Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/_mvQb5eDiPer3nm7RJrMGlPGzw0.roa
File:                     _mvQb5eDiPer3nm7RJrMGlPGzw0.roa (raw, json)
Hash identifier:          mM/NPVU45EcDjytTVd00gXCeU6XQz/ysH3kXr1MUbB0=
Subject key identifier:   FE:6B:D0:6F:97:83:88:F7:AB:DE:79:BB:44:9A:CC:1A:53:C6:CF:0D
Certificate issuer:       /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial:       07B2C988
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/_mvQb5eDiPer3nm7RJrMGlPGzw0.roa
Signing time:             Thu 10 Mar 2022 12:49:10 +0000
ROA not before:           Thu 10 Mar 2022 12:49:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8330
IP address blocks:        91.198.81.0/24 maxlen: 24
                          193.203.5.0/24 maxlen: 24
                          5.57.88.0/21 maxlen: 21
                          195.35.120.0/24 maxlen: 24
                          2001:7f8:17::/48 maxlen: 48
                          2a00:eb20:abcd::/48 maxlen: 48
                          2a00:eb20::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129157512 (0x7b2c988)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
        Validity
            Not Before: Mar 10 12:49:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fe6bd06f978388f7abde79bb449acc1a53c6cf0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:41:53:6c:09:b1:47:5a:3e:d9:8f:fb:e2:eb:
                    c3:de:d7:b6:a1:ac:c0:a8:6c:54:93:34:8c:84:3a:
                    8c:65:76:a3:4e:4b:35:cf:9c:be:f9:b2:5b:d3:4e:
                    6f:a1:09:a6:5e:d2:1f:1e:b5:fd:64:a2:a3:10:a6:
                    d5:03:52:60:af:9f:9d:2b:f4:95:7e:7e:df:91:f4:
                    1d:e5:60:9b:a6:08:aa:f4:18:85:a1:8c:57:04:52:
                    79:fe:70:3b:a2:d1:40:f8:99:fc:e0:d9:33:d3:08:
                    26:70:1c:11:55:57:a9:ae:49:52:f0:a2:f1:18:58:
                    27:46:c5:38:f9:43:35:3b:19:5e:f8:32:6d:e2:68:
                    e9:12:64:d0:f3:b7:07:72:2f:97:c9:9d:31:3a:26:
                    52:cc:a5:61:de:eb:c7:bf:0a:ef:2a:d6:e0:a8:15:
                    5b:24:99:25:90:8e:64:f0:cf:0e:c0:ad:2b:ae:5b:
                    98:a1:3f:0a:bf:09:06:53:cc:30:69:3f:9c:f8:8e:
                    39:be:66:1e:ad:29:a6:dd:08:21:f9:5b:1c:4c:42:
                    84:0e:3e:2b:30:45:b3:9f:82:65:8d:53:04:3b:95:
                    37:44:42:3e:cc:d2:4e:5e:9f:6c:91:a1:7b:b3:46:
                    2a:01:53:07:b1:49:0e:1d:04:d8:ad:a2:ec:47:21:
                    b9:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:6B:D0:6F:97:83:88:F7:AB:DE:79:BB:44:9A:CC:1A:53:C6:CF:0D
            X509v3 Authority Key Identifier:
                keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/_mvQb5eDiPer3nm7RJrMGlPGzw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.57.88.0/21
                  91.198.81.0/24
                  193.203.5.0/24
