Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/f2ec53-223b-4b3b-9d20-ceec5a739c72/1/7q3TSzMl8gsHF11KscprQQlai_4.roa
File:                     7q3TSzMl8gsHF11KscprQQlai_4.roa (raw, json)
Hash identifier:          Crim2N4362y9ezlCvHI0kSv9xiQx//zlDlFHq4bc5BI=
Subject key identifier:   EE:AD:D3:4B:33:25:F2:0B:07:17:5D:4A:B1:CA:6B:41:09:5A:8B:FE
Certificate issuer:       /CN=d18a56d6a14e6763fc7733a8a5f9431db7568cb5
Certificate serial:       0AD0B14A
Authority key identifier: D1:8A:56:D6:A1:4E:67:63:FC:77:33:A8:A5:F9:43:1D:B7:56:8C:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0YpW1qFOZ2P8dzOopflDHbdWjLU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/f2ec53-223b-4b3b-9d20-ceec5a739c72/1/7q3TSzMl8gsHF11KscprQQlai_4.roa
Signing time:             Sat 01 Jan 2022 06:04:42 +0000
ROA not before:           Sat 01 Jan 2022 06:04:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2852
IP address blocks:        147.228.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 181449034 (0xad0b14a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d18a56d6a14e6763fc7733a8a5f9431db7568cb5
        Validity
            Not Before: Jan  1 06:04:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eeadd34b3325f20b07175d4ab1ca6b41095a8bfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a3:24:d9:a9:07:06:7a:4e:2d:f0:7f:c8:0c:
                    53:5a:e3:ba:b3:c3:e3:0e:29:d7:68:dc:a0:5b:04:
                    00:c0:f2:8c:30:76:4c:bf:c5:96:70:ec:b1:45:12:
                    8e:1b:9e:32:04:69:33:7b:89:e0:0d:91:12:c8:51:
                    fc:d6:a5:d0:99:cb:4f:ef:cd:aa:33:5f:8e:df:3c:
                    61:5b:f2:4f:49:cc:39:de:08:a5:22:e7:51:97:05:
                    73:2e:a6:8a:18:9f:37:d2:f5:de:cc:b5:65:34:6b:
                    5a:f1:71:16:ef:91:f1:78:19:72:54:26:c9:83:1e:
                    7b:ad:b1:29:fb:88:f1:fc:2b:15:7b:c4:e7:05:7f:
                    f4:13:11:77:d2:2b:fb:49:85:36:d5:a0:76:8b:70:
                    3a:d4:57:ab:29:14:dd:4d:bd:9e:2c:b4:6f:66:50:
                    fd:56:eb:dd:7e:cd:1e:e2:07:ad:90:e5:0a:d2:cc:
                    db:1a:6d:dc:d6:08:9e:b1:f3:01:b2:fe:15:a7:f0:
                    ad:b3:02:ae:d0:e1:4e:64:b6:01:ee:d6:bd:d1:e7:
                    68:cc:e8:d3:1d:b3:84:77:81:8b:31:5d:d1:6b:f0:
                    ef:5f:fc:22:26:0f:b5:21:c4:a4:68:14:d8:f2:a3:
                    82:29:f9:b6:b7:a4:0c:66:c1:78:0f:20:cf:a3:68:
                    d7:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:AD:D3:4B:33:25:F2:0B:07:17:5D:4A:B1:CA:6B:41:09:5A:8B:FE
            X509v3 Authority Key Identifier:
