Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/D9g_cLmtp_CLD24UGGYhIbP455E.roa
File:                     D9g_cLmtp_CLD24UGGYhIbP455E.roa (raw, json)
Hash identifier:          hfBVTEAu9V8q41n/8e1Iqk62BskvvTXh1EYN9EkLJrc=
Subject key identifier:   0F:D8:3F:70:B9:AD:A7:F0:8B:0F:6E:14:18:66:21:21:B3:F8:E7:91
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       34254BEA
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/D9g_cLmtp_CLD24UGGYhIbP455E.roa
Signing time:             Sat 01 Jan 2022 09:02:50 +0000
ROA not before:           Sat 01 Jan 2022 09:02:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58224
IP address blocks:        81.31.244.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 874859498 (0x34254bea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Jan  1 09:02:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0fd83f70b9ada7f08b0f6e1418662121b3f8e791
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:1d:8a:ea:3c:6b:71:35:9d:ea:2e:d5:33:c7:
                    25:9e:11:22:b2:d1:5f:cd:22:c7:82:0a:f0:09:1d:
                    7f:41:5e:84:20:2f:f0:8e:37:e5:c2:e9:ea:b2:2a:
                    74:21:58:37:c9:42:35:93:e9:c5:4a:12:4c:21:91:
                    2b:fe:7b:64:7b:ed:cb:5d:4c:a5:62:1f:b3:07:32:
                    2f:86:f1:60:f1:6b:08:63:05:e3:41:ac:4c:a1:23:
                    73:57:e4:40:08:b5:c1:55:ae:24:03:6c:2b:47:a6:
                    99:3a:38:5e:c1:35:4e:c4:12:98:2d:fe:58:c6:02:
                    33:c5:41:97:08:9a:02:84:0f:8e:92:6e:c8:ee:82:
                    53:2c:85:54:27:4e:84:34:38:3b:8f:e0:55:5d:1f:
                    b6:db:29:22:2b:42:80:18:97:fe:c2:b6:72:7d:33:
                    2a:97:7f:f2:1e:d3:93:5a:2d:a2:35:a7:44:63:e3:
                    5c:4b:99:87:bb:72:af:e0:2e:10:29:74:23:6a:35:
                    5b:04:1a:d3:3e:fb:c9:84:2c:36:1d:93:24:e8:67:
                    68:cd:0c:07:cd:ae:c3:be:95:0a:82:cb:fb:1e:2c:
                    4b:6e:05:24:d8:10:d8:26:bb:4d:f2:9d:b9:b8:c3:
                    cd:92:a6:d8:b8:2d:a5:5c:95:09:88:b7:92:3e:0c:
                    f0:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:D8:3F:70:B9:AD:A7:F0:8B:0F:6E:14:18:66:21:21:B3:F8:E7:91
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/D9g_cLmtp_CLD24UGGYhIbP455E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6f:a1:72:0e:74:2f:e1:02:3e:de:b4:34:68:89:0d:80:64:de:
         93:2a:2e:0e:26:5b:65:f7:f6:b6:9b:03:cb:9a:2f:d4:4b:37:
         22:0c:29:c2:38:56:fb:68:ef:e2:fa:74:af:29:02:6d:21:f4:
         5b:cb:a0:c0:ef:53:67:95:e6:c3:ea:9a:b6:12:58:da:a7:78:
         f6:69:b7:c6:c2:48:4a:49:a9:1f:6c:a1:a9:ad:f2:d2:b7:89:
         d2:df:89:eb:d0:5f:58:aa:f0:cf:09:a9:ee:79:bb:09:76:1b:
         f7:ea:c6:ec:74:e9:9e:0f:96:f1:70:cc:89:6e:ec:e3:1e:82:
         53:ae:6f:4b:21:63:a4:47:3f:04:48:84:e9:cd:ff:68:58:1a:
         5d:6f:49:8e:dc:c7:64:6a:b9:71:cd:f1:bb:c7:62:f3:a5:4c:
         1e:b7:ef:e5:5f:43:d0:76:22:da:46:26:8c:af:4c:e4:47:98:
         1b:a0:c0:fe:7d:16:c3:1a:9c:5d:70:b3:23:29:75:11:65:d4:
         aa:84:3d:c4:02:92:d5:10:db:82:40:da:a5:6b:00:e5:7a:b7:
         b1:05:38:09:f1:0e:e8:5a:8c:80:2b:4d:41:f1:5c:45:84:5d:
         ed:86:7a:59:bb:21:47:9e:24:46:a0:a7:3a:41:d4:84:ef:a0:
         ed:1e:8d:bb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENCVL6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDU2YmNkNDI2ZmQ4N2NkNmY0MTQ3ZTEzMzIxNmQwMzExMmIxODFiMB4XDTIyMDEw
MTA5MDI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZkODNmNzBiOWFk
YTdmMDhiMGY2ZTE0MTg2NjIxMjFiM2Y4ZTc5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0diuo8a3E1neou1TPHJZ4RIrLRX80ix4IK8Akdf0FehCAv
8I435cLp6rIqdCFYN8lCNZPpxUoSTCGRK/57ZHvty11MpWIfswcyL4bxYPFrCGMF
40GsTKEjc1fkQAi1wVWuJANsK0emmTo4XsE1TsQSmC3+WMYCM8VBlwiaAoQPjpJu
yO6CUyyFVCdOhDQ4O4/gVV0fttspIitCgBiX/sK2cn0zKpd/8h7Tk1otojWnRGPj
XEuZh7tyr+AuECl0I2o1WwQa0z77yYQsNh2TJOhnaM0MB82uw76VCoLL+x4sS24F
JNgQ2Ca7TfKdubjDzZKm2LgtpVyVCYi3kj4M8L8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQP2D9wua2n8IsPbhQYZiEhs/jnkTAfBgNVHSMEGDAWgBQQVrzUJv2HzW9B
R+EzIW0DESsYGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VGYTgxQ2I5aDgxdlFVZmhNeUZ0QXhFckdCcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTZmNGU0LTY4YmItNDQ5Ni05MGM3LWFhODU5ZTE5MmIxNi8x
L0Q5Z19jTG10cF9DTEQyNFVHR1loSWJQNDU1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTZmNGU0LTY4YmItNDQ5Ni05MGM3LWFhODU5ZTE5MmIxNi8xL0VGYTgxQ2I5aDgx
dlFVZmhNeUZ0QXhFckdCcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlEf9DANBgkqhkiG9w0BAQsFAAOC
AQEAb6FyDnQv4QI+3rQ0aIkNgGTekyouDiZbZff2tpsDy5ov1Es3IgwpwjhW+2jv
4vp0rykCbSH0W8ugwO9TZ5Xmw+qathJY2qd49mm3xsJISkmpH2yhqa3y0reJ0t+J
69BfWKrwzwmp7nm7CXYb9+rG7HTpng+W8XDMiW7s4x6CU65vSyFjpEc/BEiE6c3/
aFgaXW9JjtzHZGq5cc3xu8di86VMHrfv5V9D0HYi2kYmjK9M5EeYG6DA/n0Wwxqc
XXCzIyl1EWXUqoQ9xAKS1RDbgkDapWsA5Xq3sQU4CfEO6FqMgCtNQfFcRYRd7YZ6
WbshR54kRqCnOkHUhO+g7R6Nuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org