Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/J-qQ-3uzgChZ19bTVEPlHznf-Tc.roa
File:                     J-qQ-3uzgChZ19bTVEPlHznf-Tc.roa (raw, json)
Hash identifier:          Cx0gUkbBIgSCAQi955XVVYd9SF/4oelRm2HU9nQF45w=
Subject key identifier:   27:EA:90:FB:7B:B3:80:28:59:D7:D6:D3:54:43:E5:1F:39:DF:F9:37
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       01828F446AA55051AD4127C1F0FBCB6CAC61
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/J-qQ-3uzgChZ19bTVEPlHznf-Tc.roa
Signing time:             Thu 11 Aug 2022 23:36:41 +0000
ROA not before:           Thu 11 Aug 2022 23:36:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     11325
IP address blocks:        2.57.248.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:8f:44:6a:a5:50:51:ad:41:27:c1:f0:fb:cb:6c:ac:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Aug 11 23:36:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=27ea90fb7bb3802859d7d6d35443e51f39dff937
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:92:15:9d:13:e9:8b:ac:3c:00:2f:7c:9e:a5:
                    21:13:ef:33:dd:c7:f1:84:1e:30:2d:4e:b6:bc:d4:
                    f5:b3:fd:ae:27:5f:ef:0d:33:da:69:cf:a4:13:76:
                    05:40:44:9a:f4:9e:b5:33:cd:0e:83:a3:53:f9:2a:
                    e1:62:50:41:b7:44:34:a7:74:db:9d:f6:6c:cd:e3:
                    42:41:9d:d1:e3:e0:17:9c:14:7a:32:b6:2a:74:da:
                    21:a4:16:7d:b9:75:7d:b1:81:a0:74:5c:65:51:03:
                    06:fb:bc:a3:ae:08:de:cb:db:5c:43:c9:35:74:32:
                    6f:16:ec:a0:a8:e7:ed:06:b7:d9:38:bb:9e:9e:69:
                    74:af:25:f9:4a:33:f7:e6:41:7f:5a:18:bc:01:d1:
                    67:30:94:5e:4d:e0:cd:91:04:1f:0a:58:7d:ce:8b:
                    2b:49:fa:08:fb:bc:c3:54:af:dc:15:eb:52:d6:0c:
                    ff:6b:31:c7:17:55:e2:52:3a:4a:9d:9b:39:84:ce:
                    7e:37:0a:55:39:09:19:4d:82:bf:27:ae:b1:3b:c8:
                    a4:af:2b:99:9d:29:68:83:2e:1e:c6:bd:ef:3d:ee:
                    67:e7:f7:12:c6:f2:f9:a3:45:ad:b2:80:94:9a:a7:
                    9a:a1:00:04:14:ff:c4:de:4e:cb:55:1b:9c:a1:30:
                    4e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:EA:90:FB:7B:B3:80:28:59:D7:D6:D3:54:43:E5:1F:39:DF:F9:37
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/J-qQ-3uzgChZ19bTVEPlHznf-Tc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9e:14:65:78:08:df:29:4d:06:ae:cc:a7:61:2f:3e:19:4c:85:
         30:2a:42:d5:c4:8e:35:11:18:7a:e9:65:71:7e:33:72:01:ea:
         46:84:58:96:0d:45:09:7b:82:6f:56:f8:28:c5:6b:e8:1e:26:
         38:f8:3d:f5:07:0e:e8:f4:90:86:e0:c1:ae:de:98:6b:62:29:
         c6:35:b1:42:15:c9:14:8e:c0:8c:69:f6:fe:37:40:97:0c:8c:
         1e:fe:6a:ca:62:18:93:20:3a:fc:2b:8f:da:a3:02:8a:6d:c4:
         d8:e6:90:f2:8e:47:9e:0a:34:5a:a0:b8:f5:9c:d1:b2:09:af:
         cd:01:cf:79:a3:91:4f:b9:f7:fe:28:fc:36:45:e1:1d:f1:38:
         f0:53:e1:1a:8d:1e:b8:6a:76:da:d0:31:03:7f:40:c7:b2:9b:
         87:9c:8d:2c:a3:d7:b8:b1:94:d5:37:e4:e2:b5:14:67:b9:98:
         7e:b3:5b:44:f7:1d:6e:03:91:85:97:31:b8:0b:64:20:c0:f6:
         d5:0f:fb:f1:78:e5:98:6d:48:1b:2c:b1:71:aa:43:24:96:f7:
         30:0a:20:2a:12:d5:ec:d3:39:d6:32:82:c9:07:6d:37:b9:aa:
         97:53:11:ae:e8:0b:8d:ff:28:ab:ae:4d:71:55:78:d6:bf:dd:
         88:61:71:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKPRGqlUFGtQSfB8PvLbKxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjIwODExMjMzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2VhOTBmYjdiYjM4MDI4NTlkN2Q2ZDM1NDQzZTUxZjM5ZGZmOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5IVnRPpi6w8AC98nqUhE+8z3cfx
hB4wLU62vNT1s/2uJ1/vDTPaac+kE3YFQESa9J61M80Og6NT+SrhYlBBt0Q0p3Tb
nfZszeNCQZ3R4+AXnBR6MrYqdNohpBZ9uXV9sYGgdFxlUQMG+7yjrgjey9tcQ8k1
dDJvFuygqOftBrfZOLuenml0ryX5SjP35kF/Whi8AdFnMJReTeDNkQQfClh9zosr
SfoI+7zDVK/cFetS1gz/azHHF1XiUjpKnZs5hM5+NwpVOQkZTYK/J66xO8ikryuZ
nSlogy4exr3vPe5n5/cSxvL5o0WtsoCUmqeaoQAEFP/E3k7LVRucoTBOvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCfqkPt7s4AoWdfW01RD5R853/k3MB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvSi1xUS0zdXpnQ2haMTliVFZFUGxIem5mLVRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjn4MA0G
CSqGSIb3DQEBCwUAA4IBAQCeFGV4CN8pTQauzKdhLz4ZTIUwKkLVxI41ERh66WVx
fjNyAepGhFiWDUUJe4JvVvgoxWvoHiY4+D31Bw7o9JCG4MGu3phrYinGNbFCFckU
jsCMafb+N0CXDIwe/mrKYhiTIDr8K4/aowKKbcTY5pDyjkeeCjRaoLj1nNGyCa/N
Ac95o5FPuff+KPw2ReEd8TjwU+EajR64anba0DEDf0DHspuHnI0so9e4sZTVN+Ti
tRRnuZh+s1tE9x1uA5GFlzG4C2QgwPbVD/vxeOWYbUgbLLFxqkMklvcwCiAqEtXs
0znWMoLJB203uaqXUxGu6AuN/yirrk1xVXjWv92IYXH+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:52 2023 by rpki-client on console-fra.rpki-client.org