Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/USUO_5e2G2EEixOrrfvCNHsUlf4.roa
File:                     USUO_5e2G2EEixOrrfvCNHsUlf4.roa (raw, json)
Hash identifier:          Wrb0TwhXyLNnuwtliU5oTh8xdD2/A0BNljhDRtvs0xg=
Subject key identifier:   51:25:0E:FF:97:B6:1B:61:04:8B:13:AB:AD:FB:C2:34:7B:14:95:FE
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0184C39D5DCF1E656CAD36751391532F1E8B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/USUO_5e2G2EEixOrrfvCNHsUlf4.roa
Signing time:             Tue 29 Nov 2022 13:39:41 +0000
ROA not before:           Tue 29 Nov 2022 13:39:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204843
IP address blocks:        5.105.130.0/24 maxlen: 24
                          5.105.184.0/24 maxlen: 24
                          5.105.96.0/24 maxlen: 24
                          5.105.200.0/24 maxlen: 24
                          5.105.215.0/24 maxlen: 24
                          5.105.7.0/24 maxlen: 24
                          5.105.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c3:9d:5d:cf:1e:65:6c:ad:36:75:13:91:53:2f:1e:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Nov 29 13:39:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=51250eff97b61b61048b13abadfbc2347b1495fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:be:8f:5a:bc:1b:d2:82:b8:d8:39:f7:8f:32:
                    86:a9:1a:1a:47:89:07:ba:36:5f:38:df:68:ad:47:
                    4d:aa:56:8a:bc:1c:ec:b7:d9:23:c8:49:7b:68:ff:
                    ef:3f:c7:22:6f:c3:8a:28:6e:b8:56:83:29:73:44:
                    30:5c:c1:f4:b1:c6:00:c3:8b:2f:58:98:61:71:c4:
                    bd:51:5e:18:07:b4:d8:1b:40:28:9e:1a:6f:45:97:
                    51:fd:11:96:42:58:fd:53:9f:b6:1d:f7:45:66:e6:
                    f5:92:42:f7:75:b1:eb:33:90:5a:07:e7:a7:75:9d:
                    01:59:a6:29:82:b6:1a:57:14:ce:58:b1:d4:68:69:
                    dd:cf:0d:3f:93:a7:1f:5d:07:2c:70:aa:6d:c8:45:
                    74:43:82:44:4b:d4:fb:5a:01:ba:20:8e:0f:2a:5c:
                    6f:7c:ff:78:60:aa:04:ca:95:22:b7:43:d9:30:8b:
                    10:dd:99:f2:9f:cc:9a:ae:82:4f:8c:b6:42:52:3c:
                    54:46:53:89:df:df:fa:c2:23:b1:8a:1d:be:f7:26:
                    4e:f9:80:96:25:61:d8:d8:a4:6c:97:a2:96:d1:50:
                    64:09:6d:0b:9f:20:20:2c:a2:3a:cc:1f:1b:a0:70:
                    f0:66:8a:2f:3d:2d:e7:29:d1:f3:be:c7:f8:e0:68:
                    6e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:25:0E:FF:97:B6:1B:61:04:8B:13:AB:AD:FB:C2:34:7B:14:95:FE
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/USUO_5e2G2EEixOrrfvCNHsUlf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.7.0/24
                  5.105.96.0/24
                  5.105.130.0/24
                  5.105.184.0/24
                  5.105.200.0/24
                  5.105.215.0/24
                  5.105.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:44:b6:3d:57:50:bd:b9:1b:fc:b0:d8:e4:27:07:ce:a8:49:
         d2:33:d2:01:d9:f0:26:35:d3:40:b9:b2:cf:7b:f2:cc:d8:c9:
         12:27:68:82:68:bf:8f:c8:c9:b3:49:ea:18:b8:60:4a:d8:ea:
         aa:3f:70:4b:d8:1f:0e:56:4a:c4:a2:c5:36:63:8f:26:7d:45:
         e7:5c:e3:a8:77:6c:75:1c:e2:f6:d0:c5:40:e8:04:73:1d:f3:
         84:1c:d4:7b:e2:d7:44:ac:9c:63:18:f3:9b:a5:ef:d4:58:36:
         50:5f:f1:52:bb:45:2b:da:03:58:44:f6:95:2c:af:8e:a4:b4:
         02:7c:cd:89:98:dc:04:2f:ac:9f:17:4d:8b:85:2b:74:a3:45:
         41:ab:15:3e:40:34:dc:68:82:2f:77:31:1c:94:ef:e2:0c:a2:
         84:b4:f5:61:d2:e0:b6:df:26:ba:ce:0c:0a:5c:98:bd:06:20:
         d5:f3:ab:fc:8b:5a:d7:41:26:40:32:60:14:1b:21:d4:c2:a7:
         54:68:5f:d5:f6:76:d1:ee:95:e4:f5:19:c0:6a:57:2a:54:83:
         17:53:8b:8c:96:8d:b2:d4:c4:73:48:11:cd:f7:d8:ac:a1:20:
         13:dd:74:a9:ff:51:ea:fd:8b:f4:96:54:04:84:e0:3e:70:11:
         27:8f:7f:07
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYTDnV3PHmVsrTZ1E5FTLx6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTI5MTMzOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTI1MGVmZjk3YjYxYjYxMDQ4YjEzYWJhZGZiYzIzNDdiMTQ5NWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr6PWrwb0oK42Dn3jzKGqRoaR4kH
ujZfON9orUdNqlaKvBzst9kjyEl7aP/vP8cib8OKKG64VoMpc0QwXMH0scYAw4sv
WJhhccS9UV4YB7TYG0AonhpvRZdR/RGWQlj9U5+2HfdFZub1kkL3dbHrM5BaB+en
dZ0BWaYpgrYaVxTOWLHUaGndzw0/k6cfXQcscKptyEV0Q4JES9T7WgG6II4PKlxv
fP94YKoEypUit0PZMIsQ3Znyn8yaroJPjLZCUjxURlOJ39/6wiOxih2+9yZO+YCW
JWHY2KRsl6KW0VBkCW0LnyAgLKI6zB8boHDwZoovPS3nKdHzvsf44Ghu/QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFElDv+XththBIsTq637wjR7FJX+MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvVVNVT181ZTJHMkVFaXhPcnJmdkNOSHNVbGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABWkHAwQA
BWlgAwQABWmCAwQABWm4AwQABWnIAwQABWnXAwQABWniMA0GCSqGSIb3DQEBCwUA
A4IBAQBuRLY9V1C9uRv8sNjkJwfOqEnSM9IB2fAmNdNAubLPe/LM2MkSJ2iCaL+P
yMmzSeoYuGBK2OqqP3BL2B8OVkrEosU2Y48mfUXnXOOod2x1HOL20MVA6ARzHfOE
HNR74tdErJxjGPObpe/UWDZQX/FSu0Ur2gNYRPaVLK+OpLQCfM2JmNwEL6yfF02L
hSt0o0VBqxU+QDTcaIIvdzEclO/iDKKEtPVh0uC23ya6zgwKXJi9BiDV86v8i1rX
QSZAMmAUGyHUwqdUaF/V9nbR7pXk9RnAalcqVIMXU4uMlo2y1MRzSBHN99isoSAT
3XSp/1Hq/Yv0llQEhOA+cBEnj38H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:28 2024 by rpki-client on console-fra.rpki-client.org