Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/rObJ3QOOzZuiA7pa9MhK538v9sY.roa
File:                     rObJ3QOOzZuiA7pa9MhK538v9sY.roa (raw, json)
Hash identifier:          tRNNvOnLfJhBu6tspR74sl+g23nYD0bOQuvcU7dPBFo=
Subject key identifier:   AC:E6:C9:DD:03:8E:CD:9B:A2:03:BA:5A:F4:C8:4A:E7:7F:2F:F6:C6
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       13884C0A
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/rObJ3QOOzZuiA7pa9MhK538v9sY.roa
Signing time:             Sat 01 Jan 2022 05:56:18 +0000
ROA not before:           Sat 01 Jan 2022 05:56:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202469
IP address blocks:        5.180.4.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 327699466 (0x13884c0a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  1 05:56:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ace6c9dd038ecd9ba203ba5af4c84ae77f2ff6c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:71:da:70:37:d9:fc:c6:da:b6:13:b5:a6:68:
                    9b:2d:77:6c:3d:3f:9a:c3:8a:04:fb:3f:f2:13:d9:
                    bd:69:91:d2:ec:d4:f3:6e:4c:24:e2:a3:70:91:8c:
                    9e:9e:fe:a9:e3:59:16:93:bf:0d:94:2b:23:6c:f5:
                    47:02:f9:30:06:eb:79:88:5e:b3:63:21:01:04:e8:
                    69:fb:ca:83:4d:ae:30:bf:5b:c7:0c:e0:6c:f7:a6:
                    cb:66:bf:5a:af:44:9b:7d:93:df:d2:eb:6d:54:5b:
                    15:70:37:6f:4d:d2:85:e2:19:ee:7c:d5:c5:55:37:
                    ab:f7:ce:8f:20:79:02:62:d6:dd:4b:2e:aa:df:f5:
                    49:8d:3e:8b:a0:32:9b:52:1a:45:d5:66:44:61:39:
                    7c:7d:3c:8c:1a:2e:f4:b5:0a:75:2a:c6:7d:33:8b:
                    33:06:56:c6:04:b5:11:58:4d:a1:55:8c:49:3c:61:
                    5e:11:6a:8c:0f:97:37:e9:85:6a:f8:0a:c7:4b:d9:
                    ef:ea:c2:57:c6:9d:83:7b:bb:75:ee:8c:6d:c8:2e:
                    6c:11:69:6c:b8:44:8f:74:8a:1e:83:bc:4a:66:79:
                    6e:b1:c6:4a:2b:37:84:e4:3c:26:77:5e:70:c8:ca:
                    1c:9a:0e:4e:d9:1a:a4:fa:01:87:af:14:a4:0d:42:
                    35:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:E6:C9:DD:03:8E:CD:9B:A2:03:BA:5A:F4:C8:4A:E7:7F:2F:F6:C6
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/rObJ3QOOzZuiA7pa9MhK538v9sY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:1f:e7:3a:3e:61:53:81:73:f6:4f:a9:6c:cd:b9:57:19:a5:
         3e:38:56:fe:b5:9d:1a:e0:1a:62:67:8b:57:06:f7:9a:69:24:
         1e:96:a8:6b:30:31:7a:3f:a1:da:86:68:08:41:59:cb:de:64:
         a8:1c:db:76:08:f7:a4:7a:70:8b:07:be:2b:9d:6d:14:38:58:
         d0:da:55:cb:cb:e9:85:b1:2a:ff:29:56:64:54:1d:d7:22:18:
         2e:80:9b:5b:72:93:fb:54:96:ca:17:81:65:9e:a9:d8:fd:93:
         1c:50:15:bb:9a:2d:ff:85:3b:f6:60:a0:f7:69:08:2e:50:a6:
         6e:2a:6b:6c:2c:55:0c:27:2e:ee:60:68:ee:1a:41:bd:66:ca:
         8b:b5:7d:80:1a:98:6b:8f:af:0a:61:34:db:ac:39:a1:c8:f0:
         d5:16:c5:f0:ca:49:fd:cd:df:b6:6f:b6:92:27:f4:d2:ab:64:
         6a:c9:6c:f3:48:fd:9c:fe:c5:7f:1d:be:51:9a:1f:fe:dc:8e:
         f3:81:46:17:00:d5:c8:38:b7:0b:9f:1e:1e:b9:a5:16:d3:3f:
         48:cc:62:da:48:bd:92:61:3f:0b:99:cb:5c:37:dd:bb:ed:81:
         ed:52:df:21:10:b2:b4:97:f5:31:9b:01:4d:be:01:79:a0:6f:
         89:90:96:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE4hMCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNlNmM5ZGQwMzhl
Y2Q5YmEyMDNiYTVhZjRjODRhZTc3ZjJmZjZjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN9x2nA32fzG2rYTtaZomy13bD0/msOKBPs/8hPZvWmR0uzU
825MJOKjcJGMnp7+qeNZFpO/DZQrI2z1RwL5MAbreYhes2MhAQToafvKg02uML9b
xwzgbPemy2a/Wq9Em32T39LrbVRbFXA3b03SheIZ7nzVxVU3q/fOjyB5AmLW3Usu
qt/1SY0+i6Aym1IaRdVmRGE5fH08jBou9LUKdSrGfTOLMwZWxgS1EVhNoVWMSTxh
XhFqjA+XN+mFavgKx0vZ7+rCV8adg3u7de6MbcgubBFpbLhEj3SKHoO8SmZ5brHG
Sis3hOQ8JndecMjKHJoOTtkapPoBh68UpA1CNRUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSs5sndA47Nm6IDulr0yErnfy/2xjAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L3JPYkozUU9Pelp1aUE3cGE5TWhLNTM4djlzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgW0BDANBgkqhkiG9w0BAQsFAAOC
AQEASh/nOj5hU4Fz9k+pbM25VxmlPjhW/rWdGuAaYmeLVwb3mmkkHpaoazAxej+h
2oZoCEFZy95kqBzbdgj3pHpwiwe+K51tFDhY0NpVy8vphbEq/ylWZFQd1yIYLoCb
W3KT+1SWyheBZZ6p2P2THFAVu5ot/4U79mCg92kILlCmbiprbCxVDCcu7mBo7hpB
vWbKi7V9gBqYa4+vCmE026w5ocjw1RbF8MpJ/c3ftm+2kif00qtkasls80j9nP7F
fx2+UZof/tyO84FGFwDVyDi3C58eHrmlFtM/SMxi2ki9kmE/C5nLXDfdu+2B7VLf
IRCytJf1MZsBTb4BeaBviZCW9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org