Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/L5tFWNfxtsBmIBXPD9pLZnD2CyM.roa
File:                     L5tFWNfxtsBmIBXPD9pLZnD2CyM.roa (raw, json)
Hash identifier:          2D6F0eS8y3AxnuS99Ufyoz8nJcXih74h3+jnL+izcG0=
Subject key identifier:   2F:9B:45:58:D7:F1:B6:C0:66:20:15:CF:0F:DA:4B:66:70:F6:0B:23
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       01851FDD4D224A9CB789BF08847609DE6643
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/L5tFWNfxtsBmIBXPD9pLZnD2CyM.roa
Signing time:             Sat 17 Dec 2022 11:34:34 +0000
ROA not before:           Sat 17 Dec 2022 11:34:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59441
IP address blocks:        213.176.28.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1f:dd:4d:22:4a:9c:b7:89:bf:08:84:76:09:de:66:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Dec 17 11:34:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2f9b4558d7f1b6c0662015cf0fda4b6670f60b23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1e:70:34:36:cd:91:cc:25:01:66:ec:85:12:
                    5b:7a:82:67:5d:e7:df:3b:d6:90:5c:60:d8:f1:b0:
                    65:6f:ee:7d:34:41:e8:87:87:d3:8b:27:c2:0a:cc:
                    28:5d:d5:f9:3d:66:fa:a8:ed:22:ca:3d:1e:40:eb:
                    5f:c0:38:a0:f1:fb:f8:91:65:3a:0e:c5:f4:cc:d5:
                    c6:2a:51:24:3e:1f:33:72:5e:4a:d4:68:e4:36:1f:
                    0e:aa:75:b8:04:34:e5:e3:42:0f:b4:3d:d5:f1:cd:
                    2f:cd:e9:9a:47:9e:f5:09:54:35:9f:36:9b:4b:bd:
                    67:81:05:24:26:ae:6f:be:f2:c0:02:33:11:9e:d4:
                    2d:c7:e5:95:6e:0a:06:e8:b0:33:50:cd:d9:ef:f9:
                    e1:cd:d0:b4:a7:d1:7a:d2:0f:48:a6:b1:a8:84:18:
                    da:60:cd:15:ca:a3:e1:f4:23:49:ca:d7:74:aa:37:
                    2c:bc:8b:f8:f9:f8:8a:26:89:80:7e:7e:e9:a8:03:
                    56:80:70:48:3a:e3:54:b1:72:be:00:30:91:21:41:
                    ab:62:45:b4:7d:b9:9a:a0:8c:cc:09:00:d7:51:23:
                    d6:56:59:8b:51:fc:66:93:d2:8b:c0:c1:90:4a:b9:
                    22:d6:5b:3d:70:69:a6:de:aa:b1:c9:7f:5a:98:4b:
                    91:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:9B:45:58:D7:F1:B6:C0:66:20:15:CF:0F:DA:4B:66:70:F6:0B:23
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/L5tFWNfxtsBmIBXPD9pLZnD2CyM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.176.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c0:bd:eb:71:c1:61:4b:5a:85:e1:fc:a5:e1:a8:3f:f7:5a:1c:
         b4:b0:6a:d9:e3:29:f6:14:7d:24:33:a5:4b:02:5a:9f:0b:04:
         62:d5:8b:6e:75:34:e6:6e:33:74:62:41:2c:bc:94:d9:ff:38:
         36:ef:9c:a1:84:14:23:d8:d5:1c:de:5a:3a:8a:30:3e:fc:fd:
         9a:2f:16:dc:68:96:8e:e3:92:8b:7b:d4:78:33:7f:7c:c1:cc:
         02:9a:7a:66:c3:bd:43:33:67:66:7b:f6:85:e1:73:f4:d9:49:
         50:db:56:2d:11:e6:7c:9e:6a:38:21:50:d2:e4:1a:c4:a0:7b:
         21:69:9c:38:0f:8c:45:b5:80:f8:c8:fb:2a:36:e6:81:78:b9:
         7a:ad:7c:b2:46:a3:39:64:cb:a8:54:75:ab:d8:04:2e:eb:94:
         41:d3:5f:8f:57:61:e1:73:aa:ee:b1:12:20:a7:33:e5:fc:ed:
         12:e1:36:ef:9d:e0:2b:9f:29:7b:c8:33:ed:7d:d2:95:e7:14:
         ee:a0:07:ff:21:1c:d5:b0:a2:d9:20:52:1d:01:dc:6e:14:e5:
         fc:0c:50:27:2b:6d:67:d5:51:64:20:c8:b6:84:21:6d:fd:7b:
         9f:5e:e2:e4:17:45:3c:05:45:87:ff:eb:1d:f6:91:2d:a0:c4:
         37:e4:86:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUf3U0iSpy3ib8IhHYJ3mZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIxMjE3MTEzNDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjliNDU1OGQ3ZjFiNmMwNjYyMDE1Y2YwZmRhNGI2NjcwZjYwYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB5wNDbNkcwlAWbshRJbeoJnXeff
O9aQXGDY8bBlb+59NEHoh4fTiyfCCswoXdX5PWb6qO0iyj0eQOtfwDig8fv4kWU6
DsX0zNXGKlEkPh8zcl5K1GjkNh8OqnW4BDTl40IPtD3V8c0vzemaR571CVQ1nzab
S71ngQUkJq5vvvLAAjMRntQtx+WVbgoG6LAzUM3Z7/nhzdC0p9F60g9IprGohBja
YM0VyqPh9CNJytd0qjcsvIv4+fiKJomAfn7pqANWgHBIOuNUsXK+ADCRIUGrYkW0
fbmaoIzMCQDXUSPWVlmLUfxmk9KLwMGQSrki1ls9cGmm3qqxyX9amEuRBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC+bRVjX8bbAZiAVzw/aS2Zw9gsjMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvTDV0RldOZnh0c0JtSUJYUEQ5cExabkQyQ3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1bAcMA0G
CSqGSIb3DQEBCwUAA4IBAQDAvetxwWFLWoXh/KXhqD/3Why0sGrZ4yn2FH0kM6VL
AlqfCwRi1YtudTTmbjN0YkEsvJTZ/zg275yhhBQj2NUc3lo6ijA+/P2aLxbcaJaO
45KLe9R4M398wcwCmnpmw71DM2dme/aF4XP02UlQ21YtEeZ8nmo4IVDS5BrEoHsh
aZw4D4xFtYD4yPsqNuaBeLl6rXyyRqM5ZMuoVHWr2AQu65RB01+PV2Hhc6rusRIg
pzPl/O0S4TbvneArnyl7yDPtfdKV5xTuoAf/IRzVsKLZIFIdAdxuFOX8DFAnK21n
1VFkIMi2hCFt/XufXuLkF0U8BUWH/+sd9pEtoMQ35IYp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org