Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/kFpTH3sm162z676nPn4IcWxkZuo.roa
File:                     kFpTH3sm162z676nPn4IcWxkZuo.roa (raw, json)
Hash identifier:          1Cd4CMWgyWcWfTRD01CHa9WCMduRSHMlh+GHHC6cQpw=
Subject key identifier:   90:5A:53:1F:7B:26:D7:AD:B3:EB:BE:A7:3E:7E:08:71:6C:64:66:EA
Certificate issuer:       /CN=71602627679a4980b70d8ade578f14192fafeb95
Certificate serial:       06132966
Authority key identifier: 71:60:26:27:67:9A:49:80:B7:0D:8A:DE:57:8F:14:19:2F:AF:EB:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cWAmJ2eaSYC3DYreV48UGS-v65U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/kFpTH3sm162z676nPn4IcWxkZuo.roa
Signing time:             Sat 01 Jan 2022 04:53:13 +0000
ROA not before:           Sat 01 Jan 2022 04:53:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209593
IP address blocks:        141.98.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 101919078 (0x6132966)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71602627679a4980b70d8ade578f14192fafeb95
        Validity
            Not Before: Jan  1 04:53:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=905a531f7b26d7adb3ebbea73e7e08716c6466ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:f3:4c:92:05:ca:3e:cc:a5:05:67:ef:7c:70:
                    32:40:92:00:66:ba:1a:34:23:94:08:ea:26:79:8c:
                    e7:25:37:33:24:cb:b0:e7:86:74:81:3a:76:c1:8f:
                    8a:2b:e6:6b:6d:6e:72:e6:3e:c7:f6:3e:29:b3:c1:
                    d6:78:cf:97:0b:78:aa:16:fd:7b:df:08:f0:c1:4e:
                    c3:46:29:e1:da:70:4c:1c:e2:e6:40:8f:b3:2d:6b:
                    ca:83:b7:33:3b:85:69:8b:c0:d6:5b:b9:9d:be:c3:
                    62:31:81:f4:71:73:04:90:cf:5a:6c:03:45:8b:bc:
                    af:d9:cd:4d:91:2b:0d:15:b6:c0:e2:50:c5:28:59:
                    ee:51:cf:78:38:32:a5:af:4a:df:a7:bc:9f:b2:0a:
                    69:f0:92:9a:c9:88:8b:5a:cd:fc:d5:df:12:f8:f0:
                    16:4b:22:bc:32:c3:ff:2c:9b:77:8a:36:88:69:1d:
                    d7:f6:6c:21:c4:28:b8:8f:3f:17:19:29:65:1b:56:
                    2b:59:89:96:2f:73:b3:0e:3e:d4:6c:d5:8e:4d:c0:
                    b2:4a:2d:e6:2a:83:a2:df:12:c8:3d:03:0c:01:ae:
                    5d:82:54:4c:cd:e8:08:c9:96:a1:c6:94:a9:3e:88:
                    c8:32:bb:7b:54:8e:3d:6c:11:4c:de:67:51:83:68:
                    d6:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:5A:53:1F:7B:26:D7:AD:B3:EB:BE:A7:3E:7E:08:71:6C:64:66:EA
            X509v3 Authority Key Identifier:
                keyid:71:60:26:27:67:9A:49:80:B7:0D:8A:DE:57:8F:14:19:2F:AF:EB:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWAmJ2eaSYC3DYreV48UGS-v65U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/kFpTH3sm162z676nPn4IcWxkZuo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/cWAmJ2eaSYC3DYreV48UGS-v65U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.98.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:1b:ed:0a:9e:66:32:cc:7c:53:2d:bc:b1:4d:dd:15:1e:4d:
