Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/SL1BI8wm5DThpMN_8PUAyCENUcM.roa
File:                     SL1BI8wm5DThpMN_8PUAyCENUcM.roa (raw, json)
Hash identifier:          ieiy24EmuKtDb4VRa/PRnNo3Iuiug0krL6AXUoSlJhk=
Subject key identifier:   48:BD:41:23:CC:26:E4:34:E1:A4:C3:7F:F0:F5:00:C8:21:0D:51:C3
Certificate issuer:       /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial:       027E8453
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/SL1BI8wm5DThpMN_8PUAyCENUcM.roa
Signing time:             Wed 16 Feb 2022 23:45:28 +0000
ROA not before:           Wed 16 Feb 2022 23:45:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56716
IP address blocks:        31.129.236.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 41845843 (0x27e8453)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
        Validity
            Not Before: Feb 16 23:45:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48bd4123cc26e434e1a4c37ff0f500c8210d51c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:80:39:98:dc:6b:6a:eb:29:35:35:29:4a:6a:
                    46:86:6e:0e:bf:3a:b1:73:6a:e1:f0:fd:27:e9:35:
                    86:f4:17:07:24:fc:d9:cd:6a:68:ed:c8:66:36:72:
                    65:93:90:f0:fa:77:05:2d:2f:20:60:b3:9e:f2:93:
                    7a:c8:0e:57:8b:7d:b9:e5:de:aa:b5:c8:a0:a3:bc:
                    51:88:dd:08:b8:dd:5c:a9:0d:27:82:33:e1:73:94:
                    0b:75:9b:a4:1c:00:b6:89:16:ad:b8:b1:4c:54:44:
                    b1:af:a5:7e:62:b6:de:6e:99:70:4d:41:9b:f7:c9:
                    8f:4e:04:f0:37:15:40:49:6f:a3:8d:2d:c1:0a:52:
                    26:bf:5a:34:65:95:6b:71:d9:15:f5:e9:15:54:10:
                    89:b0:b3:e7:ae:59:85:3e:42:b6:3e:de:18:a9:d7:
                    a7:e3:0e:59:bb:04:f3:1b:f8:29:95:d7:d4:45:7a:
                    0e:eb:6c:53:a0:85:b6:ad:af:3d:ec:37:f1:05:1a:
                    56:9f:44:85:48:25:da:83:34:30:c5:8f:8a:33:cc:
                    39:ee:f8:b8:3b:5a:0c:95:83:a6:74:4f:25:6c:ae:
                    ae:3f:b0:80:1f:a3:95:92:23:d0:6c:ba:5f:5d:03:
                    a0:f7:14:bb:76:91:e1:c7:37:6b:93:36:42:04:26:
                    da:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:BD:41:23:CC:26:E4:34:E1:A4:C3:7F:F0:F5:00:C8:21:0D:51:C3
            X509v3 Authority Key Identifier:
                keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/SL1BI8wm5DThpMN_8PUAyCENUcM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.129.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3b:9a:3e:42:30:d9:48:4b:29:28:f1:8d:ac:15:90:eb:68:8d:
         8f:e3:da:d4:d5:c9:83:63:af:5f:fc:94:1f:20:fe:52:0a:97:
         47:71:93:38:34:b8:93:54:f4:65:ba:47:a2:de:b9:b5:04:98:
         9e:90:7d:89:f3:3d:59:84:94:52:b6:72:b1:b2:e4:a4:ba:13:
         ec:2d:d5:e1:43:83:90:d4:2a:7b:08:a6:60:94:01:90:a7:32:
         a6:1b:0c:b5:84:69:8d:c6:b2:82:26:32:cb:5f:29:d6:d8:88:
         7a:e6:86:f8:23:d3:ae:b7:ac:95:8d:00:51:17:23:5d:b5:82:
         62:8d:29:4e:64:5f:5c:73:3d:71:24:ca:cc:e0:23:ab:c2:f0:
         e4:b4:93:bf:9f:e0:a0:1d:32:55:3b:20:67:f5:19:38:94:27:
         7f:89:8b:4f:e3:2a:51:03:8e:a2:64:d2:fa:7f:60:51:52:68:
         41:c6:cd:40:40:27:1b:97:f7:74:de:6d:83:6d:16:26:cb:eb:
         c6:e6:8e:0e:42:1a:87:8c:97:ff:f9:eb:78:cc:23:fb:02:6c:
         79:7d:c0:59:00:50:4b:2b:d7:7e:c1:92:0b:b9:b1:98:f4:a3:
         5c:36:6a:d9:7f:7a:03:b2:69:76:3d:45:46:85:e8:a0:2e:0c:
         c2:5d:8c:be
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAn6EUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDQ0YzdjM2FkMzRiNjk3N2ZhMThhMjIzN2NhMzA2YjliZWUwOGUwMB4XDTIyMDIx
NjIzNDUyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDhiZDQxMjNjYzI2
ZTQzNGUxYTRjMzdmZjBmNTAwYzgyMTBkNTFjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIiAOZjca2rrKTU1KUpqRoZuDr86sXNq4fD9J+k1hvQXByT8
2c1qaO3IZjZyZZOQ8Pp3BS0vIGCznvKTesgOV4t9ueXeqrXIoKO8UYjdCLjdXKkN
J4Iz4XOUC3WbpBwAtokWrbixTFREsa+lfmK23m6ZcE1Bm/fJj04E8DcVQElvo40t
wQpSJr9aNGWVa3HZFfXpFVQQibCz565ZhT5Ctj7eGKnXp+MOWbsE8xv4KZXX1EV6
DutsU6CFtq2vPew38QUaVp9EhUgl2oM0MMWPijPMOe74uDtaDJWDpnRPJWyurj+w
gB+jlZIj0Gy6X10DoPcUu3aR4cc3a5M2QgQm2iUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRIvUEjzCbkNOGkw3/w9QDIIQ1RwzAfBgNVHSMEGDAWgBRERMfDrTS2l3+h
iiI3yjBrm+4I4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JFVEh3NjAwdHBkX29Zb2lOOG93YTV2dUNPQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvYzljOWZjLTU4NjQtNDE0ZS1hZTJhLTg2M2M5YjNkMzJiMC8x
L1NMMUJJOHdtNURUaHBNTl84UFVBeUNFTlVjTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
YzljOWZjLTU4NjQtNDE0ZS1hZTJhLTg2M2M5YjNkMzJiMC8xL1JFVEh3NjAwdHBk
X29Zb2lOOG93YTV2dUNPQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAh+B7DANBgkqhkiG9w0BAQsFAAOC
AQEAO5o+QjDZSEspKPGNrBWQ62iNj+Pa1NXJg2OvX/yUHyD+UgqXR3GTODS4k1T0
ZbpHot65tQSYnpB9ifM9WYSUUrZysbLkpLoT7C3V4UODkNQqewimYJQBkKcyphsM
tYRpjcaygiYyy18p1tiIeuaG+CPTrreslY0AURcjXbWCYo0pTmRfXHM9cSTKzOAj
q8Lw5LSTv5/goB0yVTsgZ/UZOJQnf4mLT+MqUQOOomTS+n9gUVJoQcbNQEAnG5f3
dN5tg20WJsvrxuaODkIah4yX//nreMwj+wJseX3AWQBQSyvXfsGSC7mxmPSjXDZq
2X96A7Jpdj1FRoXooC4Mwl2Mvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:57 2024 by rpki-client on console-ams.rpki-client.org