Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/tLoRh6anEs6Q-Rgl3pFMa-7WxYc.roa
File:                     tLoRh6anEs6Q-Rgl3pFMa-7WxYc.roa (raw, json)
Hash identifier:          XxqHPdsC+RU/TLF6jg0jx7G7CfNiFOAvgmdBvzb1pLQ=
Subject key identifier:   B4:BA:11:87:A6:A7:12:CE:90:F9:18:25:DE:91:4C:6B:EE:D6:C5:87
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       01835B70D3E1EB87660FA9ABB8D5F5600BBF
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/tLoRh6anEs6Q-Rgl3pFMa-7WxYc.roa
Signing time:             Tue 20 Sep 2022 15:07:44 +0000
ROA not before:           Tue 20 Sep 2022 15:07:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3214
IP address blocks:        5.181.23.0/24 maxlen: 24
                          5.181.22.0/24 maxlen: 24
                          5.181.21.0/24 maxlen: 24
                          5.181.20.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:5b:70:d3:e1:eb:87:66:0f:a9:ab:b8:d5:f5:60:0b:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Sep 20 15:07:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b4ba1187a6a712ce90f91825de914c6beed6c587
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:f5:c6:e8:1b:f1:a3:66:f4:60:32:94:57:7c:
                    cb:d4:59:36:3c:22:ea:e0:df:78:65:85:d6:93:60:
                    62:56:8b:c1:12:51:b8:66:e8:59:29:ba:83:63:83:
                    08:1c:4f:a4:cc:8b:d4:27:88:c5:e2:6b:94:16:a1:
                    8e:1c:10:c5:59:f4:43:93:b7:5d:1f:36:e4:31:87:
                    6a:0f:db:32:02:25:ae:5a:08:38:94:af:c8:88:85:
                    08:33:78:24:1e:c5:16:e9:e1:52:f3:35:43:01:6a:
                    44:fc:0a:e1:a6:5f:de:d5:3d:ff:25:40:6a:ff:ae:
                    d8:18:53:5b:e6:c0:84:c7:36:ea:4b:59:e2:aa:1e:
                    e0:3c:06:49:fd:95:07:ee:4b:78:2b:10:ee:db:e5:
                    6d:15:46:e8:68:5c:ab:16:f0:af:94:0e:a5:c9:be:
                    c1:f2:56:e2:9e:ab:8e:65:6f:67:19:46:85:2d:2d:
                    1e:60:4c:93:84:da:7d:72:88:7e:3a:67:90:95:a0:
                    23:47:be:56:a6:ad:f7:fa:f2:4a:7c:0a:d8:d6:44:
                    98:24:0f:38:99:74:8f:74:da:98:30:1a:34:51:93:
                    9e:2e:1d:f7:cc:f2:d6:a9:3d:76:9e:e2:8a:ba:fc:
                    fa:4d:8f:dd:8b:f6:78:2c:b6:dd:7d:c7:a5:4b:00:
                    de:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:BA:11:87:A6:A7:12:CE:90:F9:18:25:DE:91:4C:6B:EE:D6:C5:87
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/tLoRh6anEs6Q-Rgl3pFMa-7WxYc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         78:48:ee:38:7f:7d:7b:19:8d:d0:1f:57:af:d8:f1:70:a1:c9:
         80:54:9e:f2:f5:ae:4e:bf:9c:63:eb:67:52:62:60:7b:6a:23:
         f7:76:b2:38:7d:14:d7:46:1a:4f:0e:6b:0e:83:9b:4b:12:48:
         14:01:08:1f:a6:85:58:cd:96:62:bd:a5:8c:50:89:a9:1c:7c:
         ed:d1:6e:04:ab:e2:c3:95:82:4d:62:4d:e8:11:02:80:a8:d5:
         0b:48:f6:bf:6c:b1:e1:63:03:ef:0a:ba:06:18:e7:24:c6:61:
         fb:32:cf:cb:86:84:87:bb:d3:d4:26:60:89:bc:d1:20:37:0e:
         32:e1:a6:5a:1a:6d:32:f5:81:ac:5d:cf:fa:63:75:94:52:e0:
         c5:36:2f:5d:a8:73:40:26:f7:f5:78:15:db:1b:6f:d7:36:9d:
         9a:88:77:8f:3e:5e:da:90:a0:a9:56:f7:6b:cf:f2:91:8a:5a:
         aa:20:82:62:b5:4e:80:d4:58:4d:6d:14:e0:46:db:cb:6f:9f:
         56:98:73:36:23:ab:a2:78:c0:13:3a:ee:95:29:de:9a:05:77:
         91:6f:5b:8d:88:f1:f7:6e:0f:e7:d5:90:9b:e0:3b:b7:5b:8d:
         02:ca:68:71:3f:af:c3:ca:3b:4d:fd:52:2d:3b:9c:1a:69:00:
         81:03:c4:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNbcNPh64dmD6mruNX1YAu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjIwOTIwMTUwNzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJhMTE4N2E2YTcxMmNlOTBmOTE4MjVkZTkxNGM2YmVlZDZjNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fXG6Bvxo2b0YDKUV3zL1Fk2PCLq
4N94ZYXWk2BiVovBElG4ZuhZKbqDY4MIHE+kzIvUJ4jF4muUFqGOHBDFWfRDk7dd
HzbkMYdqD9syAiWuWgg4lK/IiIUIM3gkHsUW6eFS8zVDAWpE/Arhpl/e1T3/JUBq
/67YGFNb5sCExzbqS1niqh7gPAZJ/ZUH7kt4KxDu2+VtFUboaFyrFvCvlA6lyb7B
8lbinquOZW9nGUaFLS0eYEyThNp9coh+OmeQlaAjR75Wpq33+vJKfArY1kSYJA84
mXSPdNqYMBo0UZOeLh33zPLWqT12nuKKuvz6TY/di/Z4LLbdfcelSwDekQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLS6EYempxLOkPkYJd6RTGvu1sWHMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvdExvUmg2YW5FczZRLVJnbDNwRk1hLTdXeFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbUUMA0G
CSqGSIb3DQEBCwUAA4IBAQB4SO44f317GY3QH1ev2PFwocmAVJ7y9a5Ov5xj62dS
YmB7aiP3drI4fRTXRhpPDmsOg5tLEkgUAQgfpoVYzZZivaWMUImpHHzt0W4Eq+LD
lYJNYk3oEQKAqNULSPa/bLHhYwPvCroGGOckxmH7Ms/LhoSHu9PUJmCJvNEgNw4y
4aZaGm0y9YGsXc/6Y3WUUuDFNi9dqHNAJvf1eBXbG2/XNp2aiHePPl7akKCpVvdr
z/KRilqqIIJitU6A1FhNbRTgRtvLb59WmHM2I6uieMATOu6VKd6aBXeRb1uNiPH3
bg/n1ZCb4Du3W40CymhxP6/DyjtN/VItO5waaQCBA8QB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org