Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/xDVnq6AA4hVVH32FkXMID_78IHs.roa
File:                     xDVnq6AA4hVVH32FkXMID_78IHs.roa (raw, json)
Hash identifier:          TIhDjkFxdC/7TwQhyfMC/GDZMev/qPgIAQqH7pum05o=
Subject key identifier:   C4:35:67:AB:A0:00:E2:15:55:1F:7D:85:91:73:08:0F:FE:FC:20:7B
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       48841A9E
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/xDVnq6AA4hVVH32FkXMID_78IHs.roa
Signing time:             Sat 01 Jan 2022 03:00:44 +0000
ROA not before:           Sat 01 Jan 2022 03:00:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211849
IP address blocks:        5.188.49.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1216617118 (0x48841a9e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jan  1 03:00:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c43567aba000e215551f7d859173080ffefc207b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:6b:65:7e:9b:64:63:48:eb:8a:b7:0a:50:aa:
                    fb:7f:64:63:7e:b6:d3:8c:8e:26:1d:35:6e:99:78:
                    c4:04:d7:d3:cc:13:34:8b:21:5a:83:d0:43:fe:7b:
                    26:80:51:90:47:5b:f1:f8:b0:18:98:e2:c7:84:99:
                    0c:5a:f3:a6:f9:b7:ae:94:f9:af:24:35:1a:0f:d0:
                    f1:fe:4e:55:bd:d0:23:4c:62:f5:96:b1:35:04:0d:
                    b6:49:c8:53:a2:41:13:37:5a:23:ed:ae:c6:3c:b0:
                    59:31:5f:09:c1:49:e9:c8:ad:1e:b4:b1:2d:ad:6c:
                    0d:eb:7e:cd:9a:3b:92:96:93:7f:84:f8:1b:aa:55:
                    41:1b:81:e2:5b:5c:9f:03:de:09:b0:e0:ed:08:33:
                    4c:5f:9c:db:7c:37:19:a2:7c:11:1b:7f:f7:f3:ae:
                    e9:22:30:d9:c4:8f:1c:93:2c:2f:16:07:34:93:a3:
                    57:cf:fa:6d:3e:c6:76:71:07:40:f7:95:4f:78:2f:
                    e9:7a:2b:52:e4:15:8e:5d:87:76:e5:16:33:69:4a:
                    13:b1:c1:dc:66:e4:55:8f:9d:c1:01:1b:9f:07:e7:
                    fb:cc:4f:ce:11:c4:ee:c9:19:a3:c4:18:99:5c:4b:
                    35:1d:8e:c3:2e:f3:56:37:a4:2d:af:f5:97:3e:4e:
                    16:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:35:67:AB:A0:00:E2:15:55:1F:7D:85:91:73:08:0F:FE:FC:20:7B
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/xDVnq6AA4hVVH32FkXMID_78IHs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.188.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:73:5f:1f:33:df:28:87:43:a6:d3:8e:7a:af:45:f8:20:6a:
         73:23:e0:2b:d8:97:93:37:7d:3b:14:b4:06:ba:44:75:60:f8:
         4e:75:ea:c7:2f:4b:d8:3b:17:77:8d:7f:00:51:a5:91:0d:26:
         8a:35:68:5b:32:15:10:2e:23:dc:13:92:b3:1b:d6:fe:57:06:
         08:5e:8e:c9:01:3c:5c:00:35:c0:89:2b:ac:18:7b:4e:eb:9c:
         76:b2:1c:0e:d5:f9:54:70:2e:a6:dd:f0:d6:4a:fa:12:de:d3:
         ef:2d:d1:12:dd:f0:d3:70:4e:99:1b:d6:61:cf:08:e4:27:6a:
         db:51:5d:aa:b7:ad:fb:14:11:63:e2:7a:74:d0:3e:2e:9c:70:
         fd:2d:25:2b:73:2d:00:a2:a0:07:8e:50:fa:5d:31:4a:dd:50:
         47:51:1f:68:6f:9c:77:7e:e5:5c:04:84:bd:f1:fa:48:8d:b2:
         5f:78:be:a7:aa:d2:cf:11:0c:3e:a7:91:49:bf:2c:64:b1:ff:
         d9:90:04:cb:3d:86:52:0b:c4:8f:9d:31:97:52:65:bb:17:66:
         35:32:1d:7a:9e:47:de:6c:2d:32:e4:66:9a:9b:a3:8a:55:60:
         98:a7:b4:a8:29:8a:68:9f:00:c2:ba:64:e0:19:c5:45:7d:32:
         79:b6:85:f0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIESIQanjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQzNTY3YWJhMDAw
ZTIxNTU1MWY3ZDg1OTE3MzA4MGZmZWZjMjA3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFrZX6bZGNI64q3ClCq+39kY36204yOJh01bpl4xATX08wT
NIshWoPQQ/57JoBRkEdb8fiwGJjix4SZDFrzpvm3rpT5ryQ1Gg/Q8f5OVb3QI0xi
9ZaxNQQNtknIU6JBEzdaI+2uxjywWTFfCcFJ6citHrSxLa1sDet+zZo7kpaTf4T4
G6pVQRuB4ltcnwPeCbDg7QgzTF+c23w3GaJ8ERt/9/Ou6SIw2cSPHJMsLxYHNJOj
V8/6bT7GdnEHQPeVT3gv6XorUuQVjl2HduUWM2lKE7HB3GbkVY+dwQEbnwfn+8xP
zhHE7skZo8QYmVxLNR2Owy7zVjekLa/1lz5OFrMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTENWeroADiFVUffYWRcwgP/vwgezAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L3hEVm5xNkFBNGhWVkgzMkZrWE1JRF83OElIcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW8MTANBgkqhkiG9w0BAQsFAAOC
AQEAunNfHzPfKIdDptOOeq9F+CBqcyPgK9iXkzd9OxS0BrpEdWD4TnXqxy9L2DsX
d41/AFGlkQ0mijVoWzIVEC4j3BOSsxvW/lcGCF6OyQE8XAA1wIkrrBh7TuucdrIc
DtX5VHAupt3w1kr6Et7T7y3REt3w03BOmRvWYc8I5Cdq21Fdqret+xQRY+J6dNA+
Lpxw/S0lK3MtAKKgB45Q+l0xSt1QR1EfaG+cd37lXASEvfH6SI2yX3i+p6rSzxEM
PqeRSb8sZLH/2ZAEyz2GUgvEj50xl1JluxdmNTIdep5H3mwtMuRmmpujilVgmKe0
qCmKaJ8Awrpk4BnFRX0yebaF8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:29 2024 by rpki-client on console-fra.rpki-client.org