Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/jy3AmlfRmG7H5022Pid56-94CJs.roa
File:                     jy3AmlfRmG7H5022Pid56-94CJs.roa (raw, json)
Hash identifier:          w8c1Ytn4PBtTpEBVr03IaRsTuL4NANvr/t+GO6oUVKI=
Subject key identifier:   8F:2D:C0:9A:57:D1:98:6E:C7:E7:4D:B6:3E:27:79:EB:EF:78:08:9B
Certificate issuer:       /CN=1dad7b9f1c49f8d13e1a67abcf2fba35b0a66d18
Certificate serial:       38079E4B
Authority key identifier: 1D:AD:7B:9F:1C:49:F8:D1:3E:1A:67:AB:CF:2F:BA:35:B0:A6:6D:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/jy3AmlfRmG7H5022Pid56-94CJs.roa
Signing time:             Sat 01 Jan 2022 05:03:03 +0000
ROA not before:           Sat 01 Jan 2022 05:03:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62217
IP address blocks:        5.102.170.0/23 maxlen: 24
                          2a00:1c10:104::/48 maxlen: 48
                          2a00:1c10:5:200::/56 maxlen: 64
                          2a00:1c10:103::/48 maxlen: 48
                          2a00:1c10:101::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 940023371 (0x38079e4b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dad7b9f1c49f8d13e1a67abcf2fba35b0a66d18
        Validity
            Not Before: Jan  1 05:03:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8f2dc09a57d1986ec7e74db63e2779ebef78089b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:50:8b:ae:12:dc:5c:bc:a3:ef:3c:6c:41:33:
                    11:c2:c6:c6:61:76:70:d4:66:ab:29:d9:e9:93:16:
                    23:6f:08:50:56:2d:ba:1b:6c:db:aa:7f:2c:c6:63:
                    7d:5b:fe:96:12:7f:77:09:6b:2f:83:5a:db:50:f3:
                    59:85:7b:17:6c:03:70:19:8c:51:a6:83:0c:8a:65:
                    1a:cc:6c:d4:7b:75:b6:ba:63:b6:75:e3:03:c2:96:
                    12:0a:c5:84:3a:8c:85:8f:a2:81:d8:82:0a:78:04:
                    0a:e9:9c:a3:e6:76:b5:ad:ed:cf:d7:07:f0:b4:65:
                    59:00:02:4b:f2:84:b4:a8:4a:70:98:f2:f9:fd:ff:
                    00:b3:a3:71:41:aa:9c:99:01:a8:9c:bd:3e:05:b7:
                    72:89:8f:3a:b2:15:21:30:fc:98:a1:b9:5e:97:3d:
                    06:fd:56:cd:5e:6d:4a:4e:3e:75:28:06:8b:e8:59:
                    5c:aa:7a:36:dc:42:fb:25:17:8f:28:93:f8:2b:48:
                    ec:84:9e:4a:aa:82:bc:a0:2c:d5:00:fc:46:66:3a:
                    05:e5:a0:28:e0:cc:d8:6c:b0:cd:bf:b1:1d:df:56:
                    1a:97:7c:7b:c7:4d:14:68:3d:44:64:c7:79:b7:85:
                    6c:90:f7:1f:38:10:26:02:c6:45:2e:e7:23:7e:e1:
                    13:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:2D:C0:9A:57:D1:98:6E:C7:E7:4D:B6:3E:27:79:EB:EF:78:08:9B
            X509v3 Authority Key Identifier:
                keyid:1D:AD:7B:9F:1C:49:F8:D1:3E:1A:67:AB:CF:2F:BA:35:B0:A6:6D:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/jy3AmlfRmG7H5022Pid56-94CJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.102.170.0/23
                IPv6:
