Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/UqBCGimPDYli7lVzxFwscRCvaPQ.roa
File:                     UqBCGimPDYli7lVzxFwscRCvaPQ.roa (raw, json)
Hash identifier:          6pphdFnQKlorl9Nfr7LctlBjI5BOIlSdIuHGoHjuP+k=
Subject key identifier:   52:A0:42:1A:29:8F:0D:89:62:EE:55:73:C4:5C:2C:71:10:AF:68:F4
Certificate issuer:       /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial:       0B26C095
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/UqBCGimPDYli7lVzxFwscRCvaPQ.roa
Signing time:             Sat 01 Jan 2022 05:02:32 +0000
ROA not before:           Sat 01 Jan 2022 05:02:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61209
IP address blocks:        80.191.172.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 187089045 (0xb26c095)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
        Validity
            Not Before: Jan  1 05:02:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=52a0421a298f0d8962ee5573c45c2c7110af68f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:36:d9:f7:2d:c1:25:0c:40:28:54:07:a9:28:
                    97:86:79:fb:8e:86:85:04:86:e8:64:0f:19:a4:72:
                    3c:9b:67:f9:52:b8:8d:ad:82:b5:0c:5f:fd:31:c5:
                    24:1e:77:28:cd:e0:2a:e4:ef:24:1c:ce:c6:06:2c:
                    37:5c:5f:08:ae:fc:0b:43:28:b1:e4:13:31:d4:ce:
                    02:40:bc:c8:a6:d6:eb:ab:de:98:0a:8b:87:d7:92:
                    d5:23:1a:9c:56:bf:5f:21:66:1b:b4:fc:90:c2:d7:
                    66:c6:4d:f2:a8:c8:9e:6e:fc:d2:d8:3e:7c:3a:5e:
                    00:7c:ad:61:10:d8:06:58:58:48:56:7c:82:53:de:
                    60:fe:88:a3:e3:6e:ee:c4:b4:ab:73:af:80:16:ac:
                    f9:16:f7:54:a2:2a:01:fc:67:c5:2f:a1:74:62:17:
                    9b:0a:17:a1:fc:45:93:16:b1:6a:09:43:fc:68:e2:
                    3f:da:39:fe:f4:b8:64:51:6f:5b:e2:ee:a8:cf:7a:
                    a9:0b:94:fa:95:b5:b1:22:3a:2d:2d:33:54:7d:86:
                    0a:49:86:3a:33:40:60:a9:1b:aa:be:08:32:d4:7f:
                    a3:fd:b9:34:b9:12:ee:98:42:62:01:f8:d5:a5:bb:
                    08:3b:25:e8:b2:18:53:7f:b3:c2:8e:2b:b1:99:48:
                    24:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:A0:42:1A:29:8F:0D:89:62:EE:55:73:C4:5C:2C:71:10:AF:68:F4
            X509v3 Authority Key Identifier:
                keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/UqBCGimPDYli7lVzxFwscRCvaPQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.191.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2f:c3:01:ad:1d:16:80:8c:68:4b:94:15:a0:a3:50:74:2b:06:
         fe:a1:ea:5b:ce:bb:27:4d:ae:60:9f:32:85:31:a7:31:4c:db:
         2b:29:e2:b7:32:db:18:a4:20:e3:27:97:6e:cc:75:68:7d:5b:
         31:d7:ea:d2:cf:7f:17:54:77:62:9f:2e:1e:3b:d7:94:66:95:
         e4:9b:fa:ef:ad:f1:c6:ec:bb:28:32:53:3f:96:42:88:96:dc:
         fd:cc:a1:d9:61:55:ff:92:76:74:19:a6:bd:e8:aa:f8:f2:a8:
         63:62:b4:94:7b:01:50:c8:c3:ad:9d:fb:34:d8:a2:54:4f:55:
         1d:2c:c9:14:1d:14:22:20:2b:b5:ac:cb:cc:59:19:3f:5e:73:
         36:4d:7b:1c:20:18:17:2d:91:05:a5:ea:15:83:84:2e:8c:17:
         43:a3:3f:7b:83:30:54:76:40:26:b4:f4:13:74:af:20:34:61:
         5c:90:5d:f3:d7:da:5c:19:91:7d:de:de:63:88:94:1d:f7:18:
         92:5c:0e:48:f0:3a:51:dd:95:f8:92:b4:9d:3b:91:1e:67:4f:
         68:5e:62:f2:24:ec:08:40:d2:7d:4c:45:df:55:e1:f6:60:5e:
         6f:82:15:56:f8:9a:ef:4f:b7:75:76:b4:e7:f4:df:b7:c3:1e:
         25:68:ac:17
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECybAlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2EzOWU0Nzk0YzM0NjEyZTdmMjI1NjliMWE2YTgxNzEwMjYwYWU1MB4XDTIyMDEw
MTA1MDIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJhMDQyMWEyOThm
MGQ4OTYyZWU1NTczYzQ1YzJjNzExMGFmNjhmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJc22fctwSUMQChUB6kol4Z5+46GhQSG6GQPGaRyPJtn+VK4
ja2CtQxf/THFJB53KM3gKuTvJBzOxgYsN1xfCK78C0MoseQTMdTOAkC8yKbW66ve
mAqLh9eS1SManFa/XyFmG7T8kMLXZsZN8qjInm780tg+fDpeAHytYRDYBlhYSFZ8
glPeYP6Io+Nu7sS0q3OvgBas+Rb3VKIqAfxnxS+hdGIXmwoXofxFkxaxaglD/Gji
P9o5/vS4ZFFvW+LuqM96qQuU+pW1sSI6LS0zVH2GCkmGOjNAYKkbqr4IMtR/o/25
NLkS7phCYgH41aW7CDsl6LIYU3+zwo4rsZlIJG0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRSoEIaKY8NiWLuVXPEXCxxEK9o9DAfBgNVHSMEGDAWgBQno55HlMNGEufy
JWmxpqgXECYK5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2T2VSNVREUmhMbjhpVnBzYWFvRnhBbUN1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8x
L1VxQkNHaW1QRFlsaTdsVnp4RndzY1JDdmFQUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8xL0o2T2VSNVREUmhM
bjhpVnBzYWFvRnhBbUN1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVC/rDANBgkqhkiG9w0BAQsFAAOC
AQEAL8MBrR0WgIxoS5QVoKNQdCsG/qHqW867J02uYJ8yhTGnMUzbKynitzLbGKQg
4yeXbsx1aH1bMdfq0s9/F1R3Yp8uHjvXlGaV5Jv6763xxuy7KDJTP5ZCiJbc/cyh
2WFV/5J2dBmmveiq+PKoY2K0lHsBUMjDrZ37NNiiVE9VHSzJFB0UIiArtazLzFkZ
P15zNk17HCAYFy2RBaXqFYOELowXQ6M/e4MwVHZAJrT0E3SvIDRhXJBd89faXBmR
fd7eY4iUHfcYklwOSPA6Ud2V+JK0nTuRHmdPaF5i8iTsCEDSfUxF31Xh9mBeb4IV
Vvia70+3dXa05/Tft8MeJWisFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org