Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/UXTb3Zawwe3HzArOMmYe4f3ptS4.roa
File:                     UXTb3Zawwe3HzArOMmYe4f3ptS4.roa (raw, json)
Hash identifier:          yg8S8NNl5YvNkhaHBD2IxqoR2bFeB4nHOPHl10p90gs=
Subject key identifier:   51:74:DB:DD:96:B0:C1:ED:C7:CC:0A:CE:32:66:1E:E1:FD:E9:B5:2E
Certificate issuer:       /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial:       01F393A2
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/UXTb3Zawwe3HzArOMmYe4f3ptS4.roa
Signing time:             Sat 01 Jan 2022 11:59:30 +0000
ROA not before:           Sat 01 Jan 2022 11:59:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3356
IP address blocks:        5.182.120.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32740258 (0x1f393a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
        Validity
            Not Before: Jan  1 11:59:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5174dbdd96b0c1edc7cc0ace32661ee1fde9b52e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:43:6d:0a:d6:dd:66:3a:a1:c7:6a:6d:eb:f5:
                    1a:d0:69:6e:30:a4:52:f6:40:b7:b2:05:d9:28:45:
                    2d:68:b4:2b:84:08:a9:b5:4d:cc:a8:bf:1a:90:42:
                    07:e8:20:56:33:b4:ce:1b:89:d7:69:cb:1a:5d:5b:
                    28:9c:73:a8:55:5a:3c:e9:fa:05:b5:06:7c:af:f2:
                    a4:d1:31:1f:d5:c6:88:5e:30:44:7b:3d:4f:12:9f:
                    56:3d:5c:e2:fb:e4:47:24:4b:a2:38:f4:73:37:2e:
                    72:75:32:ff:f1:cd:34:1c:ab:c1:19:cb:05:9a:72:
                    78:fe:b5:04:6f:6e:ab:74:ea:a4:be:c8:c5:c0:71:
                    fd:31:9d:d4:b5:df:81:17:40:87:e9:72:93:bb:c7:
                    f5:26:4b:35:c0:4d:8a:80:96:52:a0:59:1a:0b:86:
                    df:14:58:90:b1:78:12:d4:de:48:c0:2a:7a:90:e2:
                    27:e2:c0:77:01:a1:5f:6c:89:14:bd:28:85:54:6e:
                    a9:69:af:22:ee:e8:28:94:54:b3:63:47:dd:df:4a:
                    09:e8:fa:e8:98:45:d0:ab:bd:1e:5f:1f:00:10:81:
                    7e:77:9f:9b:77:2e:0c:50:44:2a:3a:04:60:6d:4c:
                    df:23:90:ef:d1:c4:f9:8c:30:15:6e:c9:e2:a1:f6:
                    29:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:74:DB:DD:96:B0:C1:ED:C7:CC:0A:CE:32:66:1E:E1:FD:E9:B5:2E
            X509v3 Authority Key Identifier:
                keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/UXTb3Zawwe3HzArOMmYe4f3ptS4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:81:f9:d4:76:47:69:c6:3c:51:c4:59:d4:fa:4e:8a:18:a5:
         21:c9:f5:c0:a8:7d:9f:2b:28:78:8f:25:18:a8:5e:af:79:03:
         ac:f1:ca:51:f7:46:ed:1c:3c:f0:2c:69:e1:9a:9a:53:70:0f:
         a0:21:2c:26:24:f4:4c:55:b0:91:2d:23:6e:37:ec:84:07:28:
         a5:9a:21:89:c4:65:56:bd:78:1d:e3:fe:c5:18:5e:21:b0:9f:
         53:16:31:26:e6:7d:54:ad:83:2a:f1:7a:a8:12:81:2c:2d:e1:
         2b:51:d4:44:2e:03:a8:fe:8a:83:e8:bd:81:c0:29:24:d3:b3:
         28:69:83:48:39:cc:a0:f5:1a:04:2e:1b:ca:1d:a6:d7:f3:cf:
         2e:34:9c:e7:93:a4:32:b5:a8:c1:1c:04:db:aa:93:50:92:d3:
         b3:de:b7:50:db:6e:cb:65:9c:2e:2f:64:9e:ac:ed:56:5e:62:
         9b:1d:31:a2:88:0b:d2:34:74:20:4c:55:5a:ef:36:72:2d:2f:
         5e:13:2a:2c:a2:99:7f:c6:67:5c:39:40:df:9a:09:d2:a1:72:
         ba:20:6a:7d:a6:d4:bb:32:c0:d8:d4:43:59:28:37:0b:f2:ea:
         ee:00:9c:52:2b:d2:7d:e1:78:c3:e6:1a:91:0d:b0:c2:46:6c:
         61:ca:dd:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAfOTojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzZkMGRhYjM0N2EzOGUyYjg3YjVhMjJhMmY3YzllMjFjMThjOWJjMB4XDTIyMDEw
MTExNTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTE3NGRiZGQ5NmIw
YzFlZGM3Y2MwYWNlMzI2NjFlZTFmZGU5YjUyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVDbQrW3WY6ocdqbev1GtBpbjCkUvZAt7IF2ShFLWi0K4QI
qbVNzKi/GpBCB+ggVjO0zhuJ12nLGl1bKJxzqFVaPOn6BbUGfK/ypNExH9XGiF4w
RHs9TxKfVj1c4vvkRyRLojj0czcucnUy//HNNByrwRnLBZpyeP61BG9uq3TqpL7I
xcBx/TGd1LXfgRdAh+lyk7vH9SZLNcBNioCWUqBZGguG3xRYkLF4EtTeSMAqepDi
J+LAdwGhX2yJFL0ohVRuqWmvIu7oKJRUs2NH3d9KCej66JhF0Ku9Hl8fABCBfnef
m3cuDFBEKjoEYG1M3yOQ79HE+YwwFW7J4qH2KVcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRRdNvdlrDB7cfMCs4yZh7h/em1LjAfBgNVHSMEGDAWgBTnbQ2rNHo44rh7
WiKi98niHBjJvDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUyME5xelI2T09LNGUxb2lvdmZKNGh3WXlidy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvM2RiYjNkLWYzMjgtNGIyNy05NWQ5LWJkM2JmYzk5YmRhOS8x
L1VYVGIzWmF3d2UzSHpBck9NbVllNGYzcHRTNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
M2RiYjNkLWYzMjgtNGIyNy05NWQ5LWJkM2JmYzk5YmRhOS8xLzUyME5xelI2T09L
NGUxb2lvdmZKNGh3WXlidy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgW2eDANBgkqhkiG9w0BAQsFAAOC
AQEAnIH51HZHacY8UcRZ1PpOihilIcn1wKh9nysoeI8lGKher3kDrPHKUfdG7Rw8
8Cxp4ZqaU3APoCEsJiT0TFWwkS0jbjfshAcopZohicRlVr14HeP+xRheIbCfUxYx
JuZ9VK2DKvF6qBKBLC3hK1HURC4DqP6Kg+i9gcApJNOzKGmDSDnMoPUaBC4byh2m
1/PPLjSc55OkMrWowRwE26qTUJLTs963UNtuy2WcLi9knqztVl5imx0xoogL0jR0
IExVWu82ci0vXhMqLKKZf8ZnXDlA35oJ0qFyuiBqfabUuzLA2NRDWSg3C/Lq7gCc
UivSfeF4w+YakQ2wwkZsYcrd5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:01 2024 by rpki-client on console-fra.rpki-client.org