Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/AE_iqT9YIwOwufKDwvMoIGUpPwc.roa
File:                     AE_iqT9YIwOwufKDwvMoIGUpPwc.roa (raw, json)
Hash identifier:          32MQs++9My60B4WZ2tzSUSVIAzGP4nNx4Xxff/W/6OE=
Subject key identifier:   00:4F:E2:A9:3F:58:23:03:B0:B9:F2:83:C2:F3:28:20:65:29:3F:07
Certificate issuer:       /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial:       0B1E1864
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/AE_iqT9YIwOwufKDwvMoIGUpPwc.roa
Signing time:             Sat 01 Jan 2022 05:02:28 +0000
ROA not before:           Sat 01 Jan 2022 05:02:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31549
IP address blocks:        2.188.11.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 186521700 (0xb1e1864)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
        Validity
            Not Before: Jan  1 05:02:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=004fe2a93f582303b0b9f283c2f3282065293f07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:f2:93:a5:ba:aa:6f:6c:fd:0c:5a:89:27:56:
                    0b:b3:f4:a5:d8:8d:a5:fb:ec:a7:03:60:31:87:0c:
                    fe:49:2c:63:9d:82:af:fb:d1:bd:5f:33:e1:e6:72:
                    41:b5:b1:fc:6b:69:93:a8:c2:db:d1:ab:a4:a8:30:
                    34:14:a5:c1:f2:ae:7a:61:f9:6b:66:0c:51:2a:8c:
                    f3:71:90:92:12:ba:c9:62:9e:f4:02:47:13:e3:bd:
                    fc:88:0a:c2:74:f2:5c:58:d3:49:bd:46:82:48:e4:
                    73:13:89:b0:37:df:de:83:f2:29:ff:4b:48:d8:d7:
                    f4:ca:8b:7e:ae:cc:21:af:33:bf:34:a2:42:09:d8:
                    0e:7a:6c:63:b2:93:e7:4b:21:20:fe:01:9e:ac:1f:
                    bb:5a:09:51:dd:53:7e:ac:5e:3e:13:dd:a5:03:4d:
                    45:5e:da:f4:f1:82:30:ed:85:49:da:e4:91:d7:5e:
                    65:f3:e0:c9:55:fd:c2:9c:75:a5:a0:33:95:c9:60:
                    05:51:20:d6:e4:f6:8b:f7:32:b1:62:d6:ba:3e:1c:
                    38:36:1a:47:23:45:b6:fe:c2:f6:89:ec:17:34:e6:
                    df:f6:fd:e0:93:6e:5b:0c:a0:8c:ef:57:93:52:2b:
                    08:3b:18:32:d3:5b:2e:1e:2e:f3:a5:f9:98:27:29:
                    ac:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:4F:E2:A9:3F:58:23:03:B0:B9:F2:83:C2:F3:28:20:65:29:3F:07
            X509v3 Authority Key Identifier:
                keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/AE_iqT9YIwOwufKDwvMoIGUpPwc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.188.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:57:1a:a9:fb:01:ab:db:89:1b:ab:46:9c:aa:a2:bc:be:6b:
         4b:9c:5e:ed:6d:e0:30:2c:d7:ef:91:e5:6d:5d:19:25:6d:54:
         01:27:8d:63:d4:41:61:89:aa:dc:b6:ec:14:9a:6d:e4:4c:81:
         42:d1:55:cf:ca:9b:81:3a:ab:ee:e5:f5:14:db:77:ce:78:48:
         26:91:f1:ed:6e:4f:d9:bd:55:81:43:c0:b1:e6:7b:1a:8f:4c:
         57:01:7e:74:19:b1:b0:c1:e8:07:c0:b7:55:0e:b8:f2:12:07:
         5b:0d:c9:14:9a:ea:25:1f:c7:1a:9c:6c:26:fa:ce:3e:d7:f3:
         9e:36:25:dd:32:2e:67:9f:3a:f7:0c:b8:e5:43:e2:ff:ea:d2:
         be:42:e9:57:4d:0d:9e:f6:1c:41:6a:cc:2a:a6:a7:b5:47:2c:
         21:82:79:99:ef:26:b1:94:71:6b:d8:d3:eb:ac:8c:0e:32:79:
         f0:c7:0e:83:cd:eb:0d:b9:86:91:34:0c:3e:e5:60:cd:b9:0d:
         3a:7e:fe:bd:65:f7:45:de:0b:99:61:65:01:b8:96:2f:91:79:
         30:20:1d:e7:ca:db:91:f6:5f:f6:f5:7a:a8:5f:c5:08:28:c3:
         42:42:34:60:2c:e4:bc:a7:5f:6a:a8:4a:e2:ce:22:8a:88:07:
         07:62:0e:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECx4YZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2EzOWU0Nzk0YzM0NjEyZTdmMjI1NjliMWE2YTgxNzEwMjYwYWU1MB4XDTIyMDEw
MTA1MDIyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA0ZmUyYTkzZjU4
MjMwM2IwYjlmMjgzYzJmMzI4MjA2NTI5M2YwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIjyk6W6qm9s/QxaiSdWC7P0pdiNpfvspwNgMYcM/kksY52C
r/vRvV8z4eZyQbWx/Gtpk6jC29GrpKgwNBSlwfKuemH5a2YMUSqM83GQkhK6yWKe
9AJHE+O9/IgKwnTyXFjTSb1GgkjkcxOJsDff3oPyKf9LSNjX9MqLfq7MIa8zvzSi
QgnYDnpsY7KT50shIP4Bnqwfu1oJUd1TfqxePhPdpQNNRV7a9PGCMO2FSdrkkdde
ZfPgyVX9wpx1paAzlclgBVEg1uT2i/cysWLWuj4cODYaRyNFtv7C9onsFzTm3/b9
4JNuWwygjO9Xk1IrCDsYMtNbLh4u86X5mCcprN0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQAT+KpP1gjA7C58oPC8yggZSk/BzAfBgNVHSMEGDAWgBQno55HlMNGEufy
JWmxpqgXECYK5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2T2VSNVREUmhMbjhpVnBzYWFvRnhBbUN1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8x
L0FFX2lxVDlZSXdPd3VmS0R3dk1vSUdVcFB3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8xL0o2T2VSNVREUmhM
bjhpVnBzYWFvRnhBbUN1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAK8CzANBgkqhkiG9w0BAQsFAAOC
AQEAkFcaqfsBq9uJG6tGnKqivL5rS5xe7W3gMCzX75HlbV0ZJW1UASeNY9RBYYmq
3LbsFJpt5EyBQtFVz8qbgTqr7uX1FNt3znhIJpHx7W5P2b1VgUPAseZ7Go9MVwF+
dBmxsMHoB8C3VQ648hIHWw3JFJrqJR/HGpxsJvrOPtfznjYl3TIuZ5869wy45UPi
/+rSvkLpV00NnvYcQWrMKqantUcsIYJ5me8msZRxa9jT66yMDjJ58McOg83rDbmG
kTQMPuVgzbkNOn7+vWX3Rd4LmWFlAbiWL5F5MCAd58rbkfZf9vV6qF/FCCjDQkI0
YCzkvKdfaqhK4s4iiogHB2IOlw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:52 2024 by rpki-client on console-ams.rpki-client.org