Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/DQ5NZLTIaYp44fRJZnfIjwjYxrs.roa
File:                     DQ5NZLTIaYp44fRJZnfIjwjYxrs.roa (raw, json)
Hash identifier:          gxw0WA+SXlGikSv1UHW2nhkFCf7RvCGuHGBflCTEb2U=
Subject key identifier:   0D:0E:4D:64:B4:C8:69:8A:78:E1:F4:49:66:77:C8:8F:08:D8:C6:BB
Certificate issuer:       /CN=1008ba5429a709bc58ecdbae3f17e1bc9d3a4d5c
Certificate serial:       10B6A216
Authority key identifier: 10:08:BA:54:29:A7:09:BC:58:EC:DB:AE:3F:17:E1:BC:9D:3A:4D:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EAi6VCmnCbxY7NuuPxfhvJ06TVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/DQ5NZLTIaYp44fRJZnfIjwjYxrs.roa
Signing time:             Sat 01 Jan 2022 09:58:49 +0000
ROA not before:           Sat 01 Jan 2022 09:58:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48408
IP address blocks:        91.209.133.0/24 maxlen: 24
                          185.142.224.0/22 maxlen: 24
                          2a07:3140::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 280404502 (0x10b6a216)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1008ba5429a709bc58ecdbae3f17e1bc9d3a4d5c
        Validity
            Not Before: Jan  1 09:58:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0d0e4d64b4c8698a78e1f4496677c88f08d8c6bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c7:0b:7f:77:ea:0b:2f:7a:57:fb:17:94:5f:
                    88:95:bb:e4:58:02:c5:8f:b6:0a:e2:d0:c2:2a:69:
                    02:e5:e9:b1:75:fc:f7:97:e3:d2:dc:60:c1:c5:17:
                    da:c0:47:d4:61:13:3e:83:66:b5:1b:ca:b6:a9:db:
                    b8:fa:f7:fc:3d:55:2f:ef:d8:b3:b5:cc:fe:6f:28:
                    3b:6f:76:78:62:14:f8:6d:1d:0b:c4:33:ed:17:b8:
                    7b:e5:0c:6e:8b:91:83:7b:9d:05:40:09:9b:82:29:
                    e8:83:c8:d4:b4:e6:6a:d3:ac:3a:45:60:c0:11:64:
                    97:03:6e:65:eb:11:21:a9:4d:28:27:bc:33:bf:43:
                    25:3b:fd:61:b3:91:04:12:6d:10:be:69:0d:57:63:
                    38:a4:5e:fa:0b:46:39:dd:41:60:1a:e9:8f:14:fe:
                    1c:ea:31:73:cb:b3:a8:b7:90:54:6d:47:f4:ab:cc:
                    11:34:12:e1:cb:1e:31:3c:68:09:f7:6c:e3:6c:09:
                    b1:b8:64:68:f7:3f:45:e5:a1:ec:14:f2:96:5b:8e:
                    23:1a:1b:71:61:b8:28:6c:f8:14:35:b5:4e:2a:77:
                    de:4d:cf:04:51:0f:50:23:b1:26:5e:15:d7:42:34:
                    fd:80:96:2c:d1:b1:35:6a:85:f2:d4:90:f2:7e:9e:
                    15:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:0E:4D:64:B4:C8:69:8A:78:E1:F4:49:66:77:C8:8F:08:D8:C6:BB
            X509v3 Authority Key Identifier:
                keyid:10:08:BA:54:29:A7:09:BC:58:EC:DB:AE:3F:17:E1:BC:9D:3A:4D:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAi6VCmnCbxY7NuuPxfhvJ06TVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/DQ5NZLTIaYp44fRJZnfIjwjYxrs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/EAi6VCmnCbxY7NuuPxfhvJ06TVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.209.133.0/24
