Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2WULRDzTafzLHhIq2_G-nf32GTc.roa
File:                     2WULRDzTafzLHhIq2_G-nf32GTc.roa (raw, json)
Hash identifier:          I3JjjfEShtQFa4hjgBeRg2oiCpRooPBIka5i5K1A/14=
Subject key identifier:   D9:65:0B:44:3C:D3:69:FC:CB:1E:12:2A:DB:F1:BE:9D:FD:F6:19:37
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0182B6A88DD0C3422B7E9BEFFAD065C11234
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2WULRDzTafzLHhIq2_G-nf32GTc.roa
Signing time:             Fri 19 Aug 2022 15:11:15 +0000
ROA not before:           Fri 19 Aug 2022 15:11:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400377
IP address blocks:        5.105.26.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:b6:a8:8d:d0:c3:42:2b:7e:9b:ef:fa:d0:65:c1:12:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Aug 19 15:11:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d9650b443cd369fccb1e122adbf1be9dfdf61937
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:17:e7:0c:12:ee:d8:4a:76:2c:91:d6:87:ba:
                    1c:91:5d:31:a7:91:a8:e7:d1:3d:b7:b1:dc:33:d3:
                    f3:dd:94:74:50:5a:c3:23:9e:06:06:09:95:22:d8:
                    6d:66:0e:55:8f:94:ab:92:28:42:0a:b1:e3:af:06:
                    dc:b9:f9:18:ea:a0:5d:4a:ab:5d:a2:bf:3d:33:63:
                    0b:eb:b5:ef:fe:05:c4:29:3e:56:cd:09:49:84:43:
                    d6:bd:12:f6:a8:bc:3c:b8:53:15:c1:90:a9:85:c8:
                    54:26:cb:e0:7c:f5:48:ee:01:8c:5d:f1:fb:b7:c5:
                    0d:49:cd:72:2d:3c:fd:12:c4:21:c1:2d:0c:72:69:
                    49:68:6f:21:aa:56:dc:a3:db:37:f4:fe:82:0a:47:
                    c5:92:eb:ea:42:44:c7:9d:ca:25:d7:2f:9f:4f:08:
                    e4:06:89:c2:52:44:50:03:cb:60:28:24:77:87:a3:
                    a4:53:bb:99:2c:a9:6e:de:45:a9:1e:d8:9d:25:3d:
                    3e:8d:62:91:55:b5:ae:8f:f1:7c:ae:01:5f:48:2b:
                    12:2a:53:18:d0:2a:68:93:ce:70:bd:de:42:3c:5d:
                    51:c1:1f:1b:16:c1:01:8c:99:4b:1b:0b:64:d6:25:
                    e9:a0:ae:ca:52:91:ec:6f:6d:55:67:0e:0e:f8:cf:
                    d6:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:65:0B:44:3C:D3:69:FC:CB:1E:12:2A:DB:F1:BE:9D:FD:F6:19:37
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/2WULRDzTafzLHhIq2_G-nf32GTc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:55:c2:54:c2:54:aa:1a:b5:d1:83:40:c2:3e:3c:5d:ac:c8:
         ca:5d:dd:52:2e:db:05:1d:83:0f:42:b8:51:6b:2f:b7:35:29:
         2e:9d:e0:4b:11:b1:16:f5:b6:c5:bd:99:5b:96:f7:7b:13:a5:
         f6:1d:75:2a:f9:9d:fc:bc:3f:38:03:12:fe:bb:be:84:91:62:
         5f:d0:59:20:c4:dc:a4:a4:51:1f:a2:92:e3:9e:53:b3:a1:58:
         ae:aa:e9:82:11:7d:9a:53:be:c5:a5:c0:3c:f9:2d:dc:eb:9a:
         82:10:c1:d6:99:cf:06:8e:96:2e:32:4c:1c:5b:d8:b0:f5:18:
         8b:71:c2:d0:65:15:79:a3:79:77:59:79:fd:40:a3:64:ef:ed:
         c2:d4:41:77:cc:b7:f5:c1:ed:17:34:61:2b:88:e3:45:09:4d:
         ea:0a:e9:32:01:aa:82:d4:60:f2:07:5f:a7:ca:5c:9b:61:a3:
         59:48:ae:8e:ce:15:fe:4d:d9:64:3e:74:00:0d:6a:39:c6:32:
         90:25:59:be:d9:9d:d0:1a:79:80:24:c1:52:79:c9:07:13:b0:
         47:46:44:77:50:74:0a:c7:9c:20:c2:bd:1e:b9:45:ca:17:5f:
         d5:5c:6b:8a:5a:49:c1:eb:73:88:ee:6b:dd:b1:5b:91:f7:b8:
         29:69:3a:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYK2qI3Qw0Irfpvv+tBlwRI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIwODE5MTUxMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTY1MGI0NDNjZDM2OWZjY2IxZTEyMmFkYmYxYmU5ZGZkZjYxOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBfnDBLu2Ep2LJHWh7ockV0xp5Go
59E9t7HcM9Pz3ZR0UFrDI54GBgmVIthtZg5Vj5SrkihCCrHjrwbcufkY6qBdSqtd
or89M2ML67Xv/gXEKT5WzQlJhEPWvRL2qLw8uFMVwZCphchUJsvgfPVI7gGMXfH7
t8UNSc1yLTz9EsQhwS0McmlJaG8hqlbco9s39P6CCkfFkuvqQkTHncol1y+fTwjk
BonCUkRQA8tgKCR3h6OkU7uZLKlu3kWpHtidJT0+jWKRVbWuj/F8rgFfSCsSKlMY
0Cpok85wvd5CPF1RwR8bFsEBjJlLGwtk1iXpoK7KUpHsb21VZw4O+M/WLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNllC0Q802n8yx4SKtvxvp399hk3MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMldVTFJEelRhZnpMSGhJcTJfRy1uZjMyR1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkaMA0G
CSqGSIb3DQEBCwUAA4IBAQCXVcJUwlSqGrXRg0DCPjxdrMjKXd1SLtsFHYMPQrhR
ay+3NSkuneBLEbEW9bbFvZlblvd7E6X2HXUq+Z38vD84AxL+u76EkWJf0FkgxNyk
pFEfopLjnlOzoViuqumCEX2aU77FpcA8+S3c65qCEMHWmc8GjpYuMkwcW9iw9RiL
ccLQZRV5o3l3WXn9QKNk7+3C1EF3zLf1we0XNGEriONFCU3qCukyAaqC1GDyB1+n
ylybYaNZSK6OzhX+TdlkPnQADWo5xjKQJVm+2Z3QGnmAJMFSeckHE7BHRkR3UHQK
x5wgwr0euUXKF1/VXGuKWknB63OI7mvdsVuR97gpaTpJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:55 2024 by rpki-client on console-ams.rpki-client.org