Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/813010-a96f-4510-9dbc-21f7751ca76c/1/5VAXq0rCLqf_B-yHsWf8rfb8ROE.roa
File:                     5VAXq0rCLqf_B-yHsWf8rfb8ROE.roa (raw, json)
Hash identifier:          /K9dTRvyx/WIoYV0gAK2Dsbs13/NlnvptDanb7T/VkU=
Subject key identifier:   E5:50:17:AB:4A:C2:2E:A7:FF:07:EC:87:B1:67:FC:AD:F6:FC:44:E1
Certificate issuer:       /CN=98845584ac8094c1806b73a6f53e46b9a28e812b
Certificate serial:       0AAB92B2
Authority key identifier: 98:84:55:84:AC:80:94:C1:80:6B:73:A6:F5:3E:46:B9:A2:8E:81:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mIRVhKyAlMGAa3Om9T5GuaKOgSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/813010-a96f-4510-9dbc-21f7751ca76c/1/5VAXq0rCLqf_B-yHsWf8rfb8ROE.roa
Signing time:             Sat 01 Jan 2022 06:06:10 +0000
ROA not before:           Sat 01 Jan 2022 06:06:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59497
IP address blocks:        176.110.103.0/24 maxlen: 24
                          176.110.102.0/23 maxlen: 23
                          176.110.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 179016370 (0xaab92b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98845584ac8094c1806b73a6f53e46b9a28e812b
        Validity
            Not Before: Jan  1 06:06:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e55017ab4ac22ea7ff07ec87b167fcadf6fc44e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0f:7a:f5:2b:68:0b:a7:95:ae:b8:99:e1:72:
                    fa:19:41:4d:8f:ad:cb:7f:38:bf:8d:af:be:88:42:
                    96:ea:d2:e1:ee:b1:e9:0d:43:31:a4:4f:9d:c0:52:
                    fe:c8:60:9e:e7:dc:01:d1:0b:8f:c4:b2:54:fa:db:
                    4b:fa:9b:e8:7a:a3:27:f9:7a:fd:c2:ca:38:6a:3a:
                    68:36:ee:bf:a1:d9:3a:22:1d:18:14:66:78:1e:a5:
                    e3:bd:ca:5b:d9:48:61:54:7d:bd:5d:83:94:dc:de:
                    7d:b6:fb:27:1f:2e:ed:d1:5c:a3:d4:51:fd:34:37:
                    99:e0:27:fd:ce:9e:25:00:01:d7:8f:3b:80:bf:6b:
                    e6:a6:6d:49:ab:28:0c:1a:fa:7a:e2:7a:16:99:bf:
                    2f:d0:2f:31:d2:00:ad:4f:ac:43:27:aa:15:00:dd:
                    cb:5c:22:6f:f5:26:68:fc:85:c7:2f:17:15:3f:f5:
                    d4:2f:ed:62:07:15:9d:31:56:d5:08:08:0f:a7:5f:
                    a2:66:f3:3e:45:6c:09:83:62:5f:dd:61:dd:bf:0f:
                    11:7c:d5:96:68:92:ae:13:b8:50:87:5d:a8:05:9c:
                    38:06:15:52:4d:45:1c:7b:bf:d3:99:a4:93:1e:43:
                    e1:e9:81:a8:30:66:cb:09:45:dd:48:0d:d5:36:28:
                    f4:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:50:17:AB:4A:C2:2E:A7:FF:07:EC:87:B1:67:FC:AD:F6:FC:44:E1
            X509v3 Authority Key Identifier:
