Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/xpPd3N4fkE6DcKd2XqRizMTh7NE.roa
File:                     xpPd3N4fkE6DcKd2XqRizMTh7NE.roa (raw, json)
Hash identifier:          GvKDT1FC+tw6km91S0wjd225D22IKOy6gL3Imsz+Ba8=
Subject key identifier:   C6:93:DD:DC:DE:1F:90:4E:83:70:A7:76:5E:A4:62:CC:C4:E1:EC:D1
Certificate issuer:       /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial:       01848CBB4D5097C5A21D65428830624052D5
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/xpPd3N4fkE6DcKd2XqRizMTh7NE.roa
Signing time:             Fri 18 Nov 2022 21:53:15 +0000
ROA not before:           Fri 18 Nov 2022 21:53:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207459
IP address blocks:        212.64.193.0/24 maxlen: 24
                          212.64.214.0/24 maxlen: 32
                          212.64.223.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:8c:bb:4d:50:97:c5:a2:1d:65:42:88:30:62:40:52:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
        Validity
            Not Before: Nov 18 21:53:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c693dddcde1f904e8370a7765ea462ccc4e1ecd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:5c:bf:b8:a4:06:e3:19:80:d6:ee:27:25:e2:
                    47:8c:b0:60:45:c6:ee:0a:29:96:fb:6a:06:68:b7:
                    5d:f1:57:03:2b:04:ff:b3:b0:20:4e:da:d7:6a:69:
                    f6:e0:20:fa:02:ad:59:94:2b:d0:ba:1c:6f:cd:40:
                    59:f4:b7:89:99:e5:21:23:0b:d3:83:85:35:ad:dd:
                    2b:6f:83:bb:e0:ef:27:b0:4b:4f:c2:72:49:a4:25:
                    1c:d4:39:35:ad:00:b8:18:be:bc:4a:25:e2:a9:98:
                    a6:3b:2a:be:f8:3e:ff:83:d3:8e:cb:b5:71:6a:2d:
                    b7:85:7a:e1:40:d8:48:55:04:fc:49:e0:c7:63:f9:
                    92:0b:1e:70:76:06:30:66:1f:a0:36:69:f9:fa:30:
                    9b:4e:d6:90:42:ee:e8:01:cb:ef:39:95:8c:1c:4b:
                    d1:22:61:7f:9a:5c:1e:3e:8e:57:6c:67:aa:78:98:
                    5b:a1:df:61:33:a9:a6:8e:72:94:25:b3:6b:12:ad:
                    97:97:b0:6b:c9:d6:7c:56:17:db:76:29:41:f7:9a:
                    95:04:da:aa:2e:7f:39:41:05:6d:07:e9:f4:5e:36:
                    00:f0:ed:88:2e:04:bf:5b:73:10:ce:e1:9a:7f:83:
                    33:fb:29:17:60:6b:0e:5f:0b:d6:75:11:7e:aa:fe:
                    dd:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:93:DD:DC:DE:1F:90:4E:83:70:A7:76:5E:A4:62:CC:C4:E1:EC:D1
            X509v3 Authority Key Identifier:
                keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/xpPd3N4fkE6DcKd2XqRizMTh7NE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.64.193.0/24
                  212.64.214.0/24
                  212.64.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:ac:c5:87:9e:cc:21:1c:e2:b3:4c:83:8f:88:ef:91:be:48:
         d2:90:df:7f:60:ca:7d:e0:cb:0a:fd:90:fc:99:46:b5:dd:19:
         a3:b2:23:b5:54:3d:90:92:6b:f8:92:69:70:5e:72:26:96:4b:
         98:c6:3f:f8:a9:53:86:41:0d:de:38:41:3c:33:23:8f:bb:c0:
         9d:57:ef:7c:cb:5a:5b:04:5c:54:f2:89:2b:bf:22:d7:b3:c5:
         f2:b1:e0:cf:d3:cc:1e:27:34:ca:26:69:12:a1:80:c3:c9:6f:
         02:14:b4:ed:a7:cb:f0:fb:76:2d:c1:b2:79:2b:dc:eb:36:ca:
         29:e6:4e:76:d4:c6:56:b1:88:bc:2b:ae:db:96:69:41:03:9a:
         30:09:68:b7:b5:77:d4:09:89:9f:55:12:8d:99:4f:ec:61:10:
         39:ee:47:9d:e0:dc:cf:48:48:76:b3:46:c1:34:d7:77:74:3d:
         51:6f:1e:ab:1e:b6:f8:f9:c4:fd:02:9b:bb:1c:e3:23:4c:6a:
         7a:f6:77:09:4a:18:4e:06:ff:83:03:7b:81:f5:85:cb:64:92:
         1c:a4:10:60:ba:f6:d2:69:fa:21:bb:a9:58:76:b4:80:b0:f4:
         99:a2:f8:7c:36:d4:11:d9:b9:d3:72:7d:cc:14:84:69:be:51:
         8a:86:bc:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSMu01Ql8WiHWVCiDBiQFLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjIxMTE4MjE1MzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjkzZGRkY2RlMWY5MDRlODM3MGE3NzY1ZWE0NjJjY2M0ZTFlY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlly/uKQG4xmA1u4nJeJHjLBgRcbu
CimW+2oGaLdd8VcDKwT/s7AgTtrXamn24CD6Aq1ZlCvQuhxvzUBZ9LeJmeUhIwvT
g4U1rd0rb4O74O8nsEtPwnJJpCUc1Dk1rQC4GL68SiXiqZimOyq++D7/g9OOy7Vx
ai23hXrhQNhIVQT8SeDHY/mSCx5wdgYwZh+gNmn5+jCbTtaQQu7oAcvvOZWMHEvR
ImF/mlwePo5XbGeqeJhbod9hM6mmjnKUJbNrEq2Xl7BrydZ8VhfbdilB95qVBNqq
Ln85QQVtB+n0XjYA8O2ILgS/W3MQzuGaf4Mz+ykXYGsOXwvWdRF+qv7dKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMaT3dzeH5BOg3Cndl6kYszE4ezRMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEveHBQZDNONGZrRTZEY0tkMlhxUml6TVRoN05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1EDBAwQA
1EDWAwQA1EDfMA0GCSqGSIb3DQEBCwUAA4IBAQBzrMWHnswhHOKzTIOPiO+RvkjS
kN9/YMp94MsK/ZD8mUa13RmjsiO1VD2Qkmv4kmlwXnImlkuYxj/4qVOGQQ3eOEE8
MyOPu8CdV+98y1pbBFxU8okrvyLXs8XyseDP08weJzTKJmkSoYDDyW8CFLTtp8vw
+3YtwbJ5K9zrNsop5k521MZWsYi8K67blmlBA5owCWi3tXfUCYmfVRKNmU/sYRA5
7ked4NzPSEh2s0bBNNd3dD1Rbx6rHrb4+cT9Apu7HOMjTGp69ncJShhOBv+DA3uB
9YXLZJIcpBBguvbSafohu6lYdrSAsPSZovh8NtQR2bnTcn3MFIRpvlGKhrwa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:15 2024 by rpki-client on console-ams.rpki-client.org