         90:59:10:17:65:80:0e:c1:02:26:f2:d0:c2:0a:6f:fe:b3:06:
         5b:fc:dd:e8:fd:1c:a3:00:62:e1:a2:10:3a:03:02:e3:2d:8b:
         9a:e4:3f:46:25:3c:60:22:92:77:cd:83:83:e1:37:30:e6:d1:
         a6:94:ae:8e:9c:8d:d5:93:c4:82:57:23:8e:f5:29:36:9d:d5:
         11:4e:25:60:df:da:7c:87:a2:5f:8d:01:83:94:cb:0a:ba:5d:
         93:e3:4c:5b:b0:a1:15:07:c4:4c:16:d3:f7:1a:34:6c:f3:42:
         17:89:0e:7a:30:31:df:82:8b:4c:b7:8a:97:08:fa:be:88:10:
         42:4b:ec:6d:45:7c:53:da:35:46:03:eb:38:cb:d0:83:d4:99:
         3a:e1:06:27:8f:09:eb:4e:02:55:b7:79:a6:77:4c:b3:83:72:
         67:a5:e2:03:29:32:eb:c9:84:fe:73:da:fa:a6:f6:88:82:c8:
         2d:d9:1d:f0:61:ef:a0:ea:90:75:7f:c5:75:8a:4f:bf:1a:18:
         55:48:99:7c:6b:ef:20:b5:39:c7:90:1e:1c:21:1b:e3:80:c5:
         97:2e:5f:b1:95:49:23:5a:98:58:e9:30:60:86:b3:f8:6e:98:
         d3:38:b9:8a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBhMpZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MTYwMjYyNzY3OWE0OTgwYjcwZDhhZGU1NzhmMTQxOTJmYWZlYjk1MB4XDTIyMDEw
MTA0NTMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA1YTUzMWY3YjI2
ZDdhZGIzZWJiZWE3M2U3ZTA4NzE2YzY0NjZlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAObzTJIFyj7MpQVn73xwMkCSAGa6GjQjlAjqJnmM5yU3MyTL
sOeGdIE6dsGPiivma21ucuY+x/Y+KbPB1njPlwt4qhb9e98I8MFOw0Yp4dpwTBzi
5kCPsy1ryoO3MzuFaYvA1lu5nb7DYjGB9HFzBJDPWmwDRYu8r9nNTZErDRW2wOJQ
xShZ7lHPeDgypa9K36e8n7IKafCSmsmIi1rN/NXfEvjwFksivDLD/yybd4o2iGkd
1/ZsIcQouI8/FxkpZRtWK1mJli9zsw4+1GzVjk3Askot5iqDot8SyD0DDAGuXYJU
TM3oCMmWocaUqT6IyDK7e1SOPWwRTN5nUYNo1icCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSQWlMfeybXrbPrvqc+fghxbGRm6jAfBgNVHSMEGDAWgBRxYCYnZ5pJgLcN
it5XjxQZL6/rlTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NXQW1KMmVhU1lDM0RZcmVWNDhVR1MtdjY1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMjZiNGUyLWNhYTAtNDhhMy04MTE3LTdkNTkzMDMzZDAwNS8x
L2tGcFRIM3NtMTYyejY3Nm5QbjRJY1d4a1p1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MjZiNGUyLWNhYTAtNDhhMy04MTE3LTdkNTkzMDMzZDAwNS8xL2NXQW1KMmVhU1lD
M0RZcmVWNDhVR1MtdjY1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI1ibDANBgkqhkiG9w0BAQsFAAOC
AQEAjBvtCp5mMsx8Uy28sU3dFR5NkFkQF2WADsECJvLQwgpv/rMGW/zd6P0cowBi
4aIQOgMC4y2LmuQ/RiU8YCKSd82Dg+E3MObRppSujpyN1ZPEglcjjvUpNp3VEU4l
YN/afIeiX40Bg5TLCrpdk+NMW7ChFQfETBbT9xo0bPNCF4kOejAx34KLTLeKlwj6
vogQQkvsbUV8U9o1RgPrOMvQg9SZOuEGJ48J604CVbd5pndMs4NyZ6XiAyky68mE
/nPa+qb2iILILdkd8GHvoOqQdX/FdYpPvxoYVUiZfGvvILU5x5AeHCEb44DFly5f
sZVJI1qYWOkwYIaz+G6Y0zi5ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:36 2024 by rpki-client on console-ams.rpki-client.org