Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/5VkZXziRNXSrDhnHVFgRvqpWL7Y.roa
File:                     5VkZXziRNXSrDhnHVFgRvqpWL7Y.roa (raw, json)
Hash identifier:          UP/020mP4d04KjGhVsc1ANG84J6HdmYUlgShCOUt6F4=
Subject key identifier:   E5:59:19:5F:38:91:35:74:AB:0E:19:C7:54:58:11:BE:AA:56:2F:B6
Certificate issuer:       /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial:       01825FB83B85BC874AB9FEDED484DA118C00
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/5VkZXziRNXSrDhnHVFgRvqpWL7Y.roa
Signing time:             Tue 02 Aug 2022 18:01:25 +0000
ROA not before:           Tue 02 Aug 2022 18:01:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49999
IP address blocks:        81.199.31.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:5f:b8:3b:85:bc:87:4a:b9:fe:de:d4:84:da:11:8c:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
        Validity
            Not Before: Aug  2 18:01:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e559195f38913574ab0e19c7545811beaa562fb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c8:10:65:ed:49:78:ce:e1:f3:bb:9f:a9:95:
                    f4:bc:73:e8:fc:f5:fb:a5:3e:20:2e:9c:75:20:ee:
                    78:d9:96:09:04:12:82:f4:b7:a0:4c:db:e5:56:cd:
                    86:5a:1f:38:c1:28:df:1e:7c:91:15:79:23:03:5e:
                    60:37:64:aa:48:d2:36:40:8a:ba:b4:cf:f8:62:30:
                    d7:95:68:cb:92:14:a0:d0:d0:76:e8:5f:11:63:f8:
                    38:62:fd:e2:dd:d5:ba:4e:51:b5:6c:38:7a:63:43:
                    ec:e9:cb:12:20:84:88:b9:c4:0a:5b:45:35:8c:ce:
                    79:6d:ac:7a:5d:2a:1d:76:67:ee:be:cf:d6:46:a7:
                    f9:21:0f:cb:87:c1:1c:6b:69:a3:b6:cc:28:88:19:
                    48:00:35:3c:3a:e6:81:76:cf:11:85:b9:90:ce:98:
                    7e:49:db:a2:c0:c4:43:58:7a:5d:c9:5f:8f:2f:bd:
                    ea:8d:3d:e2:f9:5f:7d:17:fb:45:e4:be:4d:33:f9:
                    99:98:77:a9:0a:be:b1:20:36:01:a0:7e:05:20:9c:
                    01:f8:6d:6f:91:24:4a:b2:74:e4:49:57:82:6d:fd:
                    02:30:29:8f:dd:eb:f8:be:45:05:fa:b3:a5:5e:d1:
                    de:a4:70:94:30:66:6d:04:73:e6:bf:a9:6f:93:f2:
                    26:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:59:19:5F:38:91:35:74:AB:0E:19:C7:54:58:11:BE:AA:56:2F:B6
            X509v3 Authority Key Identifier:
                keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/5VkZXziRNXSrDhnHVFgRvqpWL7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.199.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:eb:7d:f2:af:48:fd:55:1e:42:16:f8:8f:0d:9b:05:17:0f:
         f5:1e:e1:98:74:a6:2a:51:e5:21:ff:4a:4c:6c:65:fe:5c:b7:
         94:72:24:14:2b:c0:69:47:fa:c3:db:65:39:b9:4d:ef:c1:13:
         0e:01:5d:67:47:e1:88:a6:97:6e:22:53:c6:c3:34:08:c8:d9:
         b4:de:fa:9b:f3:5b:9b:bf:88:10:75:64:3a:2d:08:c2:d7:b8:
         37:bf:62:ca:37:24:bb:59:33:27:b4:1b:81:f8:d5:50:94:c6:
         f3:33:e6:0b:39:ed:19:07:aa:61:1f:00:e9:f8:8d:6f:8b:cf:
         fd:49:d7:af:e9:d9:a4:25:f3:02:5e:4d:f7:50:71:68:4b:8c:
         9b:de:71:43:fc:3c:a6:62:58:70:34:cc:61:a6:77:35:90:61:
         cd:f3:98:73:7e:5c:d2:e4:f2:fa:d1:67:3b:ba:f7:74:d9:d0:
         cc:77:59:c3:5f:9b:3f:64:86:ea:77:76:d0:e5:ea:b4:65:f0:
         21:89:7b:77:86:2a:04:63:cf:9d:3d:82:63:18:cb:b7:c7:bf:
         96:e6:2c:0c:2b:cb:49:cc:09:36:86:7b:d3:c2:f6:f7:8a:be:
         bd:6b:32:96:a7:af:db:9b:f6:1b:14:0c:66:48:63:c0:96:96:
         8d:d6:59:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJfuDuFvIdKuf7e1ITaEYwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjIwODAyMTgwMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTU5MTk1ZjM4OTEzNTc0YWIwZTE5Yzc1NDU4MTFiZWFhNTYyZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcgQZe1JeM7h87ufqZX0vHPo/PX7
pT4gLpx1IO542ZYJBBKC9LegTNvlVs2GWh84wSjfHnyRFXkjA15gN2SqSNI2QIq6
tM/4YjDXlWjLkhSg0NB26F8RY/g4Yv3i3dW6TlG1bDh6Y0Ps6csSIISIucQKW0U1
jM55bax6XSoddmfuvs/WRqf5IQ/Lh8Eca2mjtswoiBlIADU8OuaBds8RhbmQzph+
SduiwMRDWHpdyV+PL73qjT3i+V99F/tF5L5NM/mZmHepCr6xIDYBoH4FIJwB+G1v
kSRKsnTkSVeCbf0CMCmP3ev4vkUF+rOlXtHepHCUMGZtBHPmv6lvk/ImXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOVZGV84kTV0qw4Zx1RYEb6qVi+2MB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvNVZrWlh6aVJOWFNyRGhuSFZGZ1J2cXBXTDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUccfMA0G
CSqGSIb3DQEBCwUAA4IBAQAB633yr0j9VR5CFviPDZsFFw/1HuGYdKYqUeUh/0pM
bGX+XLeUciQUK8BpR/rD22U5uU3vwRMOAV1nR+GIppduIlPGwzQIyNm03vqb81ub
v4gQdWQ6LQjC17g3v2LKNyS7WTMntBuB+NVQlMbzM+YLOe0ZB6phHwDp+I1vi8/9
Sdev6dmkJfMCXk33UHFoS4yb3nFD/DymYlhwNMxhpnc1kGHN85hzflzS5PL60Wc7
uvd02dDMd1nDX5s/ZIbqd3bQ5eq0ZfAhiXt3hioEY8+dPYJjGMu3x7+W5iwMK8tJ
zAk2hnvTwvb3ir69azKWp6/bm/YbFAxmSGPAlpaN1lno
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:57 2024 by rpki-client on console-ams.rpki-client.org