Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/uMQqsqISqmiq65ytuny83Csm5Hw.roa
File:                     uMQqsqISqmiq65ytuny83Csm5Hw.roa (raw, json)
Hash identifier:          ytKfQNTm3BowDx4BSEbYzPYj9en9GUUkKLdO/7ifojM=
Subject key identifier:   B8:C4:2A:B2:A2:12:AA:68:AA:EB:9C:AD:BA:7C:BC:DC:2B:26:E4:7C
Certificate issuer:       /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial:       1C94926A
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/uMQqsqISqmiq65ytuny83Csm5Hw.roa
Signing time:             Tue 17 May 2022 15:00:10 +0000
ROA not before:           Tue 17 May 2022 15:00:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199575
IP address blocks:        31.172.163.0/24 maxlen: 24
                          212.18.246.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 479498858 (0x1c94926a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
        Validity
            Not Before: May 17 15:00:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b8c42ab2a212aa68aaeb9cadba7cbcdc2b26e47c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:19:a7:e0:39:0d:69:5d:4e:07:3a:ee:4d:b9:
                    08:44:32:7f:d3:98:b5:bc:af:42:ed:9a:de:84:88:
                    39:c5:8c:2a:17:8a:dc:d4:7d:d6:1e:91:96:61:50:
                    60:57:9d:52:f1:1e:ec:56:65:b3:64:56:0e:c2:23:
                    54:51:f2:7b:5d:9c:95:17:2d:fc:e0:e7:61:f4:98:
                    be:82:a6:cf:60:d6:51:85:2b:a5:09:c0:82:b8:0b:
                    e9:60:31:ce:fa:9c:90:91:06:cd:6e:a0:bc:0e:4f:
                    d2:09:1d:08:62:2c:e7:73:ef:fe:ac:82:07:b4:51:
                    e8:a2:aa:93:d1:6d:dd:41:8d:99:91:52:4e:c5:9c:
                    a9:80:51:56:a0:3d:6c:67:75:20:a9:2c:ff:58:c3:
                    b6:b4:56:a8:f7:58:e1:17:1f:84:3a:b6:0d:01:a1:
                    c8:32:c9:63:08:08:7f:d8:eb:ad:61:f4:22:dc:03:
                    9c:7b:88:0d:af:18:bc:e1:65:74:e8:06:43:8d:18:
                    c3:f2:4b:8a:4a:bb:af:45:cf:22:9e:17:1c:89:b3:
                    dd:92:dd:e5:d5:d6:30:a4:ce:3f:2c:c4:05:f0:fb:
                    b7:4c:23:1d:4b:28:e7:6a:8b:6b:91:c9:45:0d:01:
                    b1:2e:88:34:de:e1:ed:f5:88:1c:da:8c:a9:e7:ea:
                    ec:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:C4:2A:B2:A2:12:AA:68:AA:EB:9C:AD:BA:7C:BC:DC:2B:26:E4:7C
            X509v3 Authority Key Identifier:
                keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/uMQqsqISqmiq65ytuny83Csm5Hw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.172.163.0/24
                  212.18.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:10:3f:82:c4:26:60:e4:4e:61:73:24:ab:29:13:90:fa:fc:
         46:3c:bf:64:c0:6c:18:da:07:15:32:a3:44:36:65:15:09:49:
         a9:59:6c:e4:d1:ff:cf:ea:2b:4b:ac:15:3c:76:df:0a:d1:40:
         f7:d1:03:97:d9:e5:61:51:50:7e:4e:dc:bb:9f:b3:2f:7e:2c:
         86:c9:11:0b:0d:0b:ff:50:e3:25:50:38:86:f8:32:7b:4c:ec:
         cd:c2:a5:37:49:33:08:22:a3:f7:0b:0a:9d:5d:07:c4:fb:2c:
         57:44:bb:57:5e:77:e5:9a:57:53:73:60:fe:56:d9:f6:a0:a7:
         66:a4:d9:b1:bd:0c:c9:e5:3c:ed:b7:af:e0:ec:56:7d:06:d5:
         af:32:8b:e8:af:2c:a0:5d:e1:85:22:d9:e9:7b:83:80:7d:ea:
         dd:0c:61:0e:98:19:fa:82:64:a1:ed:1e:d2:61:32:c5:ca:ad:
         3c:67:dd:4c:0b:f2:ad:6f:4e:ee:a3:4c:84:cf:15:f1:99:a9:
         23:4e:6a:29:3c:16:d1:af:0d:71:e2:dd:11:24:59:02:74:b0:
         1f:a0:83:43:a2:d2:25:14:b3:61:95:0b:db:8a:0a:eb:da:5c:
         e7:31:5e:98:de:a5:d3:34:18:ee:07:56:3c:fe:18:f7:6c:42:
         04:eb:09:c9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEHJSSajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTA5ZWUzZDYxODk3NGRhMGNiZDgwNWEyZGE4MDQxMGE0OTg5ODgxMB4XDTIyMDUx
NzE1MDAxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhjNDJhYjJhMjEy
YWE2OGFhZWI5Y2FkYmE3Y2JjZGMyYjI2ZTQ3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcZp+A5DWldTgc67k25CEQyf9OYtbyvQu2a3oSIOcWMKheK
3NR91h6RlmFQYFedUvEe7FZls2RWDsIjVFHye12clRct/ODnYfSYvoKmz2DWUYUr
pQnAgrgL6WAxzvqckJEGzW6gvA5P0gkdCGIs53Pv/qyCB7RR6KKqk9Ft3UGNmZFS
TsWcqYBRVqA9bGd1IKks/1jDtrRWqPdY4RcfhDq2DQGhyDLJYwgIf9jrrWH0ItwD
nHuIDa8YvOFldOgGQ40Yw/JLikq7r0XPIp4XHImz3ZLd5dXWMKTOPyzEBfD7t0wj
HUso52qLa5HJRQ0BsS6INN7h7fWIHNqMqefq7PcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS4xCqyohKqaKrrnK26fLzcKybkfDAfBgNVHSMEGDAWgBTpCe49YYl02gy9
gFotqAQQpJiYgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZRbnVQV0dKZE5vTXZZQmFMYWdFRUtTWW1JRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvMmI1ZjVmLWJiOTYtNGIzMS04YTZhLWRkMTE1ZjllMzMwMS8x
L3VNUXFzcUlTcW1pcTY1eXR1bnk4M0NzbTVIdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
MmI1ZjVmLWJiOTYtNGIzMS04YTZhLWRkMTE1ZjllMzMwMS8xLzZRbnVQV0dKZE5v
TXZZQmFMYWdFRUtTWW1JRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAB+sowMEANQS9jANBgkqhkiG9w0B
AQsFAAOCAQEAohA/gsQmYOROYXMkqykTkPr8Rjy/ZMBsGNoHFTKjRDZlFQlJqVls
5NH/z+orS6wVPHbfCtFA99EDl9nlYVFQfk7cu5+zL34shskRCw0L/1DjJVA4hvgy
e0zszcKlN0kzCCKj9wsKnV0HxPssV0S7V1535ZpXU3Ng/lbZ9qCnZqTZsb0MyeU8
7bev4OxWfQbVrzKL6K8soF3hhSLZ6XuDgH3q3QxhDpgZ+oJkoe0e0mEyxcqtPGfd
TAvyrW9O7qNMhM8V8ZmpI05qKTwW0a8NceLdESRZAnSwH6CDQ6LSJRSzYZUL24oK
69pc5zFemN6l0zQY7gdWPP4Y92xCBOsJyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:17 2024 by rpki-client on console-ams.rpki-client.org