Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/IsSASvDanhrTdHm426wMq6nK4cQ.roa
File:                     IsSASvDanhrTdHm426wMq6nK4cQ.roa (raw, json)
Hash identifier:          hTvFh2GQ91oBSPLKsh5ekHlUhcjx0oN/401F7EQePbI=
Subject key identifier:   22:C4:80:4A:F0:DA:9E:1A:D3:74:79:B8:DB:AC:0C:AB:A9:CA:E1:C4
Certificate issuer:       /CN=c42978d532698fb20840f942b0247c01c8f578b2
Certificate serial:       03917C45
Authority key identifier: C4:29:78:D5:32:69:8F:B2:08:40:F9:42:B0:24:7C:01:C8:F5:78:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xCl41TJpj7IIQPlCsCR8Acj1eLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/IsSASvDanhrTdHm426wMq6nK4cQ.roa
Signing time:             Sat 01 Jan 2022 12:57:51 +0000
ROA not before:           Sat 01 Jan 2022 12:57:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209549
IP address blocks:        5.180.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59866181 (0x3917c45)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42978d532698fb20840f942b0247c01c8f578b2
        Validity
            Not Before: Jan  1 12:57:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=22c4804af0da9e1ad37479b8dbac0caba9cae1c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:98:ea:63:fb:59:e7:39:7e:b6:fd:7a:d8:71:
                    8f:9b:f8:00:55:5d:2c:e8:24:2a:6f:54:76:0c:64:
                    24:8c:ac:d1:fb:7e:a6:f4:5d:2f:2a:67:54:15:a8:
                    bb:7e:ae:a5:d9:42:a8:bf:0d:ec:c3:4c:e4:37:43:
                    38:b8:6b:2d:f7:0c:90:03:5c:53:8d:00:8e:6b:94:
                    52:20:3a:80:e0:2c:f3:ea:d1:1a:6c:05:8d:ae:75:
                    38:1b:4a:4c:ab:dd:9e:8f:19:04:95:05:c2:75:0f:
                    73:c6:24:cf:e8:1d:a6:05:ff:21:25:49:ec:43:43:
                    de:ba:6b:56:75:77:83:a2:43:ef:24:ca:ea:9b:ba:
                    8f:62:ea:1d:a9:2c:11:56:7b:62:06:6c:c3:b1:1a:
                    ae:ef:73:71:a8:0f:20:93:64:9e:07:c6:cb:b2:f2:
                    13:16:5a:98:62:02:be:cf:48:3d:a7:6c:a0:22:2c:
                    0f:87:60:3c:8f:93:eb:6b:19:1e:5e:00:e5:e7:47:
                    82:47:e7:d4:bf:c6:29:af:40:ce:a2:1b:84:fa:2c:
                    cb:b6:53:08:68:5f:66:a2:c1:89:bb:75:64:a0:a4:
                    65:9f:13:4f:db:20:1f:2f:a5:57:cf:94:74:0c:e8:
                    a4:95:f7:f1:c7:53:50:26:03:da:9a:db:7b:74:99:
                    20:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:C4:80:4A:F0:DA:9E:1A:D3:74:79:B8:DB:AC:0C:AB:A9:CA:E1:C4
            X509v3 Authority Key Identifier:
                keyid:C4:29:78:D5:32:69:8F:B2:08:40:F9:42:B0:24:7C:01:C8:F5:78:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCl41TJpj7IIQPlCsCR8Acj1eLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/IsSASvDanhrTdHm426wMq6nK4cQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/xCl41TJpj7IIQPlCsCR8Acj1eLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:43:d0:4e:d7:24:1d:c3:22:1c:74:57:59:d8:60:2b:4c:54:
         1f:04:fd:c3:ab:7e:a6:6d:08:a1:00:3a:e2:1b:67:41:7d:04:
         88:cf:71:e4:10:35:f0:94:ff:86:64:89:8c:fb:4b:dd:54:59:
         e8:ba:dd:65:59:72:d5:d2:b7:8c:d2:a5:fe:8f:87:e1:eb:24:
         62:fc:65:44:8f:53:7b:20:f7:c3:02:db:62:98:08:ff:d8:ec:
         52:c9:3d:77:4a:19:a8:41:97:db:04:a1:40:a5:c3:58:1f:f7:
         bd:d5:a6:c4:08:8c:61:00:4f:7a:3a:39:25:1e:f9:9a:fa:03:
         9d:de:c5:66:a0:84:59:27:c3:93:01:9f:9f:a6:1a:9c:d6:d3:
         fd:c8:fe:1a:db:b0:dd:0e:33:d2:2d:65:67:67:18:5b:fb:fe:
         82:e8:9a:6f:b7:2b:7c:b3:ff:b3:ba:f4:12:bb:1b:e5:43:9c:
         cd:8a:4e:53:fb:19:57:e5:03:6d:ab:8d:b8:b9:6b:76:a5:a6:
         6e:53:76:1f:4e:8f:ab:64:8e:dd:af:3a:db:6b:c1:d6:3e:4f:
         db:c1:2a:99:26:c8:70:5d:5d:9e:0e:5c:63:0b:b4:bf:45:b8:
         e7:11:c2:74:cd:28:8b:b8:ee:5f:ef:ae:b0:d2:7e:03:2e:4d:
         f4:73:1a:46
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5F8RTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDI5NzhkNTMyNjk4ZmIyMDg0MGY5NDJiMDI0N2MwMWM4ZjU3OGIyMB4XDTIyMDEw
MTEyNTc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJjNDgwNGFmMGRh
OWUxYWQzNzQ3OWI4ZGJhYzBjYWJhOWNhZTFjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaY6mP7Wec5frb9ethxj5v4AFVdLOgkKm9UdgxkJIys0ft+
pvRdLypnVBWou36updlCqL8N7MNM5DdDOLhrLfcMkANcU40AjmuUUiA6gOAs8+rR
GmwFja51OBtKTKvdno8ZBJUFwnUPc8Ykz+gdpgX/ISVJ7END3rprVnV3g6JD7yTK
6pu6j2LqHaksEVZ7YgZsw7Earu9zcagPIJNkngfGy7LyExZamGICvs9IPadsoCIs
D4dgPI+T62sZHl4A5edHgkfn1L/GKa9AzqIbhPosy7ZTCGhfZqLBibt1ZKCkZZ8T
T9sgHy+lV8+UdAzopJX38cdTUCYD2prbe3SZIM0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQixIBK8NqeGtN0ebjbrAyrqcrhxDAfBgNVHSMEGDAWgBTEKXjVMmmPsghA
+UKwJHwByPV4sjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hDbDQxVEpwajdJSVFQbENzQ1I4QWNqMWVMSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvZWRkN2FmLTJmZjAtNDVkYy1iMTRiLTc3ZDUxNmJlN2E4Ny8x
L0lzU0FTdkRhbmhyVGRIbTQyNndNcTZuSzRjUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
ZWRkN2FmLTJmZjAtNDVkYy1iMTRiLTc3ZDUxNmJlN2E4Ny8xL3hDbDQxVEpwajdJ
SVFQbENzQ1I4QWNqMWVMSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW0fDANBgkqhkiG9w0BAQsFAAOC
AQEAlUPQTtckHcMiHHRXWdhgK0xUHwT9w6t+pm0IoQA64htnQX0EiM9x5BA18JT/
hmSJjPtL3VRZ6LrdZVly1dK3jNKl/o+H4eskYvxlRI9TeyD3wwLbYpgI/9jsUsk9
d0oZqEGX2wShQKXDWB/3vdWmxAiMYQBPejo5JR75mvoDnd7FZqCEWSfDkwGfn6Ya
nNbT/cj+Gtuw3Q4z0i1lZ2cYW/v+guiab7crfLP/s7r0Ersb5UOczYpOU/sZV+UD
bauNuLlrdqWmblN2H06Pq2SO3a8622vB1j5P28EqmSbIcF1dng5cYwu0v0W45xHC
dM0oi7juX++usNJ+Ay5N9HMaRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:02 2024 by rpki-client on console-fra.rpki-client.org