                keyid:98:84:55:84:AC:80:94:C1:80:6B:73:A6:F5:3E:46:B9:A2:8E:81:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mIRVhKyAlMGAa3Om9T5GuaKOgSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/813010-a96f-4510-9dbc-21f7751ca76c/1/5VAXq0rCLqf_B-yHsWf8rfb8ROE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/813010-a96f-4510-9dbc-21f7751ca76c/1/mIRVhKyAlMGAa3Om9T5GuaKOgSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.110.102.0/23

    Signature Algorithm: sha256WithRSAEncryption
         73:ad:d8:33:b6:33:73:87:50:e4:70:25:02:e0:3b:fd:d0:a3:
         95:92:ce:14:1d:9a:fd:e3:d3:4e:9f:05:ee:4c:c2:91:44:27:
         6c:ef:23:63:4d:26:dd:06:db:62:ef:82:4d:5f:e7:65:72:13:
         49:24:4b:64:9a:a0:3c:25:5c:46:29:40:eb:9a:c5:8d:4b:00:
         24:bc:3a:94:6c:92:9b:4f:32:42:cf:1b:b9:26:73:86:94:a4:
         e3:b4:6f:f5:1d:b0:33:3a:e3:de:93:08:a2:19:9a:7d:73:1f:
         16:c8:b8:c0:61:34:7c:c1:cb:b0:5c:64:27:27:27:07:cb:2f:
         a8:10:97:aa:3a:8c:f7:7c:81:e8:1c:13:e3:da:e2:c3:ff:33:
         cd:88:ef:82:0b:78:c3:c3:0d:d3:db:85:9b:10:a3:cc:9d:4c:
         54:9d:4a:f2:70:04:cf:77:98:17:79:95:88:79:a3:10:dc:57:
         3a:1d:52:3e:71:c9:66:56:ad:68:95:60:e9:af:b0:bf:aa:28:
         8c:3f:64:51:7d:56:06:e3:29:e2:b8:96:d2:f0:ec:2b:54:ff:
         35:70:6d:d2:46:90:56:0b:c6:47:84:5a:27:c1:77:19:0c:5c:
         90:b5:c1:00:27:4b:a7:d6:29:64:11:1b:00:00:d9:93:33:cb:
         0b:2b:b3:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECquSsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODg0NTU4NGFjODA5NGMxODA2YjczYTZmNTNlNDZiOWEyOGU4MTJiMB4XDTIyMDEw
MTA2MDYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU1MDE3YWI0YWMy
MmVhN2ZmMDdlYzg3YjE2N2ZjYWRmNmZjNDRlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkPevUraAunla64meFy+hlBTY+ty384v42vvohClurS4e6x
6Q1DMaRPncBS/shgnufcAdELj8SyVPrbS/qb6HqjJ/l6/cLKOGo6aDbuv6HZOiId
GBRmeB6l473KW9lIYVR9vV2DlNzefbb7Jx8u7dFco9RR/TQ3meAn/c6eJQAB1487
gL9r5qZtSasoDBr6euJ6Fpm/L9AvMdIArU+sQyeqFQDdy1wib/UmaPyFxy8XFT/1
1C/tYgcVnTFW1QgID6dfombzPkVsCYNiX91h3b8PEXzVlmiSrhO4UIddqAWcOAYV
Uk1FHHu/05mkkx5D4emBqDBmywlF3UgN1TYo9M0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTlUBerSsIup/8H7IexZ/yt9vxE4TAfBgNVHSMEGDAWgBSYhFWErICUwYBr
c6b1Pka5oo6BKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21JUlZoS3lBbE1HQWEzT205VDVHdWFLT2dTcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvODEzMDEwLWE5NmYtNDUxMC05ZGJjLTIxZjc3NTFjYTc2Yy8x
LzVWQVhxMHJDTHFmX0IteUhzV2Y4cmZiOFJPRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
ODEzMDEwLWE5NmYtNDUxMC05ZGJjLTIxZjc3NTFjYTc2Yy8xL21JUlZoS3lBbE1H
QWEzT205VDVHdWFLT2dTcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbBuZjANBgkqhkiG9w0BAQsFAAOC
AQEAc63YM7Yzc4dQ5HAlAuA7/dCjlZLOFB2a/ePTTp8F7kzCkUQnbO8jY00m3Qbb
Yu+CTV/nZXITSSRLZJqgPCVcRilA65rFjUsAJLw6lGySm08yQs8buSZzhpSk47Rv
9R2wMzrj3pMIohmafXMfFsi4wGE0fMHLsFxkJycnB8svqBCXqjqM93yB6BwT49ri
w/8zzYjvggt4w8MN09uFmxCjzJ1MVJ1K8nAEz3eYF3mViHmjENxXOh1SPnHJZlat
aJVg6a+wv6oojD9kUX1WBuMp4riW0vDsK1T/NXBt0kaQVgvGR4RaJ8F3GQxckLXB
ACdLp9YpZBEbAADZkzPLCyuziQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:20 2024 by rpki-client on console-ams.rpki-client.org