Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QO39rfZsIBz82Kntg2NErh31wAM.roa
File:                     QO39rfZsIBz82Kntg2NErh31wAM.roa (raw, json)
Hash identifier:          407F+cRiB7+FUcvuAhSKZvIMpFiH4DUnXWgc1Htps7k=
Subject key identifier:   40:ED:FD:AD:F6:6C:20:1C:FC:D8:A9:ED:83:63:44:AE:1D:F5:C0:03
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A4DFE5E
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QO39rfZsIBz82Kntg2NErh31wAM.roa
Signing time:             Sat 01 Jan 2022 14:56:24 +0000
ROA not before:           Sat 01 Jan 2022 14:56:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51541
IP address blocks:        5.160.152.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 978189918 (0x3a4dfe5e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=40edfdadf66c201cfcd8a9ed836344ae1df5c003
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:72:3c:eb:33:97:59:be:02:be:3f:5d:79:fc:
                    ba:30:35:d8:3b:e1:eb:a8:c8:b1:dd:c3:9f:69:41:
                    2e:1c:39:d2:ce:33:81:46:69:06:cf:86:a2:94:0a:
                    34:60:a5:80:0e:49:b9:f6:82:d2:bf:f6:05:24:10:
                    ef:ea:3b:5e:83:9c:c6:f8:79:4b:81:ee:a5:45:24:
                    2d:e8:2a:c9:f2:e4:14:54:94:f2:b8:6b:cd:d0:64:
                    4e:47:cf:ec:a0:82:46:f6:fd:3d:04:94:64:0c:f6:
                    fb:a0:dd:52:1a:54:c8:b0:8a:f8:c8:41:3a:1c:92:
                    0d:86:98:f6:ad:40:ad:90:d9:a9:e0:d2:c4:6c:fb:
                    65:e3:df:f4:97:dc:9e:0c:e0:d9:a8:61:a3:d2:5d:
                    b7:fd:cb:08:1d:e7:c2:f6:bd:0d:58:65:1f:33:9e:
                    0b:2f:57:03:35:a8:3f:ca:9e:85:50:0d:a5:8a:b8:
                    c9:4e:45:08:bb:65:30:3c:9e:0b:2a:24:a1:b5:93:
                    9e:60:63:bc:08:07:b4:7b:38:e4:28:ad:01:28:96:
                    07:69:35:56:e7:e2:0c:d8:2a:90:19:d7:fa:62:50:
                    12:c4:4d:b9:15:04:e5:f4:53:d4:64:0a:7d:db:58:
                    23:f4:10:d9:fc:e9:91:af:77:bf:a6:ae:2f:6f:91:
                    04:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:ED:FD:AD:F6:6C:20:1C:FC:D8:A9:ED:83:63:44:AE:1D:F5:C0:03
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QO39rfZsIBz82Kntg2NErh31wAM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:ee:5a:7d:60:d9:6d:b8:5d:47:00:fd:94:22:7e:94:5c:b5:
         47:1b:7d:67:c7:a0:76:32:23:5c:44:0d:d1:a9:a8:d4:2b:0e:
         37:f8:9f:71:26:b1:b8:45:ce:8e:35:fe:26:42:ee:58:00:83:
         d0:52:35:33:d0:18:d4:4f:7b:34:95:51:58:7c:82:a0:67:8d:
         6d:80:67:2a:b7:1a:13:b7:06:ed:95:2d:bc:22:ab:cb:f1:37:
         5f:38:29:8c:9f:4f:e1:1c:04:60:6d:fa:7d:55:8c:3c:78:52:
         4f:ff:ae:ef:f1:30:39:8d:ce:8f:ed:75:9a:90:e8:f4:57:74:
         fb:5c:b4:07:12:38:f0:00:15:98:e9:a3:00:45:e8:59:f3:fa:
         9a:1d:f2:f5:ee:e2:00:c2:5a:83:b5:40:5b:19:23:9f:5f:ed:
         2d:27:41:8a:7c:fb:28:e6:94:20:8a:6b:a5:08:31:10:4c:e8:
         ff:83:7f:d1:3e:64:7c:57:11:57:9f:76:1b:f3:8b:b3:78:29:
         d6:96:38:d3:c5:b0:ca:73:86:c0:83:f3:4c:ef:e7:12:29:35:
         d7:8e:2c:67:ef:84:40:8e:20:26:1e:74:30:87:ef:66:73:61:
         6f:34:12:ac:94:d0:1c:fd:84:07:93:33:f2:ff:e4:44:d8:30:
         6f:b1:fc:93
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOk3+XjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBlZGZkYWRmNjZj
MjAxY2ZjZDhhOWVkODM2MzQ0YWUxZGY1YzAwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPVyPOszl1m+Ar4/XXn8ujA12Dvh66jIsd3Dn2lBLhw50s4z
gUZpBs+GopQKNGClgA5JufaC0r/2BSQQ7+o7XoOcxvh5S4HupUUkLegqyfLkFFSU
8rhrzdBkTkfP7KCCRvb9PQSUZAz2+6DdUhpUyLCK+MhBOhySDYaY9q1ArZDZqeDS
xGz7ZePf9Jfcngzg2ahho9Jdt/3LCB3nwva9DVhlHzOeCy9XAzWoP8qehVANpYq4
yU5FCLtlMDyeCyokobWTnmBjvAgHtHs45CitASiWB2k1VufiDNgqkBnX+mJQEsRN
uRUE5fRT1GQKfdtYI/QQ2fzpka93v6auL2+RBNsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRA7f2t9mwgHPzYqe2DY0SuHfXAAzAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L1FPMzlyZlpzSUJ6ODJLbnRnMk5FcmgzMXdBTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWgmDANBgkqhkiG9w0BAQsFAAOC
AQEAF+5afWDZbbhdRwD9lCJ+lFy1Rxt9Z8egdjIjXEQN0amo1CsON/ifcSaxuEXO
jjX+JkLuWACD0FI1M9AY1E97NJVRWHyCoGeNbYBnKrcaE7cG7ZUtvCKry/E3Xzgp
jJ9P4RwEYG36fVWMPHhST/+u7/EwOY3Oj+11mpDo9Fd0+1y0BxI48AAVmOmjAEXo
WfP6mh3y9e7iAMJag7VAWxkjn1/tLSdBinz7KOaUIIprpQgxEEzo/4N/0T5kfFcR
V592G/OLs3gp1pY408WwynOGwIPzTO/nEik1144sZ++EQI4gJh50MIfvZnNhbzQS
rJTQHP2EB5Mz8v/kRNgwb7H8kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org