Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/hKj1ZwQ6BW1Or2i_xSFsz8vdK4w.roa
File:                     hKj1ZwQ6BW1Or2i_xSFsz8vdK4w.roa (raw, json)
Hash identifier:          d9fdfOOCy7Bivvby/D6Cr8/KaurhaxD6JcqIHLVUQCI=
Subject key identifier:   84:A8:F5:67:04:3A:05:6D:4E:AF:68:BF:C5:21:6C:CF:CB:DD:2B:8C
Certificate issuer:       /CN=7de98f48e988790d0e0793537941b413d2e60306
Certificate serial:       09D05B0D
Authority key identifier: 7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/hKj1ZwQ6BW1Or2i_xSFsz8vdK4w.roa
Signing time:             Thu 24 Feb 2022 18:00:41 +0000
ROA not before:           Thu 24 Feb 2022 18:00:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41071
IP address blocks:        5.252.44.0/22 maxlen: 22
                          91.102.128.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 164649741 (0x9d05b0d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7de98f48e988790d0e0793537941b413d2e60306
        Validity
            Not Before: Feb 24 18:00:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=84a8f567043a056d4eaf68bfc5216ccfcbdd2b8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:99:1f:5e:c4:fb:fe:87:24:d3:08:72:df:89:
                    8d:c1:ea:83:3f:d6:3f:bd:2b:eb:3f:3e:88:f9:1c:
                    90:93:71:a6:52:91:3c:b8:33:11:be:fc:be:73:89:
                    e5:b2:66:82:73:a8:b4:0d:22:7a:4c:86:86:bc:b8:
                    67:70:00:9b:36:73:04:e8:38:5f:11:3b:18:26:57:
                    ea:02:8b:5e:ce:7c:1a:80:c9:15:8f:e8:2a:6f:74:
                    c5:db:62:6e:ba:07:df:b9:a1:13:1b:52:d4:6d:40:
                    47:01:0b:15:a7:10:0a:28:7e:0c:8f:e6:6f:5a:61:
                    f5:83:66:df:29:08:21:57:9d:80:37:32:8c:d2:b4:
                    cc:e7:bd:fb:00:e4:24:15:ac:30:96:a8:e3:f4:59:
                    5a:bc:7d:04:f5:c5:b7:b4:12:f9:70:2f:3c:82:79:
                    97:fc:67:5d:4d:d8:5c:13:0c:31:13:05:31:a2:31:
                    e9:d8:60:dd:6c:e9:79:3c:33:56:a6:02:dc:c0:9d:
                    7e:27:ad:75:94:63:5b:6e:f4:4f:d0:26:3b:af:cb:
                    9e:d8:9e:aa:d8:37:e2:87:a7:2f:30:46:9a:fa:ec:
                    af:4a:9c:70:a8:a6:35:b0:44:48:5a:02:77:d1:a1:
                    1b:04:b3:2f:93:5f:ab:86:d8:a6:ce:5b:fd:e7:24:
                    51:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:A8:F5:67:04:3A:05:6D:4E:AF:68:BF:C5:21:6C:CF:CB:DD:2B:8C
            X509v3 Authority Key Identifier:
                keyid:7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/hKj1ZwQ6BW1Or2i_xSFsz8vdK4w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.252.44.0/22
