Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Dw2WkUoH5X0gP36jZOb4_iOV8JU.roa
File:                     Dw2WkUoH5X0gP36jZOb4_iOV8JU.roa (raw, json)
Hash identifier:          GatVjmurLnnDPeetaL3rmL2SMq1KQhyA73/rTmfetiQ=
Subject key identifier:   0F:0D:96:91:4A:07:E5:7D:20:3F:7E:A3:64:E6:F8:FE:23:95:F0:95
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1C8958D9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Dw2WkUoH5X0gP36jZOb4_iOV8JU.roa
Signing time:             Sat 01 Jan 2022 01:02:51 +0000
ROA not before:           Sat 01 Jan 2022 01:02:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204469
IP address blocks:        31.13.240.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 478763225 (0x1c8958d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 01:02:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0f0d96914a07e57d203f7ea364e6f8fe2395f095
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:49:88:89:23:b6:49:b8:e3:ab:03:10:21:cf:
                    bc:6a:0b:c4:e4:f6:54:cd:18:c8:45:29:7d:52:59:
                    36:6c:6d:96:56:15:dd:c3:c4:4e:7a:eb:5a:54:19:
                    af:5f:17:2c:fa:82:e2:ba:85:9d:47:93:4f:58:4a:
                    e3:4f:73:33:22:3e:54:9e:01:2c:0d:33:36:c8:91:
                    c1:6c:b1:e3:52:4b:a9:c0:c8:cd:18:d7:76:9d:e5:
                    d3:8a:84:28:91:ff:bf:c4:d7:43:16:70:d4:36:35:
                    23:3c:b7:8a:9f:d4:ae:88:7e:ff:df:c1:ef:d4:a6:
                    e0:64:48:b0:59:78:cf:19:ee:39:0f:06:87:6b:ea:
                    50:53:6e:cb:25:b1:7a:22:1f:21:17:d6:52:bf:b0:
                    96:e0:e7:ad:2d:ff:af:b5:c1:c4:a5:52:50:d6:01:
                    82:7d:2f:18:26:a4:ca:95:d4:67:93:8c:23:4b:7c:
                    de:43:44:f3:84:5c:47:e4:73:53:c3:39:82:6d:23:
                    e6:ce:1b:18:48:85:cf:7b:4c:93:80:20:5c:4d:aa:
                    69:e1:7a:98:de:ba:c1:e1:97:e9:cd:f4:76:cf:66:
                    12:e2:e7:8f:af:7f:8f:78:41:ae:30:4e:83:65:34:
                    56:7a:e4:18:f4:d5:45:ed:ce:09:c4:df:d2:35:53:
                    2b:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:0D:96:91:4A:07:E5:7D:20:3F:7E:A3:64:E6:F8:FE:23:95:F0:95
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Dw2WkUoH5X0gP36jZOb4_iOV8JU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.13.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:6b:a4:2c:3f:6c:0c:cf:c0:1b:74:f5:96:63:6b:a6:41:fc:
         af:09:c3:f9:37:53:12:79:ed:1a:6a:da:62:0b:be:7c:d4:f7:
         05:c0:f1:6e:34:66:22:e4:b8:4b:d5:81:e3:3f:aa:1c:29:0f:
         b4:85:4c:d2:f9:db:1e:a1:97:e1:7b:eb:1e:3b:48:6e:eb:ca:
         61:c8:b9:91:ae:13:86:0a:80:1a:41:5c:54:31:30:ca:ee:ce:
         2d:26:40:7d:ce:22:16:bd:4e:5c:29:5e:ee:8e:9c:00:e8:89:
         2e:d6:d6:c5:3f:be:b5:ae:e0:54:9c:79:ba:9b:3b:4d:e5:d6:
         7b:82:72:d6:ed:5d:54:bf:3b:a9:9f:93:10:dd:24:98:cc:5f:
         5f:f2:25:dd:cf:e8:7b:26:a2:23:fa:64:a0:1a:ff:4f:e2:9f:
         8d:88:a6:8e:e4:f6:af:9e:3d:5c:03:3e:99:9d:1b:c8:52:0a:
         08:c8:4b:e0:9f:b3:c6:7f:5f:bc:09:ee:1d:91:49:87:96:64:
         7e:4f:62:0f:e3:1b:db:a2:68:f2:6e:30:06:2f:dd:5f:88:03:
         dc:56:79:b7:94:03:4e:e4:45:30:e8:d2:9d:f1:65:18:0f:71:
         c4:da:52:b6:cb:66:9d:3d:be:99:4e:17:48:3b:17:cc:5b:1b:
         3b:74:4b:c8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHIlY2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGYwZDk2OTE0YTA3
ZTU3ZDIwM2Y3ZWEzNjRlNmY4ZmUyMzk1ZjA5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKlJiIkjtkm446sDECHPvGoLxOT2VM0YyEUpfVJZNmxtllYV
3cPETnrrWlQZr18XLPqC4rqFnUeTT1hK409zMyI+VJ4BLA0zNsiRwWyx41JLqcDI
zRjXdp3l04qEKJH/v8TXQxZw1DY1Izy3ip/Uroh+/9/B79Sm4GRIsFl4zxnuOQ8G
h2vqUFNuyyWxeiIfIRfWUr+wluDnrS3/r7XBxKVSUNYBgn0vGCakypXUZ5OMI0t8
3kNE84RcR+RzU8M5gm0j5s4bGEiFz3tMk4AgXE2qaeF6mN66weGX6c30ds9mEuLn
j69/j3hBrjBOg2U0VnrkGPTVRe3OCcTf0jVTK2MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQPDZaRSgflfSA/fqNk5vj+I5XwlTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L0R3MldrVW9INVgwZ1AzNmpaT2I0X2lPVjhKVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8N8DANBgkqhkiG9w0BAQsFAAOC
AQEAsmukLD9sDM/AG3T1lmNrpkH8rwnD+TdTEnntGmraYgu+fNT3BcDxbjRmIuS4
S9WB4z+qHCkPtIVM0vnbHqGX4XvrHjtIbuvKYci5ka4ThgqAGkFcVDEwyu7OLSZA
fc4iFr1OXCle7o6cAOiJLtbWxT++ta7gVJx5ups7TeXWe4Jy1u1dVL87qZ+TEN0k
mMxfX/Il3c/oeyaiI/pkoBr/T+KfjYimjuT2r549XAM+mZ0byFIKCMhL4J+zxn9f
vAnuHZFJh5Zkfk9iD+Mb26Jo8m4wBi/dX4gD3FZ5t5QDTuRFMOjSnfFlGA9xxNpS
tstmnT2+mU4XSDsXzFsbO3RLyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:02 2024 by rpki-client on console-fra.rpki-client.org