Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/xun_v7ERE6aJFItAY75qV8eZ07M.roa
File:                     xun_v7ERE6aJFItAY75qV8eZ07M.roa (raw, json)
Hash identifier:          7iFsA5kP/reIqBUGixq95BvHpmkCxaXc0n5msZIjgxk=
Subject key identifier:   C6:E9:FF:BF:B1:11:13:A6:89:14:8B:40:63:BE:6A:57:C7:99:D3:B3
Certificate issuer:       /CN=7de98f48e988790d0e0793537941b413d2e60306
Certificate serial:       094E601C
Authority key identifier: 7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/xun_v7ERE6aJFItAY75qV8eZ07M.roa
Signing time:             Sat 01 Jan 2022 02:54:53 +0000
ROA not before:           Sat 01 Jan 2022 02:54:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41071
IP address blocks:        5.252.44.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 156131356 (0x94e601c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7de98f48e988790d0e0793537941b413d2e60306
        Validity
            Not Before: Jan  1 02:54:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c6e9ffbfb11113a689148b4063be6a57c799d3b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:1d:74:39:ad:8e:ad:3b:66:81:1a:41:2d:e1:
                    60:7c:4b:e9:2d:6d:4c:b9:18:7a:67:f3:52:68:3b:
                    bf:73:4b:30:bc:be:09:7b:8c:d9:14:26:9d:b3:61:
                    55:ca:ba:b1:5f:77:2e:c4:ca:0f:e1:79:23:a4:b8:
                    4a:1e:cb:44:ef:68:46:d9:25:93:bd:ee:f5:50:b6:
                    96:88:85:2d:2d:43:a1:22:05:a7:af:1a:00:6f:29:
                    96:ee:7d:48:a2:aa:26:3d:50:21:90:41:c6:f1:09:
                    02:d5:2f:8d:28:37:26:7c:4f:33:cd:33:2e:09:30:
                    5c:11:fb:0c:69:75:5b:45:d5:a9:71:3c:97:fb:47:
                    e3:91:c9:90:d2:10:d6:b9:5f:15:1a:58:a1:45:35:
                    e6:61:24:54:9c:24:6b:a4:ff:3d:a3:69:3a:52:f8:
                    87:4f:00:10:d5:6c:fc:2a:e7:c6:8b:3b:99:be:85:
                    1f:13:5b:05:dc:e2:19:72:49:1c:40:bb:eb:d1:ed:
                    da:9e:ae:21:f2:d4:72:0e:66:2a:4f:3c:ba:3f:8b:
                    27:7e:92:14:26:99:a9:36:16:f6:5e:e4:58:73:5a:
                    c2:ad:f5:d0:c3:99:ec:c4:17:2f:89:59:66:b2:f3:
                    1c:47:28:ab:d3:19:2a:4a:96:e3:26:a5:db:cc:66:
                    bb:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:E9:FF:BF:B1:11:13:A6:89:14:8B:40:63:BE:6A:57:C7:99:D3:B3
            X509v3 Authority Key Identifier:
                keyid:7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/xun_v7ERE6aJFItAY75qV8eZ07M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.252.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         07:1e:e8:f9:21:77:e6:ae:b1:5a:76:f9:85:17:a6:bf:bf:59:
         6c:c6:46:b4:0a:af:2a:eb:0f:24:39:6b:5d:8c:5e:02:86:5a:
         ce:8e:52:20:54:ee:fc:51:c4:bf:f6:da:af:e5:8f:5b:55:ac:
         5f:56:ca:0a:27:59:2d:16:cb:1d:b7:82:22:80:52:16:eb:ad:
         31:de:b3:5f:df:31:25:8e:b9:d9:99:a1:a3:ae:ac:7a:d1:d7:
         9a:f5:ae:b6:dc:6a:52:79:09:b2:2c:11:ba:68:01:8d:05:06:
         f3:ac:b9:11:3c:28:c1:c2:97:b7:34:6a:b3:27:f0:71:69:e8:
         f1:0f:64:b9:80:06:33:94:41:05:3f:19:11:a9:f1:51:9a:51:
         72:28:94:87:60:79:f4:71:1d:97:60:20:ac:06:71:b2:20:0b:
         f9:d1:06:2a:ef:69:99:70:f8:6c:64:4b:6c:e5:cc:15:e8:07:
         21:41:09:05:87:2d:cb:54:75:3a:d0:a6:3a:f5:3a:52:3c:54:
         a1:62:26:d0:9f:92:fe:13:c1:ac:54:8e:aa:55:70:7e:e8:e5:
         52:fc:89:ee:94:b2:51:af:4d:05:70:31:00:6e:37:8b:cc:62:
         b3:67:6b:8b:9d:c5:58:ad:45:5b:d5:6e:c9:59:30:b1:52:99:
         ce:e5:19:ee
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECU5gHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGU5OGY0OGU5ODg3OTBkMGUwNzkzNTM3OTQxYjQxM2QyZTYwMzA2MB4XDTIyMDEw
MTAyNTQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZlOWZmYmZiMTEx
MTNhNjg5MTQ4YjQwNjNiZTZhNTdjNzk5ZDNiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQddDmtjq07ZoEaQS3hYHxL6S1tTLkYemfzUmg7v3NLMLy+
CXuM2RQmnbNhVcq6sV93LsTKD+F5I6S4Sh7LRO9oRtklk73u9VC2loiFLS1DoSIF
p68aAG8plu59SKKqJj1QIZBBxvEJAtUvjSg3JnxPM80zLgkwXBH7DGl1W0XVqXE8
l/tH45HJkNIQ1rlfFRpYoUU15mEkVJwka6T/PaNpOlL4h08AENVs/Crnxos7mb6F
HxNbBdziGXJJHEC769Ht2p6uIfLUcg5mKk88uj+LJ36SFCaZqTYW9l7kWHNawq31
0MOZ7MQXL4lZZrLzHEcoq9MZKkqW4yal28xmu0MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTG6f+/sRETpokUi0BjvmpXx5nTszAfBgNVHSMEGDAWgBR96Y9I6Yh5DQ4H
k1N5QbQT0uYDBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZlbVBTT21JZVEwT0I1TlRlVUcwRTlMbUF3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvYzBmYzBhLTE1ZDQtNDZjYy1hOGI5LTQ3NjMyY2I1Yjg1NC8x
L3h1bl92N0VSRTZhSkZJdEFZNzVxVjhlWjA3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
YzBmYzBhLTE1ZDQtNDZjYy1hOGI5LTQ3NjMyY2I1Yjg1NC8xL2ZlbVBTT21JZVEw
T0I1TlRlVUcwRTlMbUF3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgX8LDANBgkqhkiG9w0BAQsFAAOC
AQEABx7o+SF35q6xWnb5hRemv79ZbMZGtAqvKusPJDlrXYxeAoZazo5SIFTu/FHE
v/bar+WPW1WsX1bKCidZLRbLHbeCIoBSFuutMd6zX98xJY652Zmho66setHXmvWu
ttxqUnkJsiwRumgBjQUG86y5ETwowcKXtzRqsyfwcWno8Q9kuYAGM5RBBT8ZEanx
UZpRciiUh2B59HEdl2AgrAZxsiAL+dEGKu9pmXD4bGRLbOXMFegHIUEJBYcty1R1
OtCmOvU6UjxUoWIm0J+S/hPBrFSOqlVwfujlUvyJ7pSyUa9NBXAxAG43i8xis2dr
i53FWK1FW9VuyVkwsVKZzuUZ7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:56 2024 by rpki-client on console-fra.rpki-client.org