Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/qFqVK2Ap6P2tRAxAK3YcBpwf7QA.roa
File:                     qFqVK2Ap6P2tRAxAK3YcBpwf7QA.roa (raw, json)
Hash identifier:          01Kh9QYF0GzSydwQplXqbTeof2Po6JXrCcey7URehNg=
Subject key identifier:   A8:5A:95:2B:60:29:E8:FD:AD:44:0C:40:2B:76:1C:06:9C:1F:ED:00
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A687506
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/qFqVK2Ap6P2tRAxAK3YcBpwf7QA.roa
Signing time:             Sat 01 Jan 2022 14:56:42 +0000
ROA not before:           Sat 01 Jan 2022 14:56:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212355
IP address blocks:        5.160.11.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 979924230 (0x3a687506)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a85a952b6029e8fdad440c402b761c069c1fed00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5b:4c:71:2d:1f:2b:a5:b1:9f:9e:34:e3:84:
                    a6:bb:b4:f9:cf:9f:e4:49:a8:97:6a:0b:f4:8b:af:
                    0c:e7:5b:34:d1:c0:f6:62:a3:70:f1:72:c5:26:89:
                    e0:d2:02:50:6d:7f:1f:54:16:bd:e7:93:79:9c:15:
                    f2:1f:bd:cb:e7:72:63:4b:f8:1e:c6:0d:c9:fa:33:
                    9f:29:ed:56:81:85:6d:78:85:73:97:3f:01:11:56:
                    70:d5:14:88:91:8e:1d:90:11:88:37:6b:a3:77:80:
                    08:06:b8:89:a2:7a:03:be:59:07:d6:b4:e4:85:d4:
                    ee:c8:7a:9a:53:73:69:16:ae:30:61:4c:78:de:72:
                    4c:44:10:9b:3c:e4:75:cd:d5:e2:e9:64:7d:e1:b9:
                    ab:53:74:bc:8a:95:12:e6:e0:bd:2a:8f:33:b4:ce:
                    ac:9a:0c:d8:c4:6e:7c:0f:09:b7:f9:ea:50:e0:fe:
                    fa:b7:4e:04:69:a0:fa:42:03:d3:e7:fe:fb:7a:cf:
                    bb:01:d6:2d:d2:9b:f0:99:50:b6:93:dc:d9:3c:9a:
                    5c:5b:1c:ce:12:d9:1a:00:45:c9:27:da:17:c2:67:
                    46:f8:47:5b:c5:5a:c0:ef:85:f7:4c:9a:53:8d:7d:
                    c1:63:a1:b1:ac:8d:a3:c7:72:a9:64:2c:61:ec:99:
                    51:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:5A:95:2B:60:29:E8:FD:AD:44:0C:40:2B:76:1C:06:9C:1F:ED:00
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/qFqVK2Ap6P2tRAxAK3YcBpwf7QA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:d6:11:50:d0:2b:88:a1:0f:1a:df:90:99:41:22:4d:05:b7:
         dd:89:dc:27:a3:88:ef:3b:06:ae:6e:cd:0b:31:72:2e:b0:9d:
         14:36:51:84:a9:c5:b4:fe:b9:48:d8:55:62:4a:b9:64:b8:e4:
         db:48:45:29:c5:22:74:23:21:50:2d:65:ba:02:48:e7:1b:11:
         7f:9c:4c:12:60:ca:09:c1:37:6a:c5:78:78:55:0a:c0:9a:13:
         7b:67:c3:23:34:47:57:6b:9d:c4:41:45:b6:cf:50:bd:07:22:
         a1:00:d9:60:54:31:dd:5f:36:65:96:d5:47:ee:e4:a8:4e:d2:
         b0:0c:38:3c:d8:6e:83:0e:43:97:06:ca:fd:3e:fb:5b:59:1d:
         a7:aa:e7:9a:56:ba:f6:69:b4:c7:f7:f2:67:a5:85:20:f0:9a:
         fc:99:d2:51:f6:84:4c:4a:f5:7e:e0:3c:8b:0e:e9:23:27:7e:
         45:8b:78:dc:d8:1a:7f:48:aa:fe:36:f3:00:41:22:ce:00:51:
         6e:3e:bc:b0:08:8c:da:92:be:03:69:de:5c:53:72:28:a2:5f:
         26:90:4b:89:8e:63:7b:92:3b:f2:cb:d8:4f:36:b6:31:1c:ee:
         91:1a:c0:b6:e7:23:b6:b8:07:15:ad:17:87:2c:7e:ff:d9:99:
         ea:21:b9:ba
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOmh1BjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTY0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg1YTk1MmI2MDI5
ZThmZGFkNDQwYzQwMmI3NjFjMDY5YzFmZWQwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVbTHEtHyulsZ+eNOOEpru0+c+f5Emol2oL9IuvDOdbNNHA
9mKjcPFyxSaJ4NICUG1/H1QWveeTeZwV8h+9y+dyY0v4HsYNyfoznyntVoGFbXiF
c5c/ARFWcNUUiJGOHZARiDdro3eACAa4iaJ6A75ZB9a05IXU7sh6mlNzaRauMGFM
eN5yTEQQmzzkdc3V4ulkfeG5q1N0vIqVEubgvSqPM7TOrJoM2MRufA8Jt/nqUOD+
+rdOBGmg+kID0+f++3rPuwHWLdKb8JlQtpPc2TyaXFsczhLZGgBFySfaF8JnRvhH
W8VawO+F90yaU419wWOhsayNo8dyqWQsYeyZUY8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSoWpUrYCno/a1EDEArdhwGnB/tADAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L3FGcVZLMkFwNlAydFJBeEFLM1ljQnB3ZjdRQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWgCzANBgkqhkiG9w0BAQsFAAOC
AQEAeNYRUNAriKEPGt+QmUEiTQW33YncJ6OI7zsGrm7NCzFyLrCdFDZRhKnFtP65
SNhVYkq5ZLjk20hFKcUidCMhUC1lugJI5xsRf5xMEmDKCcE3asV4eFUKwJoTe2fD
IzRHV2udxEFFts9QvQcioQDZYFQx3V82ZZbVR+7kqE7SsAw4PNhugw5DlwbK/T77
W1kdp6rnmla69mm0x/fyZ6WFIPCa/JnSUfaETEr1fuA8iw7pIyd+RYt43Ngaf0iq
/jbzAEEizgBRbj68sAiM2pK+A2neXFNyKKJfJpBLiY5je5I78svYTza2MRzukRrA
tucjtrgHFa0Xhyx+/9mZ6iG5ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org