Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/16kx7TR-njq899ENghXJTiRLTG4.roa
File:                     16kx7TR-njq899ENghXJTiRLTG4.roa (raw, json)
Hash identifier:          HDLj99Wug4PadUFVEjwPNmfvYBLGYXtEajKXj0WgP1E=
Subject key identifier:   D7:A9:31:ED:34:7E:9E:3A:BC:F7:D1:0D:82:15:C9:4E:24:4B:4C:6E
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A4F3070
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/16kx7TR-njq899ENghXJTiRLTG4.roa
Signing time:             Sat 01 Jan 2022 14:56:26 +0000
ROA not before:           Sat 01 Jan 2022 14:56:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58224
IP address blocks:        46.209.40.0/22 maxlen: 22
                          5.160.154.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 978268272 (0x3a4f3070)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d7a931ed347e9e3abcf7d10d8215c94e244b4c6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:e9:c4:f8:d1:d7:1d:b2:a2:f2:f5:16:e0:f2:
                    70:4a:7b:32:f4:84:2a:ca:03:96:a8:d8:71:4f:f0:
                    c4:e1:95:e0:96:4b:70:9c:5e:f7:08:ba:68:16:bb:
                    be:87:4f:2f:2d:3a:b3:13:90:25:14:02:36:b0:36:
                    ba:d0:9b:ef:4e:71:cc:3c:f3:87:6e:fe:f9:8f:3a:
                    fc:1e:d9:c2:48:47:8b:8b:51:0f:5d:dd:a8:cd:62:
                    8d:28:75:69:da:38:ba:60:92:2a:af:b2:1b:77:b6:
                    c1:33:63:a8:8c:72:22:ba:fd:38:04:a6:ad:61:c4:
                    8a:3c:91:f9:ff:78:dc:a1:8a:67:5f:50:08:2a:64:
                    73:77:53:34:9f:ab:64:d6:32:c0:bb:cc:dc:24:5f:
                    84:16:3c:9e:48:63:37:d0:40:30:c3:72:66:8a:c7:
                    f9:57:02:2e:4f:4b:45:11:12:10:5f:98:e1:7b:33:
                    c2:ac:5c:c0:94:37:ba:23:5f:c6:d5:53:43:be:52:
                    9c:ed:da:c0:9f:fb:35:8b:de:24:eb:72:a1:d5:a6:
                    08:97:71:83:84:77:ff:85:7a:d9:a9:c0:6d:14:66:
                    38:fd:41:56:d3:1a:bf:48:10:31:91:9f:ee:e6:07:
                    1a:ba:e1:11:d1:6d:67:c7:d8:9e:0b:22:50:41:13:
                    cc:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:A9:31:ED:34:7E:9E:3A:BC:F7:D1:0D:82:15:C9:4E:24:4B:4C:6E
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/16kx7TR-njq899ENghXJTiRLTG4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.154.0/23
                  46.209.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8f:8c:c4:a2:3a:33:21:0b:ee:1c:05:d5:06:e7:0d:25:2a:cf:
         d4:96:cb:fc:b2:15:f9:04:a8:a3:3c:dc:60:32:58:7e:e7:e7:
         e3:4f:f6:3d:3c:11:52:e4:58:5c:4a:68:7a:ec:4b:31:24:2f:
         c6:ff:08:ca:74:c5:69:c0:df:a6:f2:14:bb:f6:a4:e3:4f:30:
         52:d9:0c:0e:44:f1:e3:96:64:af:75:08:cf:3b:58:25:b5:27:
         8c:ca:94:be:0f:d5:4d:72:b8:d2:c9:96:ad:ec:22:af:19:b0:
         01:6c:e8:54:d5:40:34:65:5f:1a:31:47:5f:17:1e:d7:40:41:
         f2:8a:c7:f4:af:8a:e6:69:62:31:6a:26:83:71:1b:81:a4:0d:
         37:43:5c:d6:fd:02:e7:c7:73:04:c4:09:4f:a8:0f:78:c6:a6:
         1b:27:3b:0f:f9:df:d0:10:9b:22:a4:4b:23:2f:51:0e:a4:0e:
         f0:bd:35:63:04:67:12:60:a1:94:e1:5e:bd:39:af:82:d2:f7:
         62:9b:65:72:18:8f:c4:5b:89:05:23:6d:c5:a7:2b:44:2e:f0:
         ae:bf:a8:8c:cd:ed:de:8f:20:81:a2:0b:7f:0c:e4:a6:15:54:
         dd:e3:f6:06:50:d6:b7:bf:da:fa:8d:61:c2:80:f5:ed:a9:5d:
         ab:7f:d6:a6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOk8wcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDdhOTMxZWQzNDdl
OWUzYWJjZjdkMTBkODIxNWM5NGUyNDRiNGM2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvpxPjR1x2yovL1FuDycEp7MvSEKsoDlqjYcU/wxOGV4JZL
cJxe9wi6aBa7vodPLy06sxOQJRQCNrA2utCb705xzDzzh27++Y86/B7ZwkhHi4tR
D13dqM1ijSh1ado4umCSKq+yG3e2wTNjqIxyIrr9OASmrWHEijyR+f943KGKZ19Q
CCpkc3dTNJ+rZNYywLvM3CRfhBY8nkhjN9BAMMNyZorH+VcCLk9LRRESEF+Y4Xsz
wqxcwJQ3uiNfxtVTQ75SnO3awJ/7NYveJOtyodWmCJdxg4R3/4V62anAbRRmOP1B
VtMav0gQMZGf7uYHGrrhEdFtZ8fYngsiUEETzBcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTXqTHtNH6eOrz30Q2CFclOJEtMbjAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
LzE2a3g3VFItbmpxODk5RU5naFhKVGlSTFRHNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAQWgmgMEAi7RKDANBgkqhkiG9w0B
AQsFAAOCAQEAj4zEojozIQvuHAXVBucNJSrP1JbL/LIV+QSoozzcYDJYfufn40/2
PTwRUuRYXEpoeuxLMSQvxv8IynTFacDfpvIUu/ak408wUtkMDkTx45Zkr3UIzztY
JbUnjMqUvg/VTXK40smWrewirxmwAWzoVNVANGVfGjFHXxce10BB8orH9K+K5mli
MWomg3EbgaQNN0Nc1v0C58dzBMQJT6gPeMamGyc7D/nf0BCbIqRLIy9RDqQO8L01
YwRnEmChlOFevTmvgtL3YptlchiPxFuJBSNtxacrRC7wrr+ojM3t3o8ggaILfwzk
phVU3eP2BlDWt7/a+o1hwoD17aldq3/Wpg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org