                  2a00:1c10:5:200::/56
                  2a00:1c10:101::/48
                  2a00:1c10:103::-2a00:1c10:104:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         69:13:a7:c7:52:aa:5a:66:2f:82:25:14:93:36:77:31:41:69:
         3a:2f:96:e1:ee:f1:ba:55:38:50:88:89:c1:fc:a7:b5:ab:7a:
         f2:81:8c:10:84:62:26:81:52:8d:20:cc:fe:62:d0:a5:f2:a7:
         82:60:db:0e:1e:15:38:29:da:67:e3:87:ac:04:bb:78:b8:9a:
         af:13:45:59:c5:52:fa:40:77:10:8c:90:68:1a:29:24:65:04:
         7f:6f:69:5a:6d:c6:8b:13:af:d0:8b:cc:af:0f:ab:9d:bc:23:
         42:63:5c:64:37:80:9f:63:26:0d:96:8d:4c:52:43:11:de:44:
         65:14:f8:1f:70:a3:81:a8:4d:10:69:c7:17:2a:a3:2b:50:a0:
         e3:5e:5f:a2:c5:9a:e8:78:04:bc:c2:6e:91:2b:fd:71:47:6e:
         16:8d:aa:13:05:83:40:01:07:a1:d7:82:3e:0e:af:2f:59:a6:
         51:68:7f:4f:20:42:e5:82:f7:ac:7e:2a:fd:29:d7:da:1e:85:
         2c:fa:5c:d5:b7:94:17:14:a5:32:20:fe:73:b7:f3:d6:77:fd:
         58:36:61:c5:0a:d6:74:69:7e:18:98:20:bb:27:28:96:4e:ca:
         ca:04:dd:2c:19:55:14:7a:7d:5c:24:3b:fe:dc:2e:0b:1e:81:
         b1:02:dc:83
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEOAeeSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGFkN2I5ZjFjNDlmOGQxM2UxYTY3YWJjZjJmYmEzNWIwYTY2ZDE4MB4XDTIyMDEw
MTA1MDMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGYyZGMwOWE1N2Qx
OTg2ZWM3ZTc0ZGI2M2UyNzc5ZWJlZjc4MDg5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJQi64S3Fy8o+88bEEzEcLGxmF2cNRmqynZ6ZMWI28IUFYt
uhts26p/LMZjfVv+lhJ/dwlrL4Na21DzWYV7F2wDcBmMUaaDDIplGsxs1Ht1trpj
tnXjA8KWEgrFhDqMhY+igdiCCngECumco+Z2ta3tz9cH8LRlWQACS/KEtKhKcJjy
+f3/ALOjcUGqnJkBqJy9PgW3comPOrIVITD8mKG5Xpc9Bv1WzV5tSk4+dSgGi+hZ
XKp6NtxC+yUXjyiT+CtI7ISeSqqCvKAs1QD8RmY6BeWgKODM2Gywzb+xHd9WGpd8
e8dNFGg9RGTHebeFbJD3HzgQJgLGRS7nI37hEx0CAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBSPLcCaV9GYbsfnTbY+J3nr73gImzAfBgNVHSMEGDAWgBQdrXufHEn40T4a
Z6vPL7o1sKZtGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hhMTdueHhKLU5FLUdtZXJ6eS02TmJDbWJSZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvM2MzOWYwLTdlOTctNGVmNy04OTQ0LTVlYmQ4ZWFlZTJjNi8x
L2p5M0FtbGZSbUc3SDUwMjJQaWQ1Ni05NENKcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
M2MzOWYwLTdlOTctNGVmNy04OTQ0LTVlYmQ4ZWFlZTJjNi8xL0hhMTdueHhKLU5F
LUdtZXJ6eS02TmJDbWJSZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wDAQCAAEwBgMEAQVmqjAtBAIAAjAnAwgAKgAcEAAF
AgMHACoAHBABATASAwcAKgAcEAEDAwcAKgAcEAEEMA0GCSqGSIb3DQEBCwUAA4IB
AQBpE6fHUqpaZi+CJRSTNncxQWk6L5bh7vG6VThQiInB/Ke1q3rygYwQhGImgVKN
IMz+YtCl8qeCYNsOHhU4Kdpn44esBLt4uJqvE0VZxVL6QHcQjJBoGikkZQR/b2la
bcaLE6/Qi8yvD6udvCNCY1xkN4CfYyYNlo1MUkMR3kRlFPgfcKOBqE0QaccXKqMr
UKDjXl+ixZroeAS8wm6RK/1xR24WjaoTBYNAAQeh14I+Dq8vWaZRaH9PIELlgves
fir9KdfaHoUs+lzVt5QXFKUyIP5zt/PWd/1YNmHFCtZ0aX4YmCC7JyiWTsrKBN0s
GVUUen1cJDv+3C4LHoGxAtyD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:10 2024 by rpki-client on console-fra.rpki-client.org