Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/Z4e04r7esRyP4Cw1V7PaDrNPXrw.roa
File:                     Z4e04r7esRyP4Cw1V7PaDrNPXrw.roa (raw, json)
Hash identifier:          uE33MX0y55Qt/LeB04S6DDvelclaXhz4XwnZqGIdTBE=
Subject key identifier:   67:87:B4:E2:BE:DE:B1:1C:8F:E0:2C:35:57:B3:DA:0E:B3:4F:5E:BC
Certificate issuer:       /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial:       01F42024
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/Z4e04r7esRyP4Cw1V7PaDrNPXrw.roa
Signing time:             Sat 01 Jan 2022 11:59:31 +0000
ROA not before:           Sat 01 Jan 2022 11:59:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6461
IP address blocks:        5.182.120.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32776228 (0x1f42024)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
        Validity
            Not Before: Jan  1 11:59:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6787b4e2bedeb11c8fe02c3557b3da0eb34f5ebc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:8e:2e:45:57:f1:d8:5f:f1:f6:79:67:c8:bb:
                    78:81:a7:89:7d:60:5e:4b:6c:75:2d:80:29:9e:ae:
                    4e:84:61:cb:aa:a0:07:c2:b3:a5:da:59:fe:ba:2f:
                    fa:55:81:b3:34:52:54:63:f5:70:27:38:96:4c:74:
                    57:fa:ce:be:a7:29:9a:13:ff:6b:56:b6:82:d0:0b:
                    98:23:4e:a7:09:12:d2:c8:1d:3e:be:76:e5:72:89:
                    95:f1:38:4f:aa:94:6d:93:0e:ca:2f:05:17:4a:b3:
                    78:24:03:5c:40:75:22:3d:e8:50:b7:1f:e2:5c:4a:
                    62:16:1c:e0:d3:64:04:71:10:32:52:20:8d:a9:57:
                    b2:e3:bc:08:6e:ad:04:59:df:9c:3a:72:02:6e:28:
                    75:53:f1:ad:34:0f:13:5c:78:b4:5c:94:28:62:d2:
                    c8:4c:f0:85:c8:5c:54:14:d3:96:15:2d:d1:c9:c4:
                    66:93:12:c2:7c:73:3b:fd:2c:89:65:f6:b4:53:5d:
                    8f:07:8c:a5:f4:60:e7:94:41:c3:1e:23:4f:4a:25:
                    e0:f6:d2:5d:04:ad:cb:08:fc:df:41:51:0b:f7:e9:
                    d6:9a:59:5d:bd:fb:da:79:f7:67:11:46:4b:60:91:
                    c0:0e:79:c4:e3:78:11:4e:1a:c3:63:55:53:92:63:
                    cf:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:87:B4:E2:BE:DE:B1:1C:8F:E0:2C:35:57:B3:DA:0E:B3:4F:5E:BC
            X509v3 Authority Key Identifier:
                keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/Z4e04r7esRyP4Cw1V7PaDrNPXrw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:b2:2b:82:65:c5:b8:c8:03:22:e1:68:8e:7f:00:ef:b2:25:
         d3:36:e4:80:03:ce:8e:08:01:f2:88:79:62:c4:28:38:24:ca:
         51:66:71:96:c0:20:e1:e0:50:8d:f0:9c:9a:25:ce:49:b9:62:
         14:4f:2e:ab:e4:4b:14:27:9e:cb:c0:c5:81:58:36:d3:8e:f1:
         67:2f:66:0c:18:0e:2e:f4:f2:ae:22:7c:d2:47:db:61:31:d0:
         37:0a:2d:33:04:ae:ea:48:04:4a:96:e0:31:52:1d:01:0a:87:
         e6:19:db:84:79:31:5f:c8:9a:7e:9b:a2:3f:d1:7e:59:dc:f2:
         60:22:1f:86:ac:19:a4:3b:d3:92:fd:a4:85:f0:80:c1:8d:12:
         bb:20:6a:74:16:03:d9:4a:77:00:f5:68:8d:0b:e7:20:53:29:
         29:48:d1:2e:79:86:17:b0:94:8d:55:d8:76:65:96:e7:cc:4c:
         76:eb:87:17:d6:ab:29:49:13:bd:f1:18:74:0c:e7:4b:e9:4c:
         5e:ae:5c:f5:b2:04:2c:a2:b2:c4:e8:bc:47:ff:51:e0:b2:cf:
         06:93:ac:71:5a:74:9f:a2:4b:50:d6:61:37:9b:03:b4:b4:86:
         f2:32:35:d2:e1:54:74:a4:b6:a9:19:f4:4b:bd:d6:e2:5a:9e:
         b1:61:ac:88
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAfQgJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzZkMGRhYjM0N2EzOGUyYjg3YjVhMjJhMmY3YzllMjFjMThjOWJjMB4XDTIyMDEw
MTExNTkzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc4N2I0ZTJiZWRl
YjExYzhmZTAyYzM1NTdiM2RhMGViMzRmNWViYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOKOLkVX8dhf8fZ5Z8i7eIGniX1gXktsdS2AKZ6uToRhy6qg
B8KzpdpZ/rov+lWBszRSVGP1cCc4lkx0V/rOvqcpmhP/a1a2gtALmCNOpwkS0sgd
Pr525XKJlfE4T6qUbZMOyi8FF0qzeCQDXEB1Ij3oULcf4lxKYhYc4NNkBHEQMlIg
jalXsuO8CG6tBFnfnDpyAm4odVPxrTQPE1x4tFyUKGLSyEzwhchcVBTTlhUt0cnE
ZpMSwnxzO/0siWX2tFNdjweMpfRg55RBwx4jT0ol4PbSXQStywj830FRC/fp1ppZ
Xb372nn3ZxFGS2CRwA55xON4EU4aw2NVU5Jjz+0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRnh7Tivt6xHI/gLDVXs9oOs09evDAfBgNVHSMEGDAWgBTnbQ2rNHo44rh7
WiKi98niHBjJvDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUyME5xelI2T09LNGUxb2lvdmZKNGh3WXlidy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvM2RiYjNkLWYzMjgtNGIyNy05NWQ5LWJkM2JmYzk5YmRhOS8x
L1o0ZTA0cjdlc1J5UDRDdzFWN1BhRHJOUFhydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
M2RiYjNkLWYzMjgtNGIyNy05NWQ5LWJkM2JmYzk5YmRhOS8xLzUyME5xelI2T09L
NGUxb2lvdmZKNGh3WXlidy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgW2eDANBgkqhkiG9w0BAQsFAAOC
AQEAAbIrgmXFuMgDIuFojn8A77Il0zbkgAPOjggB8oh5YsQoOCTKUWZxlsAg4eBQ
jfCcmiXOSbliFE8uq+RLFCeey8DFgVg2047xZy9mDBgOLvTyriJ80kfbYTHQNwot
MwSu6kgESpbgMVIdAQqH5hnbhHkxX8iafpuiP9F+WdzyYCIfhqwZpDvTkv2khfCA
wY0SuyBqdBYD2Up3APVojQvnIFMpKUjRLnmGF7CUjVXYdmWW58xMduuHF9arKUkT
vfEYdAznS+lMXq5c9bIELKKyxOi8R/9R4LLPBpOscVp0n6JLUNZhN5sDtLSG8jI1
0uFUdKS2qRn0S73W4lqesWGsiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:01 2024 by rpki-client on console-fra.rpki-client.org