Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/daiqyuoGMKNd6Jj9kiwUUHwyRzI.roa
File:                     daiqyuoGMKNd6Jj9kiwUUHwyRzI.roa (raw, json)
Hash identifier:          lQ9Qy6xrM7Y57umLzOxYveZzANfmOWbfMVpa3IQf6e4=
Subject key identifier:   75:A8:AA:CA:EA:06:30:A3:5D:E8:98:FD:92:2C:14:50:7C:32:47:32
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A4D3E10
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/daiqyuoGMKNd6Jj9kiwUUHwyRzI.roa
Signing time:             Sat 01 Jan 2022 14:56:23 +0000
ROA not before:           Sat 01 Jan 2022 14:56:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51469
IP address blocks:        5.160.116.0/22 maxlen: 22
                          5.160.132.0/22 maxlen: 22
                          5.160.144.0/23 maxlen: 23
                          5.160.142.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 978140688 (0x3a4d3e10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75a8aacaea0630a35de898fd922c14507c324732
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0d:d1:69:91:56:c1:83:dc:5a:fb:cf:81:e0:
                    17:58:37:29:34:85:ed:3f:96:3d:9d:fd:9d:13:c9:
                    af:7a:43:eb:38:86:6e:27:58:9f:53:27:56:1c:6d:
                    0d:fb:26:40:d0:b5:f2:bb:72:45:d9:ce:24:d5:54:
                    6a:08:7b:e8:fa:28:48:89:21:e3:89:15:ae:47:45:
                    f1:a6:ea:77:95:89:c1:30:80:0c:a2:6c:f7:bb:63:
                    7b:45:03:8f:68:97:1c:0b:3d:c9:4b:7c:4b:22:4f:
                    28:62:c2:64:f6:4c:fd:0b:6b:fc:9a:d7:04:6c:d8:
                    ec:f5:3c:e6:52:04:93:bb:9c:7d:85:57:36:0c:82:
                    6e:38:a9:50:7c:26:89:60:52:f9:37:06:18:12:29:
                    e2:ff:6e:31:69:72:1f:91:e4:39:1f:e3:41:00:01:
                    85:7d:8e:a0:2d:db:06:ce:b0:19:75:a6:d3:dc:c6:
                    38:9b:53:9f:cd:43:33:10:69:85:a9:bf:be:35:6c:
                    bf:43:fe:7d:c4:c7:1a:f0:ae:4d:9f:98:62:f0:8c:
                    f3:d3:11:00:15:01:eb:a3:95:0f:01:03:4c:72:ab:
                    59:62:1b:d7:7d:76:4e:0a:51:30:0c:52:dc:50:7a:
                    aa:fc:a9:3e:bf:23:73:f9:bf:44:d9:b6:3d:b5:13:
                    bb:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:A8:AA:CA:EA:06:30:A3:5D:E8:98:FD:92:2C:14:50:7C:32:47:32
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/daiqyuoGMKNd6Jj9kiwUUHwyRzI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.116.0/22
                  5.160.132.0/22
                  5.160.142.0-5.160.145.255

    Signature Algorithm: sha256WithRSAEncryption
         1f:40:41:ca:b7:e1:34:d2:c8:ab:8c:9f:af:ae:f3:8b:5f:f2:
         50:4f:e7:38:14:3f:5e:89:39:4a:0e:4d:da:52:18:c0:3a:4b:
         a9:73:b2:67:0f:c5:67:2f:60:df:35:4f:89:be:5e:f6:ac:d8:
         9b:69:9d:fb:88:ec:54:1c:ed:3d:9e:ac:5f:11:41:16:6e:9d:
         63:63:d1:7f:12:91:9e:a3:fd:35:68:16:12:62:af:b0:0d:3a:
         a1:cb:1a:4e:b4:f6:22:35:2a:c1:7d:68:d1:c9:f7:81:85:b7:
         d8:b6:8e:d3:c6:69:2c:4b:61:35:79:75:a8:ec:02:99:eb:61:
         17:78:3c:6e:dc:eb:81:25:c5:b1:e4:26:8a:10:19:c6:c2:85:
         af:64:6b:f4:2d:c3:1a:7c:87:22:3f:3e:42:ba:22:dc:6c:25:
         42:be:42:4b:b1:3f:50:39:90:5e:7b:11:c8:86:4d:1d:32:50:
         df:dd:b6:bd:1f:9d:94:36:9f:82:d2:29:8c:2d:50:f4:88:01:
         de:db:96:8c:8e:92:26:32:90:ea:d4:3c:be:9c:5c:3d:5e:fd:
         b9:3a:bd:eb:a5:f1:3d:89:8c:c1:3e:b7:ab:66:d7:b9:bb:35:
         d7:c8:da:f0:10:94:9f:51:35:12:ed:c6:f6:5a:ab:af:ee:9f:
         1a:0b:40:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEOk0+EDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVhOGFhY2FlYTA2
MzBhMzVkZTg5OGZkOTIyYzE0NTA3YzMyNDczMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIN0WmRVsGD3Fr7z4HgF1g3KTSF7T+WPZ39nRPJr3pD6ziG
bidYn1MnVhxtDfsmQNC18rtyRdnOJNVUagh76PooSIkh44kVrkdF8abqd5WJwTCA
DKJs97tje0UDj2iXHAs9yUt8SyJPKGLCZPZM/Qtr/JrXBGzY7PU85lIEk7ucfYVX
NgyCbjipUHwmiWBS+TcGGBIp4v9uMWlyH5HkOR/jQQABhX2OoC3bBs6wGXWm09zG
OJtTn81DMxBpham/vjVsv0P+fcTHGvCuTZ+YYvCM89MRABUB66OVDwEDTHKrWWIb
1312TgpRMAxS3FB6qvypPr8jc/m/RNm2PbUTu4ECAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR1qKrK6gYwo13omP2SLBRQfDJHMjAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L2RhaXF5dW9HTUtOZDZKajlraXdVVUh3eVJ6SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAgWgdAMEAgWghDAMAwQBBaCOAwQB
BaCQMA0GCSqGSIb3DQEBCwUAA4IBAQAfQEHKt+E00sirjJ+vrvOLX/JQT+c4FD9e
iTlKDk3aUhjAOkupc7JnD8VnL2DfNU+Jvl72rNibaZ37iOxUHO09nqxfEUEWbp1j
Y9F/EpGeo/01aBYSYq+wDTqhyxpOtPYiNSrBfWjRyfeBhbfYto7TxmksS2E1eXWo
7AKZ62EXeDxu3OuBJcWx5CaKEBnGwoWvZGv0LcMafIciPz5CuiLcbCVCvkJLsT9Q
OZBeexHIhk0dMlDf3ba9H52UNp+C0imMLVD0iAHe25aMjpImMpDq1Dy+nFw9Xv25
Or3rpfE9iYzBPrerZte5uzXXyNrwEJSfUTUS7cb2Wquv7p8aC0D5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org