Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/OQzp9Y-zfsW43SHDxbb1i0nOLuQ.roa
File:                     OQzp9Y-zfsW43SHDxbb1i0nOLuQ.roa (raw, json)
Hash identifier:          3Eh+tzhYjEEO9srk6XpgkOF2wIjJz9CE6wiWfDU7UaY=
Subject key identifier:   39:0C:E9:F5:8F:B3:7E:C5:B8:DD:21:C3:C5:B6:F5:8B:49:CE:2E:E4
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0184855EF7B83E26BA639BB4DD8DD7DA3F77
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/OQzp9Y-zfsW43SHDxbb1i0nOLuQ.roa
Signing time:             Thu 17 Nov 2022 11:35:04 +0000
ROA not before:           Thu 17 Nov 2022 11:35:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        5.105.124.0/24 maxlen: 24
                          5.105.129.0/24 maxlen: 24
                          5.105.135.0/24 maxlen: 24
                          5.105.98.0/24 maxlen: 24
                          5.105.105.0/24 maxlen: 24
                          5.105.102.0/24 maxlen: 24
                          5.105.238.0/24 maxlen: 24
                          5.105.241.0/24 maxlen: 24
                          5.105.27.0/24 maxlen: 24
                          5.105.252.0/24 maxlen: 24
                          5.105.253.0/24 maxlen: 24
                          5.105.188.0/24 maxlen: 24
                          5.105.204.0/24 maxlen: 24
                          5.105.2.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:85:5e:f7:b8:3e:26:ba:63:9b:b4:dd:8d:d7:da:3f:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Nov 17 11:35:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=390ce9f58fb37ec5b8dd21c3c5b6f58b49ce2ee4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:92:98:af:82:7c:e9:0c:41:c5:1a:49:1d:ae:
                    41:9a:07:74:52:09:4b:1f:d3:67:7a:ff:a7:91:79:
                    7b:36:4d:b7:23:1e:45:8e:fe:51:fe:68:57:56:14:
                    eb:43:66:6d:5b:8e:9d:1a:59:6c:22:8a:63:04:d3:
                    b0:49:4c:13:71:b2:4a:01:e3:44:a3:0b:2e:e7:86:
                    bc:ee:1d:9a:43:67:0a:27:14:c9:1a:ae:6d:3a:d2:
                    5b:6f:06:e0:c9:25:b0:f0:06:36:df:3e:b5:f4:b5:
                    16:c3:c1:e5:5e:fb:7e:e6:c5:6c:fb:ce:c2:8c:71:
                    e1:3f:86:2b:ba:53:14:50:d6:c8:a9:23:0f:11:10:
                    4b:4e:7d:88:39:a4:9d:72:95:c8:5c:02:c9:88:ab:
                    7f:b5:70:5f:ba:65:4e:64:82:cf:b6:c2:41:02:76:
                    20:7c:7a:1d:55:6c:c5:3c:a7:0c:d0:e8:8f:bc:38:
                    e2:1a:0c:58:19:ef:9f:b9:34:9a:56:18:99:9f:29:
                    7c:d4:5a:f8:da:74:dd:16:47:2b:6e:6d:4b:32:d1:
                    73:24:a7:c8:7a:65:bb:6b:2b:f2:5c:01:f2:d0:2d:
                    fd:b2:6f:e4:6a:31:8e:4a:6b:9f:1a:b6:17:8f:1b:
                    a5:9a:84:ac:8d:c6:3d:ac:a4:0f:53:24:8d:f0:a6:
                    97:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:0C:E9:F5:8F:B3:7E:C5:B8:DD:21:C3:C5:B6:F5:8B:49:CE:2E:E4
