Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/UnlM4UP4fq4jDpneJ_DJdNLwe_w.roa
File:                     UnlM4UP4fq4jDpneJ_DJdNLwe_w.roa (raw, json)
Hash identifier:          Ko/MybDO9jZHskBKN9fbSf2RO7QJIv9ZOYGkgba4EV0=
Subject key identifier:   52:79:4C:E1:43:F8:7E:AE:23:0E:99:DE:27:F0:C9:74:D2:F0:7B:FC
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       389AF682
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/UnlM4UP4fq4jDpneJ_DJdNLwe_w.roa
Signing time:             Tue 17 May 2022 05:21:31 +0000
ROA not before:           Tue 17 May 2022 05:21:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40968
IP address blocks:        213.222.33.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 949679746 (0x389af682)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: May 17 05:21:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=52794ce143f87eae230e99de27f0c974d2f07bfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:b2:89:0a:31:69:cc:43:af:93:31:40:c2:25:
                    d1:ff:75:49:71:a8:f7:83:62:34:b1:7b:4a:25:9e:
                    33:14:6b:4e:d5:c6:8e:bc:54:68:cc:b3:ab:49:24:
                    06:33:0e:a4:f2:dd:a4:b4:7f:6e:9e:78:d3:c5:42:
                    ca:2c:8b:40:41:b5:0e:a3:98:02:ca:27:93:e5:3f:
                    0e:d1:06:33:91:fb:13:f8:d4:d9:32:a1:7a:df:0a:
                    22:07:32:85:b1:de:60:da:34:56:b5:83:9d:48:e0:
                    64:d8:98:2f:1b:95:ea:84:89:a6:01:c9:01:66:4a:
                    d3:0e:e4:04:f8:4b:c5:ca:6c:87:95:01:5b:89:ea:
                    24:82:25:db:16:49:6c:b5:ff:30:87:5b:99:d1:93:
                    98:d4:10:a0:fb:3d:b0:99:c0:d7:85:13:32:35:96:
                    21:42:fc:2a:e8:76:22:9d:a2:0e:4b:79:17:55:7e:
                    b1:66:9e:da:96:95:79:03:49:2c:97:4d:db:f7:3d:
                    cd:ae:60:c4:05:55:e6:29:d9:67:be:26:52:c4:31:
                    40:c1:73:41:46:30:06:79:80:23:56:6b:b8:5f:7e:
                    e8:63:fe:69:4c:ab:f5:94:25:37:29:58:40:8b:66:
                    a3:79:26:5e:8c:02:31:bd:43:5b:91:81:79:66:7a:
                    3a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:79:4C:E1:43:F8:7E:AE:23:0E:99:DE:27:F0:C9:74:D2:F0:7B:FC
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/UnlM4UP4fq4jDpneJ_DJdNLwe_w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.222.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:d8:3c:f0:22:99:be:a7:c6:a6:1b:09:bb:73:1d:d2:a7:47:
         91:d7:74:1f:5f:e9:02:a8:60:28:9a:f1:33:38:bc:0d:98:eb:
         f3:7c:e6:e2:23:c1:62:23:1e:8b:b8:e7:b2:cb:72:7e:94:0b:
         d6:22:a2:ae:fb:2c:7c:a5:ff:dd:4a:d6:6e:1c:f2:9e:01:72:
         65:10:43:fb:5e:16:9a:74:5b:d6:62:00:c3:c9:47:c2:a1:b1:
         65:25:e2:fa:82:d9:f5:81:c5:98:9d:61:f2:fa:fa:ad:7c:e9:
         7f:96:cb:59:c0:2c:75:3b:71:7e:3b:d9:33:26:1a:c9:68:05:
         2f:91:03:dd:3d:d8:56:9c:45:b4:b0:c4:42:ec:a4:05:ca:01:
         15:41:a1:5a:f4:b4:55:2c:a3:70:b3:7a:6d:db:64:1e:35:fc:
         cc:51:5e:69:38:7e:d8:4c:c2:82:4b:5b:ed:96:eb:5b:e0:e4:
         1f:6e:b5:d4:23:61:5f:df:97:18:1c:2b:cc:ad:3a:9d:44:f1:
         8e:78:4f:a7:d0:69:0c:30:6c:da:ab:b4:6b:0f:1f:1d:49:4e:
         45:de:c7:25:9f:b5:3b:af:5e:8f:56:03:25:ec:62:2f:9f:40:
         c4:56:f4:6d:aa:3e:39:8e:eb:23:46:e8:d7:5d:3e:23:77:65:
         ad:65:63:c4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOJr2gjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
NzA1MjEzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI3OTRjZTE0M2Y4
N2VhZTIzMGU5OWRlMjdmMGM5NzRkMmYwN2JmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqyiQoxacxDr5MxQMIl0f91SXGo94NiNLF7SiWeMxRrTtXG
jrxUaMyzq0kkBjMOpPLdpLR/bp5408VCyiyLQEG1DqOYAsonk+U/DtEGM5H7E/jU
2TKhet8KIgcyhbHeYNo0VrWDnUjgZNiYLxuV6oSJpgHJAWZK0w7kBPhLxcpsh5UB
W4nqJIIl2xZJbLX/MIdbmdGTmNQQoPs9sJnA14UTMjWWIUL8Kuh2Ip2iDkt5F1V+
sWae2paVeQNJLJdN2/c9za5gxAVV5inZZ74mUsQxQMFzQUYwBnmAI1ZruF9+6GP+
aUyr9ZQlNylYQItmo3kmXowCMb1DW5GBeWZ6OoECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRSeUzhQ/h+riMOmd4n8Ml00vB7/DAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
L1VubE00VVA0ZnE0akRwbmVKX0RKZE5Md2Vfdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRt
S0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXeITANBgkqhkiG9w0BAQsFAAOC
AQEAUNg88CKZvqfGphsJu3Md0qdHkdd0H1/pAqhgKJrxMzi8DZjr83zm4iPBYiMe
i7jnsstyfpQL1iKirvssfKX/3UrWbhzyngFyZRBD+14WmnRb1mIAw8lHwqGxZSXi
+oLZ9YHFmJ1h8vr6rXzpf5bLWcAsdTtxfjvZMyYayWgFL5ED3T3YVpxFtLDEQuyk
BcoBFUGhWvS0VSyjcLN6bdtkHjX8zFFeaTh+2EzCgktb7ZbrW+DkH2611CNhX9+X
GBwrzK06nUTxjnhPp9BpDDBs2qu0aw8fHUlORd7HJZ+1O69ej1YDJexiL59AxFb0
bao+OY7rI0bo110+I3dlrWVjxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:52 2024 by rpki-client on console-ams.rpki-client.org