Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/urG6-HF4jw02jA3If3Y29idBx7o.roa
File:                     urG6-HF4jw02jA3If3Y29idBx7o.roa (raw, json)
Hash identifier:          IG9ZHua5j7+SwP85qLqV5BUfofpLK2hS2xjtQRbNUAQ=
Subject key identifier:   BA:B1:BA:F8:71:78:8F:0D:36:8C:0D:C8:7F:76:36:F6:27:41:C7:BA
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       01837AAE062E34A5538274C1D29A39A52ED9
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/urG6-HF4jw02jA3If3Y29idBx7o.roa
Signing time:             Mon 26 Sep 2022 16:42:48 +0000
ROA not before:           Mon 26 Sep 2022 16:42:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209868
IP address blocks:        2.57.152.0/22 maxlen: 22
                          5.253.228.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:7a:ae:06:2e:34:a5:53:82:74:c1:d2:9a:39:a5:2e:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Sep 26 16:42:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bab1baf871788f0d368c0dc87f7636f62741c7ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e8:81:e4:39:03:67:23:7e:67:c8:e6:4b:a2:
                    89:58:96:c3:12:c4:70:40:9a:d2:5f:11:cd:bb:a9:
                    93:59:02:cd:0c:5a:fa:9a:70:a2:94:d0:9b:b4:9a:
                    12:e6:94:36:82:7d:98:8b:42:8a:16:c4:28:64:79:
                    da:b7:56:84:89:56:16:ef:52:c9:df:80:76:f8:b1:
                    3a:3c:09:47:90:60:ff:bb:a4:d0:33:7b:9b:cc:a3:
                    fb:41:fd:d8:8d:23:32:fc:75:88:68:ef:87:03:07:
                    0b:53:9a:2f:7a:ba:1a:71:61:1c:be:4b:70:85:97:
                    ac:4e:f2:63:70:f4:32:86:3c:7e:38:d3:35:26:36:
                    6a:9e:ae:89:26:c2:bb:40:8a:1c:c2:06:82:ec:8a:
                    77:41:d7:f8:8e:a5:f2:c9:7c:a5:5c:ac:1b:6b:07:
                    cf:24:c8:0e:b9:13:99:1a:84:c8:9e:bb:53:d3:44:
                    d7:55:74:c5:c6:e4:f5:4d:74:b0:17:56:47:94:2e:
                    3b:f3:77:9c:fd:55:3b:0d:04:e6:5f:4a:ca:66:6f:
                    e1:f9:cf:6a:c1:cb:5b:a1:61:f9:3b:12:6d:78:6e:
                    20:c9:e7:24:29:1b:b3:76:41:20:ce:33:2f:48:e8:
                    8b:03:84:8c:88:58:e9:22:0d:c3:9d:08:64:8b:7c:
                    f5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:B1:BA:F8:71:78:8F:0D:36:8C:0D:C8:7F:76:36:F6:27:41:C7:BA
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/urG6-HF4jw02jA3If3Y29idBx7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.152.0/22
                  5.253.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         29:91:dd:cf:3c:eb:e6:e0:1d:55:95:46:7d:9d:76:b4:7e:7a:
         1d:59:e8:9d:fe:a8:da:f4:67:ee:d3:3f:81:91:da:b7:5e:c6:
         3f:0f:fd:96:8b:4f:7b:75:96:47:15:ae:68:4f:0e:12:4b:5c:
         80:7c:19:30:78:8c:0d:2a:81:8d:10:6b:68:3a:d6:9b:58:bf:
         94:85:48:dc:ed:8f:99:a8:1b:65:0e:1e:12:e8:a2:7e:ac:e6:
         29:c0:24:25:3f:26:75:34:cb:87:8b:9a:5d:d1:71:9a:18:6f:
         e2:41:f6:64:27:30:22:f7:13:14:d1:bd:ba:9e:4a:21:82:3b:
         f3:cd:e5:94:9b:c8:b7:23:b5:b6:fd:0a:3d:01:a6:4e:c2:93:
         ac:14:be:10:18:66:f2:a2:18:4b:8c:df:23:43:b1:d2:d0:3a:
         ee:7c:f3:f2:15:7b:80:39:d6:a2:f2:eb:8e:bc:29:9f:85:98:
         fc:71:9c:98:d6:35:96:5f:e6:17:96:c4:d2:3e:a6:10:d9:5b:
         78:06:f2:38:57:29:24:d6:5b:8f:a3:17:35:a5:dc:57:dd:fc:
         48:1a:e4:37:06:8d:cd:b9:ef:22:53:f1:e1:8e:53:be:fa:46:
         7b:cc:b2:48:37:1b:67:54:ee:0c:64:a9:bc:1f:c7:0f:79:08:
         b3:46:78:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYN6rgYuNKVTgnTB0po5pS7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTI2MTY0MjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWIxYmFmODcxNzg4ZjBkMzY4YzBkYzg3Zjc2MzZmNjI3NDFjN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeiB5DkDZyN+Z8jmS6KJWJbDEsRw
QJrSXxHNu6mTWQLNDFr6mnCilNCbtJoS5pQ2gn2Yi0KKFsQoZHnat1aEiVYW71LJ
34B2+LE6PAlHkGD/u6TQM3ubzKP7Qf3YjSMy/HWIaO+HAwcLU5overoacWEcvktw
hZesTvJjcPQyhjx+ONM1JjZqnq6JJsK7QIocwgaC7Ip3Qdf4jqXyyXylXKwbawfP
JMgOuROZGoTInrtT00TXVXTFxuT1TXSwF1ZHlC4783ec/VU7DQTmX0rKZm/h+c9q
wctboWH5OxJteG4gyeckKRuzdkEgzjMvSOiLA4SMiFjpIg3DnQhki3z1AwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLqxuvhxeI8NNowNyH92NvYnQce6MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdXJHNi1IRjRqdzAyakEzSWYzWTI5aWRCeDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjmYAwQC
Bf3kMA0GCSqGSIb3DQEBCwUAA4IBAQApkd3PPOvm4B1VlUZ9nXa0fnodWeid/qja
9Gfu0z+Bkdq3XsY/D/2Wi097dZZHFa5oTw4SS1yAfBkweIwNKoGNEGtoOtabWL+U
hUjc7Y+ZqBtlDh4S6KJ+rOYpwCQlPyZ1NMuHi5pd0XGaGG/iQfZkJzAi9xMU0b26
nkohgjvzzeWUm8i3I7W2/Qo9AaZOwpOsFL4QGGbyohhLjN8jQ7HS0DrufPPyFXuA
Odai8uuOvCmfhZj8cZyY1jWWX+YXlsTSPqYQ2Vt4BvI4Vykk1luPoxc1pdxX3fxI
GuQ3Bo3Nue8iU/HhjlO++kZ7zLJINxtnVO4MZKm8H8cPeQizRniV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org