Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/sgfqaykm1EgM6DVoIhwzseyuohI.roa
File:                     sgfqaykm1EgM6DVoIhwzseyuohI.roa (raw, json)
Hash identifier:          B3lPOzvkYPX+Ifbyp8gB61OodJewYMVVT1mUbbXY+mI=
Subject key identifier:   B2:07:EA:6B:29:26:D4:48:0C:E8:35:68:22:1C:33:B1:EC:AE:A2:12
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A5B78E1
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/sgfqaykm1EgM6DVoIhwzseyuohI.roa
Signing time:             Sat 01 Jan 2022 14:56:33 +0000
ROA not before:           Sat 01 Jan 2022 14:56:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62265
IP address blocks:        5.160.222.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 979073249 (0x3a5b78e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b207ea6b2926d4480ce83568221c33b1ecaea212
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:d4:7d:1d:97:d5:20:15:68:c4:bf:86:9f:05:
                    b5:a6:60:70:2a:e9:00:a1:8d:6d:e5:86:01:20:38:
                    6c:38:26:9b:6e:9a:2c:e2:b8:b6:d1:6d:d0:cb:22:
                    0e:22:6c:0b:12:9c:4c:c0:f8:ea:98:12:f2:cb:9e:
                    40:e4:96:25:60:5f:a0:f8:af:b0:0f:81:87:87:bf:
                    ad:c1:71:1e:00:6a:be:03:08:b7:78:9a:77:a8:41:
                    82:33:07:92:79:67:25:70:e6:99:f9:3c:75:8b:50:
                    2a:d1:97:4a:3e:31:cd:fa:61:14:3f:41:37:3d:05:
                    cb:01:f3:6b:85:6f:5c:6d:40:56:7d:ad:b9:60:41:
                    f8:60:da:49:b8:39:cb:8e:66:37:4e:8a:59:0e:e6:
                    96:e0:88:2e:f8:cb:b2:0f:7d:d1:5d:64:9f:8d:bf:
                    4f:e1:d4:a8:c0:4c:b7:af:58:20:33:bb:5d:2f:53:
                    71:db:64:36:4f:a3:c7:5f:8c:b1:b0:be:a0:12:71:
                    37:00:1a:5a:9b:3b:72:53:72:be:95:40:75:a4:d4:
                    8d:85:3e:9b:57:f0:46:e5:f7:1c:1f:25:d3:e7:fe:
                    3c:3d:2a:b4:ed:20:02:e0:ef:7f:f7:eb:d1:2f:d3:
                    6a:de:d9:b6:1c:57:b0:6b:f0:04:af:9d:1d:21:a8:
                    e1:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:07:EA:6B:29:26:D4:48:0C:E8:35:68:22:1C:33:B1:EC:AE:A2:12
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/sgfqaykm1EgM6DVoIhwzseyuohI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.222.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:21:08:8b:11:03:28:75:58:f7:77:e7:cd:21:f8:1a:4a:c6:
         68:43:8c:f9:d1:54:80:c1:0e:c6:fa:15:4b:9d:bb:cb:80:b7:
         05:87:3f:97:b0:e1:03:28:44:22:e6:a0:1f:8b:4e:36:f9:a9:
         74:69:5b:a3:0e:05:24:29:88:d7:2b:e1:fb:40:f3:40:a8:e0:
         d3:77:fa:09:98:16:1e:11:a1:f5:f7:f1:aa:73:3e:3e:b2:41:
         4b:b8:72:95:ae:5d:5c:41:ab:eb:dc:9a:c6:12:a5:ad:f6:37:
         de:e0:c4:89:f8:03:81:45:47:42:bf:61:46:5a:6a:b2:56:eb:
         18:8b:47:97:6a:25:ee:ca:88:a7:23:bc:7b:0b:83:06:84:ed:
         d6:00:09:c8:4f:5a:3c:80:6f:e5:bb:19:cb:c7:d1:c0:02:78:
         72:3f:d4:f3:e0:ee:b5:f7:72:ff:38:f0:ba:e3:c1:dc:1a:d6:
         62:e6:4f:f0:68:ee:e7:20:27:1b:db:97:c0:7c:f3:ca:19:63:
         23:4f:7a:45:74:5e:0a:15:28:69:47:e2:96:57:27:c7:5b:21:
         7c:76:9a:dd:a8:e3:3c:68:62:dd:1e:60:bd:1a:8d:a2:78:13:
         58:03:41:da:99:d5:d5:30:e5:8b:4d:d4:eb:8d:9b:43:d6:3a:
         8f:da:be:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOlt44TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjIwN2VhNmIyOTI2
ZDQ0ODBjZTgzNTY4MjIxYzMzYjFlY2FlYTIxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTUfR2X1SAVaMS/hp8FtaZgcCrpAKGNbeWGASA4bDgmm26a
LOK4ttFt0MsiDiJsCxKcTMD46pgS8sueQOSWJWBfoPivsA+Bh4e/rcFxHgBqvgMI
t3iad6hBgjMHknlnJXDmmfk8dYtQKtGXSj4xzfphFD9BNz0FywHza4VvXG1AVn2t
uWBB+GDaSbg5y45mN06KWQ7mluCILvjLsg990V1kn42/T+HUqMBMt69YIDO7XS9T
cdtkNk+jx1+MsbC+oBJxNwAaWps7clNyvpVAdaTUjYU+m1fwRuX3HB8l0+f+PD0q
tO0gAuDvf/fr0S/Tat7ZthxXsGvwBK+dHSGo4TkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSyB+prKSbUSAzoNWgiHDOx7K6iEjAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L3NnZnFheWttMUVnTTZEVm9JaHd6c2V5dW9oSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQWg3jANBgkqhkiG9w0BAQsFAAOC
AQEAOyEIixEDKHVY93fnzSH4GkrGaEOM+dFUgMEOxvoVS527y4C3BYc/l7DhAyhE
IuagH4tONvmpdGlbow4FJCmI1yvh+0DzQKjg03f6CZgWHhGh9ffxqnM+PrJBS7hy
la5dXEGr69yaxhKlrfY33uDEifgDgUVHQr9hRlpqslbrGItHl2ol7sqIpyO8ewuD
BoTt1gAJyE9aPIBv5bsZy8fRwAJ4cj/U8+Dutfdy/zjwuuPB3BrWYuZP8Gju5yAn
G9uXwHzzyhljI096RXReChUoaUfillcnx1shfHaa3ajjPGhi3R5gvRqNongTWANB
2pnV1TDli03U642bQ9Y6j9q+fQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org