                  185.142.224.0/22
                IPv6:
                  2a07:3140::/29

    Signature Algorithm: sha256WithRSAEncryption
         51:c4:4c:ec:12:fb:b5:03:ec:0e:40:04:47:36:aa:18:e4:10:
         36:4e:63:9b:3e:c9:e9:8f:24:d4:c8:7f:ea:bd:9d:3d:ed:0b:
         0d:47:6d:94:84:7d:24:c3:75:47:01:56:b3:fd:f0:01:48:b1:
         60:7e:4d:9c:fd:dd:7d:ee:f0:9a:00:ec:7a:d1:ac:df:03:f2:
         39:62:f4:1c:8f:3f:d2:c3:40:a5:3f:ec:bc:73:d5:d9:ae:fc:
         7f:3c:31:3f:aa:01:f3:03:0a:d6:7a:5d:2b:e7:c4:e3:d0:cc:
         f5:01:95:ac:82:45:ef:1e:ee:36:7a:e8:09:c7:43:54:df:ef:
         f1:3d:83:87:2c:18:1a:c1:f4:70:e0:c4:15:33:58:cf:ee:14:
         e4:06:05:1b:0f:d4:22:f8:34:d9:6d:29:fa:b7:99:27:9b:4d:
         f9:31:bf:fb:05:ea:7d:bd:72:77:d2:21:07:b4:2e:1a:46:c7:
         5e:c4:ba:32:2a:05:61:6d:99:ab:2a:36:de:cc:a9:68:cc:eb:
         2d:d0:2d:31:45:c4:c3:42:d2:5b:31:78:e6:11:5d:ca:9f:7d:
         c6:32:9b:d1:f3:d9:ae:c8:7c:11:70:d7:b2:cb:19:a8:50:d4:
         5a:3b:f0:f4:56:0d:3b:5f:cf:9a:cb:03:e5:02:12:10:a9:a0:
         a2:e2:ff:8d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEELaiFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDA4YmE1NDI5YTcwOWJjNThlY2RiYWUzZjE3ZTFiYzlkM2E0ZDVjMB4XDTIyMDEw
MTA5NTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQwZTRkNjRiNGM4
Njk4YTc4ZTFmNDQ5NjY3N2M4OGYwOGQ4YzZiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvHC3936gsvelf7F5RfiJW75FgCxY+2CuLQwippAuXpsXX8
95fj0txgwcUX2sBH1GETPoNmtRvKtqnbuPr3/D1VL+/Ys7XM/m8oO292eGIU+G0d
C8Qz7Re4e+UMbouRg3udBUAJm4Ip6IPI1LTmatOsOkVgwBFklwNuZesRIalNKCe8
M79DJTv9YbORBBJtEL5pDVdjOKRe+gtGOd1BYBrpjxT+HOoxc8uzqLeQVG1H9KvM
ETQS4cseMTxoCfds42wJsbhkaPc/ReWh7BTylluOIxobcWG4KGz4FDW1Tip33k3P
BFEPUCOxJl4V10I0/YCWLNGxNWqF8tSQ8n6eFV8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQNDk1ktMhpinjh9Elmd8iPCNjGuzAfBgNVHSMEGDAWgBQQCLpUKacJvFjs
264/F+G8nTpNXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VBaTZWQ21uQ2J4WTdOdXVQeGZodkowNlRWdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvNjEyM2M0LTJiYzUtNGRmOS1hZDEzLWUxZDk5Yjg3MDZlNC8x
L0RRNU5aTFRJYVlwNDRmUkpabmZJandqWXhycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
NjEyM2M0LTJiYzUtNGRmOS1hZDEzLWUxZDk5Yjg3MDZlNC8xL0VBaTZWQ21uQ2J4
WTdOdXVQeGZodkowNlRWdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFvRhQMEArmO4DANBAIAAjAHAwUD
KgcxQDANBgkqhkiG9w0BAQsFAAOCAQEAUcRM7BL7tQPsDkAERzaqGOQQNk5jmz7J
6Y8k1Mh/6r2dPe0LDUdtlIR9JMN1RwFWs/3wAUixYH5NnP3dfe7wmgDsetGs3wPy
OWL0HI8/0sNApT/svHPV2a78fzwxP6oB8wMK1npdK+fE49DM9QGVrIJF7x7uNnro
CcdDVN/v8T2DhywYGsH0cODEFTNYz+4U5AYFGw/UIvg02W0p+reZJ5tN+TG/+wXq
fb1yd9IhB7QuGkbHXsS6MioFYW2Zqyo23sypaMzrLdAtMUXEw0LSWzF45hFdyp99
xjKb0fPZrsh8EXDXsssZqFDUWjvw9FYNO1/PmssD5QISEKmgouL/jQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:34 2024 by rpki-client on console-fra.rpki-client.org