Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/I21NAKvcGTpdR6F2okcNVffC6d4.roa
File:                     I21NAKvcGTpdR6F2okcNVffC6d4.roa (raw, json)
Hash identifier:          K2jHsXxU5NFkEqNDfhJR58xyCZxNh4tw9EA+smhQM8I=
Subject key identifier:   23:6D:4D:00:AB:DC:19:3A:5D:47:A1:76:A2:47:0D:55:F7:C2:E9:DE
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A482815
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/I21NAKvcGTpdR6F2okcNVffC6d4.roa
Signing time:             Sat 01 Jan 2022 14:56:20 +0000
ROA not before:           Sat 01 Jan 2022 14:56:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47990
IP address blocks:        5.160.196.0/23 maxlen: 23
                          5.160.240.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 977807381 (0x3a482815)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=236d4d00abdc193a5d47a176a2470d55f7c2e9de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:f7:84:62:a1:2c:db:aa:53:9c:5f:59:34:27:
                    d1:5d:d7:b3:ef:07:32:b8:37:fa:c4:19:10:84:c2:
                    c2:ad:95:2b:4f:da:7a:25:64:a6:9a:31:47:a1:d7:
                    f9:6b:64:1a:fc:eb:a1:17:f4:61:b7:e0:80:cf:76:
                    2f:33:78:17:42:71:0f:5c:59:14:be:10:29:80:e9:
                    10:a7:58:42:65:97:17:7e:ca:38:9f:cd:ff:b4:41:
                    52:7d:bd:ba:d1:4f:01:de:7d:e6:92:2e:26:3f:b9:
                    22:1d:68:1d:8a:ed:f3:d9:4a:d6:0e:12:17:a3:82:
                    1f:92:38:82:a8:42:15:99:0e:df:59:c9:b5:be:73:
                    e2:d7:35:2b:ff:e9:f9:1f:b9:ce:60:fd:23:6e:a0:
                    22:d6:63:36:d3:80:32:23:f4:90:a4:40:9f:c6:41:
                    a0:a3:74:2c:1b:fe:1e:7e:05:10:2b:29:24:2d:a8:
                    92:fa:b3:3f:35:47:b0:51:47:58:a8:c4:8e:6c:eb:
                    fe:80:96:64:68:bb:42:8a:4f:61:05:c2:fc:4e:26:
                    4b:1c:69:3f:6f:d2:ed:ab:ee:b8:e7:a7:2d:da:67:
                    06:fb:59:3f:2e:8c:a5:f8:80:19:cc:97:9c:69:37:
                    4d:ac:34:f3:2b:70:6d:f0:c4:54:20:ad:7c:b4:ca:
                    7e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:6D:4D:00:AB:DC:19:3A:5D:47:A1:76:A2:47:0D:55:F7:C2:E9:DE
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/I21NAKvcGTpdR6F2okcNVffC6d4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.196.0/23
                  5.160.240.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6b:7f:69:6b:ee:78:f7:ea:90:d0:e3:c8:c9:f6:2b:9c:d1:02:
         06:66:d3:c9:04:e7:01:0e:0b:41:bf:5e:5f:e1:18:1d:58:1a:
         98:a2:60:6c:ad:fa:c6:65:fd:31:d3:7d:89:ce:3d:b2:1d:17:
         3a:71:7d:13:39:27:40:47:46:f7:2c:ca:9f:5a:27:2d:25:f6:
         e5:56:72:e6:6d:08:54:7e:4d:12:1b:56:f2:f8:f1:44:84:2d:
         29:e0:ed:18:bf:c5:8a:36:a9:54:cb:ff:aa:48:ab:bf:06:a0:
         a2:57:cc:b8:ef:21:3c:d7:d0:79:e1:e8:2a:68:45:a7:9f:9a:
         f7:37:d9:a7:dd:dd:fd:df:cc:b7:d9:24:83:43:9c:e3:53:b6:
         e3:1b:f4:39:de:84:22:5e:5b:8b:30:43:fc:63:e0:52:9a:1d:
         53:e6:57:92:d0:e4:61:dd:b6:c7:c0:25:c3:b3:55:d7:cc:bb:
         a0:b1:33:bd:90:0c:5f:39:32:7e:a1:01:c4:25:43:1a:cb:c7:
         1c:56:64:44:17:a4:5b:3d:e3:f3:61:43:55:71:33:13:8d:e5:
         56:78:47:42:67:35:aa:2f:8f:a3:23:38:bd:f4:cc:a7:d0:8b:
         02:c3:bd:e0:d5:61:e3:7b:69:d3:51:25:80:ab:30:ee:a7:02:
         d6:e0:a2:7a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOkgoFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM2ZDRkMDBhYmRj
MTkzYTVkNDdhMTc2YTI0NzBkNTVmN2MyZTlkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANP3hGKhLNuqU5xfWTQn0V3Xs+8HMrg3+sQZEITCwq2VK0/a
eiVkppoxR6HX+WtkGvzroRf0YbfggM92LzN4F0JxD1xZFL4QKYDpEKdYQmWXF37K
OJ/N/7RBUn29utFPAd595pIuJj+5Ih1oHYrt89lK1g4SF6OCH5I4gqhCFZkO31nJ
tb5z4tc1K//p+R+5zmD9I26gItZjNtOAMiP0kKRAn8ZBoKN0LBv+Hn4FECspJC2o
kvqzPzVHsFFHWKjEjmzr/oCWZGi7QopPYQXC/E4mSxxpP2/S7avuuOenLdpnBvtZ
Py6MpfiAGcyXnGk3Taw08ytwbfDEVCCtfLTKfg0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQjbU0Aq9wZOl1HoXaiRw1V98Lp3jAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L0kyMU5BS3ZjR1RwZFI2RjJva2NOVmZmQzZkNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAQWgxAMEAQWg8DANBgkqhkiG9w0B
AQsFAAOCAQEAa39pa+549+qQ0OPIyfYrnNECBmbTyQTnAQ4LQb9eX+EYHVgamKJg
bK36xmX9MdN9ic49sh0XOnF9EzknQEdG9yzKn1onLSX25VZy5m0IVH5NEhtW8vjx
RIQtKeDtGL/FijapVMv/qkirvwagolfMuO8hPNfQeeHoKmhFp5+a9zfZp93d/d/M
t9kkg0Oc41O24xv0Od6EIl5bizBD/GPgUpodU+ZXktDkYd22x8Alw7NV18y7oLEz
vZAMXzkyfqEBxCVDGsvHHFZkRBekWz3j82FDVXEzE43lVnhHQmc1qi+PoyM4vfTM
p9CLAsO94NVh43tp01ElgKsw7qcC1uCieg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org