                  91.102.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         62:bd:df:09:9c:72:c9:d6:8a:a5:64:fe:5d:ed:19:18:ae:38:
         f6:a2:0a:93:6e:24:54:91:f4:cd:30:a3:5e:7b:ca:40:6e:09:
         4f:33:28:0c:23:2a:73:7a:f7:11:ee:d5:40:41:76:1a:bb:67:
         38:d1:8c:12:52:59:b2:8e:fb:7a:52:56:68:1f:a0:19:70:0e:
         71:b2:f2:c0:e9:77:27:7f:d7:a1:0d:fe:58:07:ff:c7:78:c6:
         c5:fd:e3:27:74:8c:72:ad:84:56:a3:98:d1:ea:e5:32:37:15:
         92:2f:26:aa:2d:4a:18:52:fe:c7:74:5b:bd:c9:7a:1c:83:9a:
         5b:7c:03:1d:44:30:a8:d7:29:92:96:27:f5:74:b5:a6:32:45:
         86:12:85:c4:7b:ee:9d:3a:43:6b:c1:f3:e8:1c:cf:8b:f9:d6:
         9b:0e:68:27:75:2f:88:d6:d4:9f:d7:45:c5:cc:aa:9a:56:f3:
         81:98:a9:9b:9d:e8:22:27:c6:b1:65:02:f3:0e:85:02:ac:a7:
         f4:a9:cb:6c:ba:2d:83:5e:c3:e4:43:d6:c0:28:15:da:22:34:
         08:a7:01:6a:c8:cf:bd:22:44:8c:ea:e2:8b:40:f0:df:57:1e:
         b2:1d:5a:aa:43:e0:46:97:5e:81:38:e7:40:24:ba:05:85:c8:
         dc:73:13:5d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECdBbDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGU5OGY0OGU5ODg3OTBkMGUwNzkzNTM3OTQxYjQxM2QyZTYwMzA2MB4XDTIyMDIy
NDE4MDA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRhOGY1NjcwNDNh
MDU2ZDRlYWY2OGJmYzUyMTZjY2ZjYmRkMmI4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqZH17E+/6HJNMIct+JjcHqgz/WP70r6z8+iPkckJNxplKR
PLgzEb78vnOJ5bJmgnOotA0iekyGhry4Z3AAmzZzBOg4XxE7GCZX6gKLXs58GoDJ
FY/oKm90xdtibroH37mhExtS1G1ARwELFacQCih+DI/mb1ph9YNm3ykIIVedgDcy
jNK0zOe9+wDkJBWsMJao4/RZWrx9BPXFt7QS+XAvPIJ5l/xnXU3YXBMMMRMFMaIx
6dhg3WzpeTwzVqYC3MCdfietdZRjW270T9AmO6/Lntieqtg34oenLzBGmvrsr0qc
cKimNbBESFoCd9GhGwSzL5Nfq4bYps5b/eckUQkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSEqPVnBDoFbU6vaL/FIWzPy90rjDAfBgNVHSMEGDAWgBR96Y9I6Yh5DQ4H
k1N5QbQT0uYDBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZlbVBTT21JZVEwT0I1TlRlVUcwRTlMbUF3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvYzBmYzBhLTE1ZDQtNDZjYy1hOGI5LTQ3NjMyY2I1Yjg1NC8x
L2hLajFad1E2QlcxT3IyaV94U0Zzejh2ZEs0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
YzBmYzBhLTE1ZDQtNDZjYy1hOGI5LTQ3NjMyY2I1Yjg1NC8xL2ZlbVBTT21JZVEw
T0I1TlRlVUcwRTlMbUF3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAgX8LAMEA1tmgDANBgkqhkiG9w0B
AQsFAAOCAQEAYr3fCZxyydaKpWT+Xe0ZGK449qIKk24kVJH0zTCjXnvKQG4JTzMo
DCMqc3r3Ee7VQEF2GrtnONGMElJZso77elJWaB+gGXAOcbLywOl3J3/XoQ3+WAf/
x3jGxf3jJ3SMcq2EVqOY0erlMjcVki8mqi1KGFL+x3Rbvcl6HIOaW3wDHUQwqNcp
kpYn9XS1pjJFhhKFxHvunTpDa8Hz6BzPi/nWmw5oJ3UviNbUn9dFxcyqmlbzgZip
m53oIifGsWUC8w6FAqyn9KnLbLotg17D5EPWwCgV2iI0CKcBasjPvSJEjOrii0Dw
31cesh1aqkPgRpdegTjnQCS6BYXI3HMTXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:47 2024 by rpki-client on console-ams.rpki-client.org