                keyid:D1:8A:56:D6:A1:4E:67:63:FC:77:33:A8:A5:F9:43:1D:B7:56:8C:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YpW1qFOZ2P8dzOopflDHbdWjLU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/f2ec53-223b-4b3b-9d20-ceec5a739c72/1/7q3TSzMl8gsHF11KscprQQlai_4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/f2ec53-223b-4b3b-9d20-ceec5a739c72/1/0YpW1qFOZ2P8dzOopflDHbdWjLU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.228.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0c:42:88:6a:22:fd:92:bd:09:5f:7b:ea:9f:ef:86:ea:df:75:
         a4:c9:16:13:36:dd:43:c0:e4:40:76:e4:c2:82:2d:21:e6:44:
         7d:5c:61:64:9d:ad:39:fa:5a:f1:86:ba:de:4c:53:2f:51:85:
         e7:21:ad:d8:19:83:e3:08:d6:c5:1f:2d:7a:6b:36:c5:c1:1b:
         7a:c0:eb:fb:31:21:9e:6b:ed:0c:57:1f:c4:12:df:2b:ad:65:
         0e:57:9e:f3:02:1d:36:aa:19:da:f3:f3:cd:a3:f2:00:e5:ce:
         83:2a:bc:83:8c:18:04:4f:53:e6:5e:97:f0:1d:29:c5:b9:7a:
         c5:2b:3a:a0:93:a7:5c:4a:9a:66:61:3f:3d:83:3d:44:0a:11:
         c1:4d:be:13:18:c2:10:ff:36:f9:de:ad:e4:6a:d5:d5:13:38:
         6e:a4:42:07:93:c8:4d:b7:99:7e:36:84:7d:c1:0a:73:76:2e:
         64:fb:ff:8f:26:ae:e6:57:df:9e:84:b6:f2:67:8a:6d:9c:af:
         e2:64:96:fb:09:43:01:12:cf:1b:11:d3:ab:8e:c2:2c:9b:aa:
         6f:69:76:e0:47:42:5a:a7:63:76:bc:2d:80:47:83:44:f2:93:
         41:06:43:e9:86:92:6a:09:92:e7:de:d2:c1:b0:21:dd:2d:7d:
         4e:34:5f:41
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIECtCxSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MThhNTZkNmExNGU2NzYzZmM3NzMzYThhNWY5NDMxZGI3NTY4Y2I1MB4XDTIyMDEw
MTA2MDQ0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWVhZGQzNGIzMzI1
ZjIwYjA3MTc1ZDRhYjFjYTZiNDEwOTVhOGJmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOjJNmpBwZ6Ti3wf8gMU1rjurPD4w4p12jcoFsEAMDyjDB2
TL/FlnDssUUSjhueMgRpM3uJ4A2REshR/Nal0JnLT+/NqjNfjt88YVvyT0nMOd4I
pSLnUZcFcy6mihifN9L13sy1ZTRrWvFxFu+R8XgZclQmyYMee62xKfuI8fwrFXvE
5wV/9BMRd9Ir+0mFNtWgdotwOtRXqykU3U29niy0b2ZQ/Vbr3X7NHuIHrZDlCtLM
2xpt3NYInrHzAbL+FafwrbMCrtDhTmS2Ae7WvdHnaMzo0x2zhHeBizFd0Wvw71/8
IiYPtSHEpGgU2PKjgin5trekDGbBeA8gz6No1wkCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBTurdNLMyXyCwcXXUqxymtBCVqL/jAfBgNVHSMEGDAWgBTRilbWoU5nY/x3
M6il+UMdt1aMtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBZcFcxcUZPWjJQOGR6T29wZmxESGJkV2pMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvZjJlYzUzLTIyM2ItNGIzYi05ZDIwLWNlZWM1YTczOWM3Mi8x
LzdxM1RTek1sOGdzSEYxMUtzY3ByUVFsYWlfNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
ZjJlYzUzLTIyM2ItNGIzYi05ZDIwLWNlZWM1YTczOWM3Mi8xLzBZcFcxcUZPWjJQ
OGR6T29wZmxESGJkV2pMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJPkMA0GCSqGSIb3DQEBCwUAA4IB
AQAMQohqIv2SvQlfe+qf74bq33WkyRYTNt1DwORAduTCgi0h5kR9XGFkna05+lrx
hrreTFMvUYXnIa3YGYPjCNbFHy16azbFwRt6wOv7MSGea+0MVx/EEt8rrWUOV57z
Ah02qhna8/PNo/IA5c6DKryDjBgET1PmXpfwHSnFuXrFKzqgk6dcSppmYT89gz1E
ChHBTb4TGMIQ/zb53q3katXVEzhupEIHk8hNt5l+NoR9wQpzdi5k+/+PJq7mV9+e
hLbyZ4ptnK/iZJb7CUMBEs8bEdOrjsIsm6pvaXbgR0Jap2N2vC2AR4NE8pNBBkPp
hpJqCZLn3tLBsCHdLX1ONF9B
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:30 2024 by rpki-client on console-ams.rpki-client.org