Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/_IOxW6-1sJAxFy0oU40tnGx2pNQ.roa
File:                     _IOxW6-1sJAxFy0oU40tnGx2pNQ.roa (raw, json)
Hash identifier:          ORnz5PVZUb20Ax4K2jWeWdE6eXD7tW0YUuWd9Hheh4E=
Subject key identifier:   FC:83:B1:5B:AF:B5:B0:90:31:17:2D:28:53:8D:2D:9C:6C:76:A4:D4
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A53A462
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/_IOxW6-1sJAxFy0oU40tnGx2pNQ.roa
Signing time:             Sat 01 Jan 2022 14:56:28 +0000
ROA not before:           Sat 01 Jan 2022 14:56:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59961
IP address blocks:        5.160.195.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 978560098 (0x3a53a462)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fc83b15bafb5b09031172d28538d2d9c6c76a4d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:33:aa:8a:4c:cc:1a:61:b9:93:d7:b6:31:9d:
                    4a:a9:77:49:3d:7c:ea:0d:57:d0:a7:3c:89:6b:f0:
                    de:b5:14:5d:ca:98:d3:da:6d:9d:79:20:01:ce:f5:
                    60:7f:c3:e6:d9:34:4c:a6:85:49:d3:a6:ea:f4:2c:
                    17:e4:e8:21:ff:71:4d:de:58:d3:16:e4:4a:24:8f:
                    e1:92:0a:75:77:0f:81:38:34:70:c5:d9:3f:a7:ff:
                    47:68:fd:61:c7:d0:84:7f:8d:b5:aa:e5:69:86:fa:
                    70:73:3a:a2:60:63:72:0e:b1:e2:37:08:51:f5:82:
                    02:2d:f9:06:dd:7a:42:45:9c:e0:7a:24:0d:d3:7a:
                    51:1b:6e:64:25:33:d5:0f:be:aa:76:73:a7:5a:34:
                    02:97:1b:73:62:5a:39:6a:cd:47:7d:87:c4:75:5d:
                    8e:5a:5d:09:e0:2c:c6:d1:7f:68:ff:ae:46:82:c3:
                    c4:34:01:49:69:97:86:d5:41:07:d0:38:47:95:b0:
                    54:4e:85:57:0a:99:6b:e0:10:93:2a:ac:66:0a:89:
                    29:2d:bb:40:6e:88:38:25:80:e7:0c:96:04:0f:ab:
                    48:3b:8f:01:d7:e8:3e:7d:00:2b:90:a8:61:f6:fd:
                    be:1c:51:71:e0:e5:2b:41:ea:ec:92:28:e2:9e:0b:
                    55:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:83:B1:5B:AF:B5:B0:90:31:17:2D:28:53:8D:2D:9C:6C:76:A4:D4
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/_IOxW6-1sJAxFy0oU40tnGx2pNQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:15:62:94:65:fc:2e:4a:15:ff:58:7b:4a:47:e7:71:08:88:
         f8:f2:1e:89:ca:51:86:2e:9b:d9:15:32:c2:cf:06:7c:71:3b:
         d0:46:b8:1c:2f:dd:3b:fa:9c:f2:ed:38:88:2d:b1:2b:20:60:
         99:78:5c:87:39:40:48:e0:c4:f7:10:cf:ca:7a:c8:95:27:a8:
         d1:04:8e:f6:db:7e:16:be:0b:81:13:36:b4:3e:d4:75:8c:66:
         49:28:93:aa:79:c9:a1:3f:41:1e:11:65:67:7f:77:7f:0a:94:
         b5:5f:96:f3:53:f7:ce:77:e5:78:26:d1:25:0a:88:09:5d:a9:
         e0:ee:15:16:e9:b8:1d:60:3d:3a:f5:3b:c8:ba:b1:60:32:00:
         eb:70:ba:76:75:67:b3:bb:09:64:1a:e5:b0:04:4e:2f:1b:12:
         30:e9:fd:0d:9f:e9:a6:fa:9d:9c:44:f3:a8:3a:0e:ee:b9:d3:
         2b:d6:c1:a5:07:5f:60:27:5d:80:b3:ac:2d:2e:80:79:04:4a:
         40:a7:cf:64:6d:1b:c9:68:4e:b1:f2:59:f7:6a:53:c2:c6:06:
         fd:37:d6:cf:b9:3c:52:d4:e2:5c:c2:e7:7b:ba:ae:84:23:ab:
         ac:cc:94:7e:32:d6:ce:b7:4b:c6:c4:a5:1a:23:78:cf:6e:6f:
         61:2a:04:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOlOkYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmM4M2IxNWJhZmI1
YjA5MDMxMTcyZDI4NTM4ZDJkOWM2Yzc2YTRkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUzqopMzBphuZPXtjGdSql3ST186g1X0Kc8iWvw3rUUXcqY
09ptnXkgAc71YH/D5tk0TKaFSdOm6vQsF+ToIf9xTd5Y0xbkSiSP4ZIKdXcPgTg0
cMXZP6f/R2j9YcfQhH+NtarlaYb6cHM6omBjcg6x4jcIUfWCAi35Bt16QkWc4Hok
DdN6URtuZCUz1Q++qnZzp1o0Apcbc2JaOWrNR32HxHVdjlpdCeAsxtF/aP+uRoLD
xDQBSWmXhtVBB9A4R5WwVE6FVwqZa+AQkyqsZgqJKS27QG6IOCWA5wyWBA+rSDuP
AdfoPn0AK5CoYfb9vhxRceDlK0Hq7JIo4p4LVcMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT8g7Fbr7WwkDEXLShTjS2cbHak1DAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L19JT3hXNi0xc0pBeEZ5MG9VNDB0bkd4MnBOUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWgwzANBgkqhkiG9w0BAQsFAAOC
AQEALxVilGX8LkoV/1h7SkfncQiI+PIeicpRhi6b2RUyws8GfHE70Ea4HC/dO/qc
8u04iC2xKyBgmXhchzlASODE9xDPynrIlSeo0QSO9tt+Fr4LgRM2tD7UdYxmSSiT
qnnJoT9BHhFlZ393fwqUtV+W81P3znfleCbRJQqICV2p4O4VFum4HWA9OvU7yLqx
YDIA63C6dnVns7sJZBrlsAROLxsSMOn9DZ/ppvqdnETzqDoO7rnTK9bBpQdfYCdd
gLOsLS6AeQRKQKfPZG0byWhOsfJZ92pTwsYG/TfWz7k8UtTiXMLne7quhCOrrMyU
fjLWzrdLxsSlGiN4z25vYSoEBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org