Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/23pJWQPT8qPjoISzkBoIHyF2hvA.roa
File:                     23pJWQPT8qPjoISzkBoIHyF2hvA.roa (raw, json)
Hash identifier:          gdDQxpIeZnqdOxQdv0TESEyJDZ7JC2KjqbreAI8RP1Q=
Subject key identifier:   DB:7A:49:59:03:D3:F2:A3:E3:A0:84:B3:90:1A:08:1F:21:76:86:F0
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A3F2A06
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/23pJWQPT8qPjoISzkBoIHyF2hvA.roa
Signing time:             Sat 01 Jan 2022 14:56:16 +0000
ROA not before:           Sat 01 Jan 2022 14:56:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25158
IP address blocks:        5.160.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 977218054 (0x3a3f2a06)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=db7a495903d3f2a3e3a084b3901a081f217686f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:d9:41:d1:ad:a2:28:18:b9:b7:29:42:c3:11:
                    36:46:93:b9:97:f7:07:ee:c6:9e:2f:19:02:b9:8f:
                    e7:02:81:bf:30:ce:31:85:5d:2d:29:b1:10:6e:a7:
                    b4:42:88:e1:34:f7:bb:79:04:12:9b:80:e2:ee:14:
                    fd:6d:56:36:7b:d1:42:a8:0e:33:be:5c:f8:ee:e3:
                    46:4f:1f:e1:f0:23:39:41:28:74:8a:23:4a:f1:61:
                    4b:ce:2e:fe:73:22:d1:2e:af:42:f6:2f:82:c4:9d:
                    ff:6f:9a:55:2e:07:29:68:8e:e3:ed:82:bd:58:e9:
                    95:ce:7b:cd:9d:ef:ed:67:e8:b2:d8:4d:8a:48:90:
                    e2:d5:6b:27:25:cd:d3:c9:59:a4:ca:cd:c3:86:b6:
                    8a:33:30:27:7d:25:db:8d:55:58:90:e1:a4:ad:53:
                    de:db:8f:a3:a9:85:d4:38:92:38:28:8a:57:b9:9b:
                    0f:3a:fe:f9:48:c3:14:41:ca:c8:a4:8e:58:05:23:
                    f1:d2:2e:79:c1:54:f0:a5:c2:f1:5f:d5:59:04:f1:
                    b4:43:37:3b:e7:1b:a4:ea:dd:60:5e:fb:a9:8a:22:
                    af:cf:c6:5a:55:a1:59:6e:2d:8c:34:aa:15:f5:41:
                    fa:2a:ad:e0:fd:3f:ce:6b:d1:5b:70:18:8b:c9:24:
                    c7:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:7A:49:59:03:D3:F2:A3:E3:A0:84:B3:90:1A:08:1F:21:76:86:F0
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/23pJWQPT8qPjoISzkBoIHyF2hvA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:a6:c4:63:c5:30:b8:f9:9a:d2:ff:40:d6:89:57:14:59:b9:
         43:ad:73:d6:9b:17:49:fc:4b:62:dd:ae:ec:26:a4:ca:28:d8:
         c3:85:dc:81:82:d8:4e:0c:37:57:b4:88:28:b6:aa:6b:a1:91:
         b1:3d:21:3c:09:2b:a0:d6:67:22:b2:65:bd:37:39:d5:f7:55:
         a6:4d:9a:5c:d6:d3:02:28:ac:a6:59:d3:d9:fb:ac:29:dd:a7:
         93:3e:e5:9d:d3:0e:b2:09:de:8c:7b:2f:6f:c2:8d:47:64:23:
         fe:68:a8:cd:ea:9e:df:95:41:72:df:e5:87:ce:d9:82:52:8e:
         f7:79:8e:a7:14:ec:26:7a:e2:4f:1f:9c:cd:b3:fe:00:c1:95:
         55:59:ba:ef:cc:0c:5e:1c:4d:eb:23:7b:c5:d4:1c:c4:19:91:
         e4:55:ae:69:aa:91:d8:62:c5:fd:b4:22:0b:2c:85:e8:02:90:
         27:01:35:29:f7:87:d5:11:17:de:f6:dd:7d:64:83:51:58:3d:
         b1:b9:27:ff:01:2a:2f:25:1c:1c:53:15:ce:65:80:7f:bd:0b:
         7f:ab:dd:18:17:24:a8:88:48:e5:d0:e0:41:c1:34:c0:c7:53:
         b4:82:78:8c:8b:9b:1b:90:42:52:da:fa:5e:20:b4:be:de:73:
         54:da:06:83
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOj8qBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI3YTQ5NTkwM2Qz
ZjJhM2UzYTA4NGIzOTAxYTA4MWYyMTc2ODZmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTZQdGtoigYubcpQsMRNkaTuZf3B+7Gni8ZArmP5wKBvzDO
MYVdLSmxEG6ntEKI4TT3u3kEEpuA4u4U/W1WNnvRQqgOM75c+O7jRk8f4fAjOUEo
dIojSvFhS84u/nMi0S6vQvYvgsSd/2+aVS4HKWiO4+2CvVjplc57zZ3v7WfosthN
ikiQ4tVrJyXN08lZpMrNw4a2ijMwJ30l241VWJDhpK1T3tuPo6mF1DiSOCiKV7mb
Dzr++UjDFEHKyKSOWAUj8dIuecFU8KXC8V/VWQTxtEM3O+cbpOrdYF77qYoir8/G
WlWhWW4tjDSqFfVB+iqt4P0/zmvRW3AYi8kkxyECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTbeklZA9Pyo+OghLOQGggfIXaG8DAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
LzIzcEpXUVBUOHFQam9JU3prQm9JSHlGMmh2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWgnDANBgkqhkiG9w0BAQsFAAOC
AQEANabEY8UwuPma0v9A1olXFFm5Q61z1psXSfxLYt2u7CakyijYw4XcgYLYTgw3
V7SIKLaqa6GRsT0hPAkroNZnIrJlvTc51fdVpk2aXNbTAiisplnT2fusKd2nkz7l
ndMOsgnejHsvb8KNR2Qj/miozeqe35VBct/lh87ZglKO93mOpxTsJnriTx+czbP+
AMGVVVm678wMXhxN6yN7xdQcxBmR5FWuaaqR2GLF/bQiCyyF6AKQJwE1KfeH1REX
3vbdfWSDUVg9sbkn/wEqLyUcHFMVzmWAf70Lf6vdGBckqIhI5dDgQcE0wMdTtIJ4
jIubG5BCUtr6XiC0vt5zVNoGgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org