                  195.35.120.0/24
                IPv6:
                  2001:7f8:17::/48
                  2a00:eb20::/32

    Signature Algorithm: sha256WithRSAEncryption
         36:f8:89:cf:88:f7:27:e5:a1:f6:a1:a9:ad:8e:89:61:4f:ba:
         55:a2:35:ce:ea:b5:3d:94:25:85:96:6f:68:91:1b:19:a2:c7:
         2d:14:93:4f:93:1f:2f:f6:7d:e1:32:c8:37:17:d0:3e:c1:0b:
         c4:dd:f3:01:2f:9d:3a:14:8c:20:68:02:b7:01:62:7d:20:94:
         5d:28:1d:27:c5:55:8d:1d:28:21:e5:41:4f:53:f8:2e:19:04:
         71:3b:e5:78:b0:21:09:51:fa:ac:c5:6b:df:a7:ca:84:a7:82:
         10:79:b4:8a:76:89:e9:42:15:f4:96:1e:7a:3d:57:f1:f8:53:
         8a:8c:df:21:55:d9:b4:5f:ee:bd:84:98:b3:0e:44:f0:fb:9f:
         b1:ab:9c:a1:f6:85:81:eb:f7:fe:2b:0e:39:52:80:1f:ed:1e:
         33:9d:3b:42:05:4e:af:84:a1:b7:6a:82:48:f7:45:3f:d6:87:
         d5:b0:21:c2:72:2a:02:0f:db:d8:14:4c:8e:9b:6f:28:5c:33:
         c2:4b:f2:de:7a:e0:f9:c1:cf:90:e1:c6:93:e0:44:97:fa:0c:
         0e:8e:aa:9d:65:5c:b2:eb:4e:99:f1:8e:12:5d:a0:ba:25:e7:
         d5:ba:00:aa:d3:b1:3a:63:42:e8:e1:3d:96:a8:f5:78:59:da:
         73:67:a6:46
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEB7LJiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZThkMDdiNDVmN2Q4MzEyNGM5ZjhjMGZhYzAzYmVjMDI0NjhiMzdlMB4XDTIyMDMx
MDEyNDkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmU2YmQwNmY5Nzgz
ODhmN2FiZGU3OWJiNDQ5YWNjMWE1M2M2Y2YwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJBU2wJsUdaPtmP++Lrw97XtqGswKhsVJM0jIQ6jGV2o05L
Nc+cvvmyW9NOb6EJpl7SHx61/WSioxCm1QNSYK+fnSv0lX5+35H0HeVgm6YIqvQY
haGMVwRSef5wO6LRQPiZ/ODZM9MIJnAcEVVXqa5JUvCi8RhYJ0bFOPlDNTsZXvgy
beJo6RJk0PO3B3Ivl8mdMTomUsylYd7rx78K7yrW4KgVWySZJZCOZPDPDsCtK65b
mKE/Cr8JBlPMMGk/nPiOOb5mHq0ppt0IIflbHExChA4+KzBFs5+CZY1TBDuVN0RC
PszSTl6fbJGhe7NGKgFTB7FJDh0E2K2i7EchueMCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBT+a9Bvl4OI96veebtEmswaU8bPDTAfBgNVHSMEGDAWgBRejQe0X32DEkyf
jA+sA77AJGizfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hvMEh0Rjk5Z3hKTW40d1ByQU8td0NSb3MzNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvYTE2OGU5LWQwNzAtNDRlMC05NGE0LTZjOGZkODRiYjVmNS8x
L19tdlFiNWVEaVBlcjNubTdSSnJNR2xQR3p3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
YTE2OGU5LWQwNzAtNDRlMC05NGE0LTZjOGZkODRiYjVmNS8xL1hvMEh0Rjk5Z3hK
TW40d1ByQU8td0NSb3MzNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwHgQCAAEwGAMEAwU5WAMEAFvGUQMEAMHLBQMEAMMj
eDAWBAIAAjAQAwcAIAEH+AAXAwUAKgDrIDANBgkqhkiG9w0BAQsFAAOCAQEANviJ
z4j3J+Wh9qGprY6JYU+6VaI1zuq1PZQlhZZvaJEbGaLHLRSTT5MfL/Z94TLINxfQ
PsELxN3zAS+dOhSMIGgCtwFifSCUXSgdJ8VVjR0oIeVBT1P4LhkEcTvleLAhCVH6
rMVr36fKhKeCEHm0inaJ6UIV9JYeej1X8fhTiozfIVXZtF/uvYSYsw5E8Pufsauc
ofaFgev3/isOOVKAH+0eM507QgVOr4Sht2qCSPdFP9aH1bAhwnIqAg/b2BRMjptv
KFwzwkvy3nrg+cHPkOHGk+BEl/oMDo6qnWVcsutOmfGOEl2guiXn1boAqtOxOmNC
6OE9lqj1eFnac2emRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:16 2024 by rpki-client on console-ams.rpki-client.org