Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/qpx40PJG4q7y0fk7KJm2eLzxJ48.roa
File:                     qpx40PJG4q7y0fk7KJm2eLzxJ48.roa (raw, json)
Hash identifier:          7JsmF4KuikuIOPSRmstndYX4hq5ykhTe8PlJ3FpTp1s=
Subject key identifier:   AA:9C:78:D0:F2:46:E2:AE:F2:D1:F9:3B:28:99:B6:78:BC:F1:27:8F
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       01844E73EB38C1215F491E0452C81D3F29A8
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/qpx40PJG4q7y0fk7KJm2eLzxJ48.roa
Signing time:             Sun 06 Nov 2022 19:38:50 +0000
ROA not before:           Sun 06 Nov 2022 19:38:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397373
IP address blocks:        5.144.176.0/22 maxlen: 22
                          5.144.181.0/24 maxlen: 24
                          5.144.180.0/24 maxlen: 24
                          5.144.182.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:4e:73:eb:38:c1:21:5f:49:1e:04:52:c8:1d:3f:29:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Nov  6 19:38:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aa9c78d0f246e2aef2d1f93b2899b678bcf1278f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:24:82:87:f8:95:58:33:df:9d:93:5c:8b:24:
                    18:55:fa:be:41:34:ff:01:76:ea:e1:da:41:88:30:
                    f7:98:6e:fb:2a:dc:f1:2a:ad:dc:05:03:46:c1:2e:
                    5c:66:99:8f:e2:7e:ab:9c:ef:34:d4:d4:30:f8:08:
                    7c:5e:a0:cc:27:28:5e:46:70:f2:ee:38:eb:e7:33:
                    be:9d:1b:b8:7a:89:50:9a:fe:d7:dc:4e:1a:46:b3:
                    23:d8:c3:41:9a:cc:57:76:77:df:ef:24:74:1b:47:
                    a4:2c:83:e4:26:bc:7c:a3:c9:19:dc:f4:44:1b:35:
                    e2:8e:e2:88:de:89:ea:2d:3c:40:e8:fd:ed:08:33:
                    54:ee:b9:3e:f9:01:e0:0a:30:0f:01:b1:e2:3c:6b:
                    29:cf:cd:2d:2f:a4:89:21:74:92:08:15:7e:f3:b4:
                    f7:a4:20:07:ac:c0:ab:e6:7d:55:99:92:be:be:20:
                    c5:02:71:c2:28:3c:34:d1:d2:ef:77:70:fa:de:2b:
                    13:ff:72:61:3c:05:11:01:38:da:f2:ed:f3:be:f7:
                    73:59:e6:db:d6:2a:05:37:c5:71:4a:dc:aa:6d:a2:
                    5f:4b:b4:e9:6a:7e:3b:a5:57:7f:0f:f7:87:a1:46:
                    e2:b6:c4:38:31:38:88:e5:12:89:7e:88:92:91:98:
                    30:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:9C:78:D0:F2:46:E2:AE:F2:D1:F9:3B:28:99:B6:78:BC:F1:27:8F
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/qpx40PJG4q7y0fk7KJm2eLzxJ48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.176.0-5.144.182.255

    Signature Algorithm: sha256WithRSAEncryption
         69:29:44:0a:36:54:e2:54:8c:6a:60:7c:03:f9:6b:07:1e:30:
         56:a4:71:7c:73:ae:e9:b2:75:0e:e4:66:0d:13:77:08:63:32:
         ef:89:51:cc:78:3a:8d:c4:82:a9:77:78:2d:88:db:82:39:d7:
         0c:51:dd:c5:61:99:5d:a9:7e:66:30:0b:01:81:20:39:47:8c:
         cc:f6:99:12:b5:e1:8e:2b:f4:fc:95:9e:9d:08:8a:d6:6a:e2:
         52:47:d5:63:4c:44:84:64:d1:75:4b:8a:ba:a1:72:86:00:68:
         de:c2:ce:d4:8c:38:c4:d7:3b:9b:e0:fd:b6:69:f0:bc:f7:2e:
         ef:97:ca:e0:73:f2:65:53:2e:08:4c:b2:cd:2b:46:0a:ec:10:
         d0:ac:f4:15:69:fa:cd:e8:64:43:b8:ac:57:ea:91:92:1b:4f:
         e8:f6:a4:e8:2f:72:d3:39:24:20:5f:23:41:72:5f:50:11:a4:
         78:1c:d3:63:fa:d1:d7:2b:31:cc:f1:a6:9f:14:33:0d:3e:9d:
         ad:cb:70:a8:7f:de:75:27:7f:af:97:73:d2:a6:00:b2:d1:40:
         76:e3:b1:8d:cf:9b:f2:50:5d:be:47:a5:d1:f2:09:62:bf:31:
         42:61:7f:25:90:20:f3:d5:9b:74:44:8a:b9:5a:ff:90:ef:af:
         bc:0b:f4:9d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYROc+s4wSFfSR4EUsgdPymoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjIxMTA2MTkzODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTljNzhkMGYyNDZlMmFlZjJkMWY5M2IyODk5YjY3OGJjZjEyNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSSCh/iVWDPfnZNciyQYVfq+QTT/
AXbq4dpBiDD3mG77KtzxKq3cBQNGwS5cZpmP4n6rnO801NQw+Ah8XqDMJyheRnDy
7jjr5zO+nRu4eolQmv7X3E4aRrMj2MNBmsxXdnff7yR0G0ekLIPkJrx8o8kZ3PRE
GzXijuKI3onqLTxA6P3tCDNU7rk++QHgCjAPAbHiPGspz80tL6SJIXSSCBV+87T3
pCAHrMCr5n1VmZK+viDFAnHCKDw00dLvd3D63isT/3JhPAURATja8u3zvvdzWebb
1ioFN8VxStyqbaJfS7Tpan47pVd/D/eHoUbitsQ4MTiI5RKJfoiSkZgw/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKqceNDyRuKu8tH5OyiZtni88SePMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvcXB4NDBQSkc0cTd5MGZrN0tKbTJlTHp4SjQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAQFkLAD
BAAFkLYwDQYJKoZIhvcNAQELBQADggEBAGkpRAo2VOJUjGpgfAP5awceMFakcXxz
rumydQ7kZg0TdwhjMu+JUcx4Oo3Egql3eC2I24I51wxR3cVhmV2pfmYwCwGBIDlH
jMz2mRK14Y4r9PyVnp0IitZq4lJH1WNMRIRk0XVLirqhcoYAaN7CztSMOMTXO5vg
/bZp8Lz3Lu+XyuBz8mVTLghMss0rRgrsENCs9BVp+s3oZEO4rFfqkZIbT+j2pOgv
ctM5JCBfI0FyX1ARpHgc02P60dcrMczxpp8UMw0+na3LcKh/3nUnf6+Xc9KmALLR
QHbjsY3Pm/JQXb5HpdHyCWK/MUJhfyWQIPPVm3REirla/5Dvr7wL9J0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org