Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/OxJRQBTVUDwwIuuVN6TDkb8-VZU.roa
File:                     OxJRQBTVUDwwIuuVN6TDkb8-VZU.roa (raw, json)
Hash identifier:          YqsMgJ6Ds0blKhc/C5rh+OUCZeirfyPN1jScwgMDa08=
Subject key identifier:   3B:12:51:40:14:D5:50:3C:30:22:EB:95:37:A4:C3:91:BF:3E:55:95
Certificate issuer:       /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial:       04C03C24
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/OxJRQBTVUDwwIuuVN6TDkb8-VZU.roa
Signing time:             Tue 03 May 2022 08:42:56 +0000
ROA not before:           Tue 03 May 2022 08:42:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212271
IP address blocks:        152.89.171.0/24 maxlen: 24
                          152.89.170.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79707172 (0x4c03c24)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
        Validity
            Not Before: May  3 08:42:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3b12514014d5503c3022eb9537a4c391bf3e5595
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a4:15:59:46:14:2f:14:51:cb:0a:46:74:46:
                    74:80:cf:0d:99:68:4c:6a:ff:f0:ff:37:a3:9f:7d:
                    8c:2e:36:02:21:65:c2:41:65:0d:91:87:15:54:5e:
                    f5:5b:66:96:51:5d:ca:7a:56:f5:6b:b4:de:75:6d:
                    a4:46:7a:56:1a:63:ef:b2:55:48:4f:97:7b:ac:dc:
                    92:74:f7:fc:06:6c:d3:29:de:ba:35:5c:cb:8c:17:
                    7f:24:91:e9:42:25:be:30:17:83:04:42:74:75:f7:
                    88:c6:93:7d:4a:c9:6b:d8:69:2c:a8:89:f0:21:b5:
                    ad:6c:2d:cd:67:d9:d2:7a:3e:85:05:cb:21:8f:8c:
                    b1:a6:65:12:ba:69:9d:d3:13:c9:60:0f:07:f0:67:
                    c8:7c:00:17:65:7e:9b:52:d7:dd:bb:13:38:0d:2b:
                    f6:d0:e1:a2:bd:09:f5:c7:cf:18:99:f7:3b:11:e7:
                    9e:93:46:ca:61:6e:ab:33:f8:8f:8a:ea:5c:ea:a9:
                    a9:2a:db:e0:a8:90:6e:e6:6e:f1:f3:ca:7c:7a:ce:
                    b2:41:1b:87:3e:d7:e8:5c:8c:f5:a9:7b:62:a1:0f:
                    ac:02:db:3c:dc:fb:3d:6a:ae:ac:e2:76:b3:17:40:
                    65:f9:49:1e:3e:c8:1d:15:e8:fb:6d:44:65:9a:27:
                    97:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:12:51:40:14:D5:50:3C:30:22:EB:95:37:A4:C3:91:BF:3E:55:95
            X509v3 Authority Key Identifier:
                keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/OxJRQBTVUDwwIuuVN6TDkb8-VZU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.170.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a1:74:c2:b4:02:67:84:f1:9c:72:3d:07:7c:b4:f7:40:7a:01:
         62:98:2a:71:b1:55:7d:5a:cb:ad:59:c7:c0:3d:f7:95:39:f1:
         7b:45:ee:bd:87:21:16:fa:5b:6f:08:c2:bb:79:04:14:f3:86:
         36:52:14:25:b8:5c:c8:d6:21:d2:0e:e2:66:63:8c:2b:3c:23:
         7e:ec:bb:76:7c:1b:d3:f0:0c:a1:03:0f:7f:af:b0:e4:26:15:
         5b:6a:c2:8c:c4:51:36:83:09:49:06:f4:0c:2a:2e:4f:67:5b:
         1d:b5:4f:54:b6:b8:fb:a9:9b:22:dd:6c:b5:50:05:eb:82:30:
         fc:36:7e:c3:db:7b:12:98:68:85:5e:7f:24:d0:39:36:ac:b5:
         fd:2d:09:3f:89:45:60:be:e0:9a:25:7d:a9:c2:f8:44:9e:10:
         c1:46:63:bd:e0:f9:f2:6e:41:20:fc:44:e0:b6:d2:f7:aa:e3:
         eb:c1:05:bf:f9:7a:2f:40:23:81:2d:82:0d:ee:5c:c4:57:5e:
         dd:f8:03:9e:80:3e:22:12:6a:37:c0:8c:b0:7a:ad:b1:e3:c7:
         dd:f9:09:20:d4:ca:c3:97:97:e5:32:3f:a9:69:60:93:83:39:
         ca:b4:7a:5b:41:99:6a:ce:64:f3:42:05:5c:fa:ce:45:7b:fa:
         9d:b3:d4:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBMA8JDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjkzZDNiYTE5N2Y1Y2UzMDk4YmZhNzcwMGI0Mzg1NGVhYTgwZTllMB4XDTIyMDUw
MzA4NDI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2IxMjUxNDAxNGQ1
NTAzYzMwMjJlYjk1MzdhNGMzOTFiZjNlNTU5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANGkFVlGFC8UUcsKRnRGdIDPDZloTGr/8P83o599jC42AiFl
wkFlDZGHFVRe9VtmllFdynpW9Wu03nVtpEZ6Vhpj77JVSE+Xe6zcknT3/AZs0yne
ujVcy4wXfySR6UIlvjAXgwRCdHX3iMaTfUrJa9hpLKiJ8CG1rWwtzWfZ0no+hQXL
IY+MsaZlErppndMTyWAPB/BnyHwAF2V+m1LX3bsTOA0r9tDhor0J9cfPGJn3OxHn
npNGymFuqzP4j4rqXOqpqSrb4KiQbuZu8fPKfHrOskEbhz7X6FyM9al7YqEPrALb
PNz7PWqurOJ2sxdAZflJHj7IHRXo+21EZZonl/cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ7ElFAFNVQPDAi65U3pMORvz5VlTAfBgNVHSMEGDAWgBQvk9O6GX9c4wmL
+ncAtDhU6qgOnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w1UFR1aGxfWE9NSmlfcDNBTFE0Vk9xb0RwNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvN2E4N2EwLTgwMTQtNDYwNS05ZmI1LTllNzFkYzI0YTY4My8x
L094SlJRQlRWVUR3d0l1dVZONlREa2I4LVZaVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
N2E4N2EwLTgwMTQtNDYwNS05ZmI1LTllNzFkYzI0YTY4My8xL0w1UFR1aGxfWE9N
SmlfcDNBTFE0Vk9xb0RwNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZhZqjANBgkqhkiG9w0BAQsFAAOC
AQEAoXTCtAJnhPGccj0HfLT3QHoBYpgqcbFVfVrLrVnHwD33lTnxe0XuvYchFvpb
bwjCu3kEFPOGNlIUJbhcyNYh0g7iZmOMKzwjfuy7dnwb0/AMoQMPf6+w5CYVW2rC
jMRRNoMJSQb0DCouT2dbHbVPVLa4+6mbIt1stVAF64Iw/DZ+w9t7EphohV5/JNA5
Nqy1/S0JP4lFYL7gmiV9qcL4RJ4QwUZjveD58m5BIPxE4LbS96rj68EFv/l6L0Aj
gS2CDe5cxFde3fgDnoA+IhJqN8CMsHqtsePH3fkJINTKw5eX5TI/qWlgk4M5yrR6
W0GZas5k80IFXPrORXv6nbPUzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:25 2024 by rpki-client on console-ams.rpki-client.org