Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/PE_Q2vx4NCYu6U3SQ7UnmZFjM2Y.roa
File:                     PE_Q2vx4NCYu6U3SQ7UnmZFjM2Y.roa (raw, json)
Hash identifier:          Jncnfew4Pw3lw74Du+LEY0K8MDxpMpUnwH14uAK3tEU=
Subject key identifier:   3C:4F:D0:DA:FC:78:34:26:2E:E9:4D:D2:43:B5:27:99:91:63:33:66
Certificate issuer:       /CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Certificate serial:       5DDB44
Authority key identifier: 2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/PE_Q2vx4NCYu6U3SQ7UnmZFjM2Y.roa
Signing time:             Thu 24 Mar 2022 12:43:12 +0000
ROA not before:           Thu 24 Mar 2022 12:43:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        217.117.71.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6150980 (0x5ddb44)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
        Validity
            Not Before: Mar 24 12:43:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c4fd0dafc7834262ee94dd243b5279991633366
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:a2:0c:09:4f:87:82:ce:0c:64:e3:70:17:a0:
                    08:a1:cf:15:14:f9:bf:42:ee:98:84:ff:c7:32:38:
                    7c:15:b3:bf:f9:c9:a8:8a:f7:5f:09:bb:98:53:1e:
                    78:fc:66:33:63:26:89:cb:c8:fd:1c:f1:59:a7:55:
                    ee:fc:9c:44:10:79:a7:9f:f1:7c:9c:c4:32:1c:3c:
                    5e:32:3e:55:8d:41:29:da:2d:34:63:b8:d9:e2:92:
                    9d:56:7f:d4:f5:fc:b0:5b:7b:59:f6:9b:f9:1f:33:
                    7d:5a:6f:8d:2b:35:92:92:b2:66:f4:8a:da:89:ee:
                    33:ff:f9:d3:f3:9c:4e:e4:cc:c6:5a:17:3f:13:b8:
                    00:5a:4a:af:4e:0c:b6:80:5d:b5:45:24:3a:f1:25:
                    05:97:94:f1:ef:26:3d:0a:a5:e6:44:9a:a4:a1:de:
                    78:d1:9e:83:83:d7:c9:61:d3:e3:0c:25:7f:67:ad:
                    11:af:b1:25:ac:f1:44:7a:c5:12:d9:2c:6f:20:5b:
                    35:4c:cf:55:07:cd:c5:f3:4c:25:db:42:f2:15:7f:
                    65:b8:c9:85:7b:0c:93:12:12:26:2f:34:94:13:7e:
                    c0:b8:df:bc:f7:40:52:b0:22:ba:7f:09:2f:0c:58:
                    04:6d:59:e6:78:36:44:48:72:14:43:f1:76:48:cd:
                    59:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:4F:D0:DA:FC:78:34:26:2E:E9:4D:D2:43:B5:27:99:91:63:33:66
            X509v3 Authority Key Identifier:
                keyid:2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/PE_Q2vx4NCYu6U3SQ7UnmZFjM2Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.117.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:24:31:86:e2:25:d7:a1:76:25:b1:5b:5a:30:95:c1:95:c8:
         54:c9:15:e5:23:e3:54:2a:28:61:a4:b5:7b:bc:df:a0:12:60:
         04:2d:3b:48:83:77:12:2d:90:c0:a2:f3:04:2a:cb:70:1e:02:
         b7:8c:bf:44:e4:b0:0d:81:c8:81:e1:a5:c2:18:6c:3f:be:0e:
         1e:c2:b9:fb:26:93:bb:a1:6d:1c:09:b9:61:99:b4:98:d2:06:
         7b:8f:21:63:97:c4:07:5a:0d:64:9f:3a:6a:2c:73:e3:76:69:
         2e:88:ff:c5:5e:04:3b:25:d6:9d:63:36:c0:3c:5c:1a:0c:56:
         3b:cd:d3:4b:92:2d:44:61:29:3c:5c:51:11:df:ea:1e:5e:ca:
         af:cb:7a:aa:b8:5c:04:f2:24:d4:e1:75:8a:ae:e0:ab:16:92:
         61:b9:dc:da:c5:c3:c9:e8:44:ba:85:59:da:76:69:e7:7e:9f:
         8e:1f:1c:f4:0b:f1:32:e8:07:f7:56:ef:a1:54:46:01:8c:e0:
         9f:ea:43:25:56:56:9e:a4:6f:45:bb:29:a5:a7:47:6c:e4:f4:
         c1:2e:d3:25:23:7c:0d:ea:fe:e1:eb:e6:e8:02:63:44:d0:b5:
         6d:fc:4f:5c:68:26:55:15:89:e0:6e:98:33:cc:f0:cc:4f:39:
         65:c4:cf:ef
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDXdtEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJh
Y2UyMTA5MGVlNGQ3ODY3NzQxMzQyM2RjYjJmZTAxYTZlMWM2MjIwHhcNMjIwMzI0
MTI0MzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYzRmZDBkYWZjNzgz
NDI2MmVlOTRkZDI0M2I1Mjc5OTkxNjMzMzY2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzqIMCU+Hgs4MZONwF6AIoc8VFPm/Qu6YhP/HMjh8FbO/+cmo
ivdfCbuYUx54/GYzYyaJy8j9HPFZp1Xu/JxEEHmnn/F8nMQyHDxeMj5VjUEp2i00
Y7jZ4pKdVn/U9fywW3tZ9pv5HzN9Wm+NKzWSkrJm9Iraie4z//nT85xO5MzGWhc/
E7gAWkqvTgy2gF21RSQ68SUFl5Tx7yY9CqXmRJqkod540Z6Dg9fJYdPjDCV/Z60R
r7ElrPFEesUS2SxvIFs1TM9VB83F80wl20LyFX9luMmFewyTEhImLzSUE37AuN+8
90BSsCK6fwkvDFgEbVnmeDZESHIUQ/F2SM1ZOwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDxP0Nr8eDQmLulN0kO1J5mRYzNmMB8GA1UdIwQYMBaAFCrOIQkO5NeGd0E0
I9yy/gGm4cYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRmLzEv
UEVfUTJ2eDROQ1l1NlUzU1E3VW5tWkZqTTJZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8y
OTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRmLzEvS3M0aENRN2sxNFoz
UVRRajNMTC1BYWJoeGlJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XVHMA0GCSqGSIb3DQEBCwUAA4IB
AQBqJDGG4iXXoXYlsVtaMJXBlchUyRXlI+NUKihhpLV7vN+gEmAELTtIg3cSLZDA
ovMEKstwHgK3jL9E5LANgciB4aXCGGw/vg4ewrn7JpO7oW0cCblhmbSY0gZ7jyFj
l8QHWg1knzpqLHPjdmkuiP/FXgQ7JdadYzbAPFwaDFY7zdNLki1EYSk8XFER3+oe
Xsqvy3qquFwE8iTU4XWKruCrFpJhudzaxcPJ6ES6hVnadmnnfp+OHxz0C/Ey6Af3
Vu+hVEYBjOCf6kMlVlaepG9Fuymlp0ds5PTBLtMlI3wN6v7h6+boAmNE0LVt/E9c
aCZVFYngbpgzzPDMTzllxM/v
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:49 2024 by rpki-client on console-ams.rpki-client.org