e0:92:36:d9:de:
                    a8:01:2d:65:aa:c4:92:26:75:aa:74:57:5a:29:0e:
                    12:41:56:c9:13:28:94:f9:da:21:18:73:c6:b6:3f:
                    03:c4:db:80:8e:9b:b5:5e:6f:28:47:d0:05:d8:d1:
                    c6:2c:2f:7b:91:ca:c0:f8:f6:fc:03:5e:dd:4f:66:
                    ab:3c:00:0b:49:1a:04:a8:c8:8d:41:c6:e6:6a:de:
                    e1:93:ea:5e:0a:02:1e:9a:bb:98:3f:97:75:05:ab:
                    ba:dc:83:9b:6f:14:32:03:be:d0:ad:6d:c2:61:a1:
                    19:47:2d:60:1c:92:6f:ea:69:6e:ab:43:19:ec:11:
                    71:15:44:5a:27:31:89:4d:b1:1c:73:e7:47:d9:c8:
                    c4:05:fa:ea:4b:67:e8:aa:b4:cd:95:79:14:ed:51:
                    26:e0:88:2f:1d:11:fd:a1:24:e3:16:c3:5d:0c:39:
                    91:4d:69:17:25:7a:0d:21:cc:cc:17:f4:fd:4e:ab:
                    16:68:c4:d9:b2:d4:df:c6:43:02:3c:4e:c3:bc:40:
                    15:dc:74:c1:b6:f2:93:80:96:51:41:f1:ae:fe:37:
                    f7:0e:a1:30:a3:67:37:2e:4e:a2:e9:70:bf:f6:b3:
                    91:42:69:d9:2d:c5:8e:45:48:0c:73:f1:aa:97:d2:
                    2b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:E8:94:9E:79:CA:C7:8C:74:DD:B9:6D:21:28:9F:3A:A2:BC:7F:DB
            X509v3 Authority Key Identifier:
                keyid:6E:EB:10:F0:A4:B9:19:64:54:1A:5E:19:A9:CB:83:CB:72:68:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/busQ8KS5GWRUGl4ZqcuDy3JolQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/549a37-2c00-4b41-abf4-829a1cbe23f2/1/3OiUnnnKx4x03bltISifOqK8f9s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/549a37-2c00-4b41-abf4-829a1cbe23f2/1/busQ8KS5GWRUGl4ZqcuDy3JolQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.224.0/23
                IPv6:
                  2a09:d240::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:08:32:4d:c5:3d:f8:cc:68:48:65:f0:1a:e9:5c:39:c9:57:
         e3:33:a1:f0:8c:bd:06:07:30:95:7c:3f:6c:60:c5:67:f2:1f:
         30:5c:00:cf:b0:6a:45:f4:59:ec:75:02:e0:62:13:81:5f:ec:
         1b:ee:69:e7:2d:5d:2b:cb:c7:82:0d:c8:42:d8:33:22:92:04:
         70:b9:6c:1f:a1:60:cc:91:28:ac:e2:40:72:7c:76:e2:14:0e:
         79:1b:c5:16:9c:8f:d2:31:0f:1c:c8:f7:3d:bd:1b:e0:54:0c:
         29:61:2a:47:a1:2b:b6:83:d6:55:84:d5:ea:13:f0:a6:5a:f2:
         17:fd:8d:37:d8:4c:f0:9a:2d:03:37:31:ac:80:50:0d:ff:50:
         28:d0:51:8e:ed:c3:c2:6f:83:f1:80:68:eb:40:df:0c:1c:9f:
         4c:86:75:49:36:00:19:62:d4:b9:79:1b:a8:b1:b4:64:c5:f3:
         9e:76:2c:b6:ba:91:02:ca:52:71:c1:6f:5a:4c:b9:4f:4a:93:
         94:3a:af:c9:f9:d5:0f:54:13:f7:81:db:29:0f:11:27:ef:bb:
         71:e3:54:03:5d:3c:44:99:6d:fb:10:83:d1:c0:96:32:e2:f1:
         1a:f5:a9:f7:5b:8d:39:d7:0e:ce:31:a4:97:43:63:03:c3:82:
         8f:61:a6:8d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAxwENDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZWViMTBmMGE0YjkxOTY0NTQxYTVlMTlhOWNiODNjYjcyNjg5NTBlMB4XDTIyMDEw
MTA3NTk0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNlODk0OWU3OWNh
Yzc4Yzc0ZGRiOTZkMjEyODlmM2FhMmJjN2ZkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGX4o8nTO2P0OCSNtneqAEtZarEkiZ1qnRXWikOEkFWyRMo
lPnaIRhzxrY/A8TbgI6btV5vKEfQBdjRxiwve5HKwPj2/ANe3U9mqzwAC0kaBKjI
jUHG5mre4ZPqXgoCHpq7mD+XdQWrutyDm28UMgO+0K1twmGhGUctYBySb+ppbqtD
GewRcRVEWicxiU2xHHPnR9nIxAX66ktn6Kq0zZV5FO1RJuCILx0R/aEk4xbDXQw5
kU1pFyV6DSHMzBf0/U6rFmjE2bLU38ZDAjxOw7xAFdx0wbbyk4CWUUHxrv439w6h
MKNnNy5Ooulwv/azkUJp2S3FjkVIDHPxqpfSK58CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTc6JSeecrHjHTduW0hKJ86orx/2zAfBgNVHSMEGDAWgBRu6xDwpLkZZFQa
Xhmpy4PLcmiVDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2J1c1E4S1M1R1dSVUdsNFpxY3VEeTNKb2xRNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvNTQ5YTM3LTJjMDAtNGI0MS1hYmY0LTgyOWExY2JlMjNmMi8x
LzNPaVVubm5LeDR4MDNibHRJU2lmT3FLOGY5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
NTQ5YTM3LTJjMDAtNGI0MS1hYmY0LTgyOWExY2JlMjNmMi8xL2J1c1E4S1M1R1dS
VUdsNFpxY3VEeTNKb2xRNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAQI44DAPBAIAAjAJAwcAKgnSQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA3CDJNxT34zGhIZfAa6Vw5yVfjM6HwjL0GBzCV
fD9sYMVn8h8wXADPsGpF9FnsdQLgYhOBX+wb7mnnLV0ry8eCDchC2DMikgRwuWwf
oWDMkSis4kByfHbiFA55G8UWnI/SMQ8cyPc9vRvgVAwpYSpHoSu2g9ZVhNXqE/Cm
WvIX/Y032Ezwmi0DNzGsgFAN/1Ao0FGO7cPCb4PxgGjrQN8MHJ9MhnVJNgAZYtS5
eRuosbRkxfOediy2upECylJxwW9aTLlPSpOUOq/J+dUPVBP3gdspDxEn77tx41QD
XTxEmW37EIPRwJYy4vEa9an3W4051w7OMaSXQ2MDw4KPYaaN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:45 2024 by rpki-client on console-fra.rpki-client.org