Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/3gsjcJM13-ILgjzh4F-WyytIABs.roa
File:                     3gsjcJM13-ILgjzh4F-WyytIABs.roa (raw, json)
Hash identifier:          885v2wv0GML1bWBYzMNYSQWAtvJrRV4JgMQDPP27gmE=
Subject key identifier:   DE:0B:23:70:93:35:DF:E2:0B:82:3C:E1:E0:5F:96:CB:2B:48:00:1B
Certificate issuer:       /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial:       0989F974
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/3gsjcJM13-ILgjzh4F-WyytIABs.roa
Signing time:             Wed 29 Jun 2022 07:44:02 +0000
ROA not before:           Wed 29 Jun 2022 07:44:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199484
IP address blocks:        212.64.195.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 160037236 (0x989f974)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
        Validity
            Not Before: Jun 29 07:44:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=de0b23709335dfe20b823ce1e05f96cb2b48001b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:5b:33:c8:99:63:cb:f1:6e:43:f9:7b:35:cf:
                    55:72:0f:5d:c0:30:7d:5e:9c:a6:4f:1d:0f:aa:77:
                    be:b3:e1:d5:b7:6c:dd:73:76:95:53:9f:1b:26:ed:
                    c2:bf:45:02:cc:c5:a0:ff:06:4c:af:96:07:ad:11:
                    cd:b2:c3:6f:d9:4c:73:cd:81:52:aa:0c:e2:df:d8:
                    35:b1:9e:6d:71:24:df:a4:9e:f5:8b:9f:33:29:f8:
                    5a:e1:46:3f:7f:86:b4:17:60:f3:9e:f4:28:5f:d1:
                    45:f9:eb:63:2e:93:06:ba:d6:00:5f:71:34:eb:3e:
                    b0:ee:66:4b:1e:fc:6a:19:23:2d:cc:70:9d:6d:70:
                    05:27:5c:02:f2:18:51:1b:c7:c0:49:b8:24:0f:7a:
                    0c:2b:d9:3e:cc:ba:d6:6c:15:d9:00:5f:04:12:4e:
                    be:25:66:3c:bf:95:18:7b:0c:3b:eb:10:5f:df:8c:
                    c3:8f:ce:8c:23:40:39:0a:f2:d7:af:be:85:f5:88:
                    99:42:8d:59:b0:52:71:d1:13:e0:63:1f:10:de:f4:
                    97:2d:59:ca:ad:6a:1a:e0:e6:c8:24:61:07:04:f3:
                    68:12:db:ac:63:d2:66:97:e5:3d:79:ec:82:2f:d1:
                    a3:df:3a:e1:f8:07:f6:b2:8a:ac:7c:4a:63:34:9b:
                    e3:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:0B:23:70:93:35:DF:E2:0B:82:3C:E1:E0:5F:96:CB:2B:48:00:1B
            X509v3 Authority Key Identifier:
                keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/3gsjcJM13-ILgjzh4F-WyytIABs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.64.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:d9:c4:9f:a4:53:58:d2:1f:43:a8:d2:c0:be:48:67:7e:92:
         8f:5a:89:60:46:68:e3:4d:d9:ae:e8:78:46:93:a7:7c:41:b6:
         e5:2b:f0:df:66:75:f4:46:df:4f:73:cd:3e:59:42:2d:b1:25:
         b8:db:9d:b0:b5:82:1b:ca:34:e0:86:31:fe:55:85:57:46:a0:
         1e:b9:61:9f:c7:7e:6f:38:ed:57:ff:d4:63:7d:9c:7b:d6:85:
         26:f0:34:b2:07:00:d5:9c:7a:b9:91:5d:c1:f7:6c:23:d2:60:
         e4:d1:0a:0f:91:97:64:0a:c9:a6:39:58:14:21:d3:46:cc:66:
         96:3e:b4:8f:f8:65:9c:f4:b8:73:8d:5e:b1:69:5d:d4:87:4b:
         9a:38:7f:60:88:2d:80:76:a0:09:8e:87:48:d6:65:d4:5c:c1:
         ac:46:23:c7:fd:5a:d5:57:01:6d:81:6d:35:e0:da:06:37:96:
         54:63:45:66:4e:5d:81:f4:ff:07:10:ed:60:22:87:0f:e9:01:
         2c:4d:5c:58:01:ff:81:89:bc:2a:8a:b0:d4:10:38:ee:a6:8c:
         de:f4:76:b1:69:87:47:77:9c:72:25:94:0a:fa:a3:10:d2:32:
         cf:0c:fc:6c:8e:a8:45:78:be:c0:7e:3d:0a:07:1a:6f:18:d7:
         01:7f:92:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECYn5dDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjQwZjg5Y2UyMjY0NWI5NzI5N2Q3ODAzNzI2ZGMyZmIwZTVmNGI5MB4XDTIyMDYy
OTA3NDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGUwYjIzNzA5MzM1
ZGZlMjBiODIzY2UxZTA1Zjk2Y2IyYjQ4MDAxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5bM8iZY8vxbkP5ezXPVXIPXcAwfV6cpk8dD6p3vrPh1bds
3XN2lVOfGybtwr9FAszFoP8GTK+WB60RzbLDb9lMc82BUqoM4t/YNbGebXEk36Se
9YufMyn4WuFGP3+GtBdg8570KF/RRfnrYy6TBrrWAF9xNOs+sO5mSx78ahkjLcxw
nW1wBSdcAvIYURvHwEm4JA96DCvZPsy61mwV2QBfBBJOviVmPL+VGHsMO+sQX9+M
w4/OjCNAOQry16++hfWImUKNWbBScdET4GMfEN70ly1Zyq1qGuDmyCRhBwTzaBLb
rGPSZpflPXnsgi/Ro9864fgH9rKKrHxKYzSb48MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTeCyNwkzXf4guCPOHgX5bLK0gAGzAfBgNVHSMEGDAWgBRmQPic4iZFuXKX
14A3JtwvsOX0uTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1prRDRuT0ltUmJseWw5ZUFOeWJjTDdEbDlMay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvYzNhZDJlLWI1MmUtNDQxYy04OWJhLTQ0YWI3YTlkN2RlYS8x
LzNnc2pjSk0xMy1JTGdqemg0Ri1XeXl0SUFCcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
YzNhZDJlLWI1MmUtNDQxYy04OWJhLTQ0YWI3YTlkN2RlYS8xL1prRDRuT0ltUmJs
eWw5ZUFOeWJjTDdEbDlMay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANRAwzANBgkqhkiG9w0BAQsFAAOC
AQEAddnEn6RTWNIfQ6jSwL5IZ36Sj1qJYEZo403Zruh4RpOnfEG25Svw32Z19Ebf
T3PNPllCLbEluNudsLWCG8o04IYx/lWFV0agHrlhn8d+bzjtV//UY32ce9aFJvA0
sgcA1Zx6uZFdwfdsI9Jg5NEKD5GXZArJpjlYFCHTRsxmlj60j/hlnPS4c41esWld
1IdLmjh/YIgtgHagCY6HSNZl1FzBrEYjx/1a1VcBbYFtNeDaBjeWVGNFZk5dgfT/
BxDtYCKHD+kBLE1cWAH/gYm8Koqw1BA47qaM3vR2sWmHR3ecciWUCvqjENIyzwz8
bI6oRXi+wH49CgcabxjXAX+S2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:14 2024 by rpki-client on console-ams.rpki-client.org