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/OQzp9Y-zfsW43SHDxbb1i0nOLuQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.2.0/24
                  5.105.27.0/24
                  5.105.98.0/24
                  5.105.102.0/24
                  5.105.105.0/24
                  5.105.124.0/24
                  5.105.129.0/24
                  5.105.135.0/24
                  5.105.188.0/24
                  5.105.204.0/24
                  5.105.238.0/24
                  5.105.241.0/24
                  5.105.252.0/23

    Signature Algorithm: sha256WithRSAEncryption
         84:92:f0:b0:66:3b:b1:eb:49:01:b3:0d:f0:5e:d7:1c:e5:ac:
         5b:d8:6a:f4:cf:ea:e6:78:2d:89:dc:86:8b:74:06:e0:9f:05:
         08:51:12:4a:4f:8d:ca:0d:d8:b0:22:be:23:67:d7:3d:a8:4b:
         65:6f:a1:86:7b:5a:a5:a4:7f:e9:b0:95:71:0b:6c:55:71:a3:
         bf:b6:ab:fd:b0:c3:15:64:82:d8:d1:c9:8d:2b:94:ba:d6:46:
         82:31:65:f4:47:c3:a7:b8:bf:a4:5a:23:e4:68:44:d3:ad:a1:
         c3:bc:f3:ed:ec:22:36:2a:0b:96:59:5b:48:5b:90:7f:03:c1:
         40:2e:b8:5f:69:d6:d7:99:7a:d3:e7:0d:07:f9:4e:3b:81:2e:
         57:c7:3f:57:9f:8e:0b:71:ed:6c:f1:3b:ec:a2:a8:c0:57:6b:
         a4:08:85:13:5b:e2:90:5d:2c:aa:3c:4a:9f:00:6b:03:95:29:
         d3:8f:f4:ff:76:0c:2d:b7:84:56:17:58:66:2e:4a:a3:37:98:
         c3:de:a3:69:43:ee:f8:26:16:7a:d0:61:26:1c:e9:ca:db:bb:
         4d:33:81:2c:fa:92:5e:16:8d:24:6a:9d:21:cb:fa:e9:f0:7f:
         39:77:c9:b7:ab:92:39:28:53:08:63:34:a4:f4:f3:3d:05:08:
         42:78:c1:b6
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYSFXve4Pia6Y5u03Y3X2j93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTE3MTEzNTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTBjZTlmNThmYjM3ZWM1YjhkZDIxYzNjNWI2ZjU4YjQ5Y2UyZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJKYr4J86QxBxRpJHa5Bmgd0UglL
H9Nnev+nkXl7Nk23Ix5Fjv5R/mhXVhTrQ2ZtW46dGllsIopjBNOwSUwTcbJKAeNE
owsu54a87h2aQ2cKJxTJGq5tOtJbbwbgySWw8AY23z619LUWw8HlXvt+5sVs+87C
jHHhP4YrulMUUNbIqSMPERBLTn2IOaSdcpXIXALJiKt/tXBfumVOZILPtsJBAnYg
fHodVWzFPKcM0OiPvDjiGgxYGe+fuTSaVhiZnyl81Fr42nTdFkcrbm1LMtFzJKfI
emW7ayvyXAHy0C39sm/kajGOSmufGrYXjxulmoSsjcY9rKQPUySN8KaXGQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFDkM6fWPs37FuN0hw8W29YtJzi7kMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvT1F6cDlZLXpmc1c0M1NIRHhiYjFpMG5PTHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABWkCAwQA
BWkbAwQABWliAwQABWlmAwQABWlpAwQABWl8AwQABWmBAwQABWmHAwQABWm8AwQA
BWnMAwQABWnuAwQABWnxAwQBBWn8MA0GCSqGSIb3DQEBCwUAA4IBAQCEkvCwZjux
60kBsw3wXtcc5axb2Gr0z+rmeC2J3IaLdAbgnwUIURJKT43KDdiwIr4jZ9c9qEtl
b6GGe1qlpH/psJVxC2xVcaO/tqv9sMMVZILY0cmNK5S61kaCMWX0R8OnuL+kWiPk
aETTraHDvPPt7CI2KguWWVtIW5B/A8FALrhfadbXmXrT5w0H+U47gS5Xxz9Xn44L
ce1s8TvsoqjAV2ukCIUTW+KQXSyqPEqfAGsDlSnTj/T/dgwtt4RWF1hmLkqjN5jD
3qNpQ+74JhZ60GEmHOnK27tNM4Es+pJeFo0kap0hy/rp8H85d8m3q5I5KFMIYzSk
9PM9BQhCeMG2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:56 2024 by rpki-client on console-ams.rpki-client.org