Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aPpEu9DvLQ5ce8C-bspcRFrhJJs.roa
File:                     aPpEu9DvLQ5ce8C-bspcRFrhJJs.roa (raw, json)
Hash identifier:          dbBjOjyTSLKbAYrbXBSbePW2B0RYSfW2eXcReH2XINQ=
Subject key identifier:   68:FA:44:BB:D0:EF:2D:0E:5C:7B:C0:BE:6E:CA:5C:44:5A:E1:24:9B
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0182A5D721688084EF0925CEC1888D947F81
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aPpEu9DvLQ5ce8C-bspcRFrhJJs.roa
Signing time:             Tue 16 Aug 2022 08:48:35 +0000
ROA not before:           Tue 16 Aug 2022 08:48:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        5.105.2.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:a5:d7:21:68:80:84:ef:09:25:ce:c1:88:8d:94:7f:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Aug 16 08:48:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=68fa44bbd0ef2d0e5c7bc0be6eca5c445ae1249b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:7a:36:c1:07:e2:4e:5b:32:83:cb:e2:5f:eb:
                    9c:10:75:79:3c:9c:26:55:3a:d3:72:99:37:8b:f2:
                    98:8b:01:f4:0e:cf:6f:3c:10:7a:c2:07:7c:15:df:
                    71:d6:a7:6f:ef:b6:7f:8f:ef:3c:a4:3b:75:0d:1b:
                    a8:ce:e1:cc:65:30:3c:dd:b5:d9:ee:64:c3:a4:0b:
                    e3:ff:4f:07:1b:d6:aa:87:69:07:2d:89:7e:5b:0d:
                    ba:06:a3:f1:c6:8a:24:1d:59:71:c0:9d:56:4b:c1:
                    3d:00:f8:e2:ef:d0:e3:02:fa:bb:71:2f:b7:24:9d:
                    c9:7f:c7:72:4a:44:8a:b9:63:14:be:b6:8d:de:f7:
                    03:31:82:62:4a:bf:db:c6:82:31:a3:f4:b9:09:dd:
                    19:85:8b:6b:28:4e:a6:d2:60:76:5f:37:b3:3d:ea:
                    5a:8d:93:79:5b:0b:bb:33:2f:16:fc:47:f1:80:b1:
                    ee:eb:aa:ae:9b:cc:c7:87:98:f0:63:67:05:70:93:
                    53:82:60:5b:3a:d1:8d:5c:86:a7:02:40:77:5f:5e:
                    03:88:24:56:e0:34:76:68:db:50:94:1b:df:55:0d:
                    cb:78:fa:ac:52:07:5a:11:8b:47:90:17:f9:6d:ed:
                    f4:41:1b:e9:ff:59:4a:03:eb:76:2e:06:4a:06:0c:
                    97:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:FA:44:BB:D0:EF:2D:0E:5C:7B:C0:BE:6E:CA:5C:44:5A:E1:24:9B
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aPpEu9DvLQ5ce8C-bspcRFrhJJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:8b:00:9e:60:f7:1a:bc:cb:27:ce:0b:a2:85:1b:5f:f4:46:
         43:12:ab:c1:7c:60:ed:70:56:4c:97:f7:ff:7b:7d:bf:ec:9d:
         8b:60:f2:3d:61:e2:af:57:15:cd:e0:35:8e:98:c5:ed:d3:f1:
         29:bf:3f:a8:38:95:a6:9d:c5:d2:c9:f4:90:70:42:95:33:a9:
         52:da:57:66:8f:62:9b:4a:05:2f:be:fc:81:65:cb:cb:d3:ed:
         41:48:b2:56:b6:3f:fb:ce:bf:e9:16:74:89:b1:91:fb:db:ea:
         70:a3:cc:e8:a3:7c:55:1f:29:d0:3c:cc:18:a6:4f:23:1e:0a:
         74:38:d1:46:2b:87:33:b3:18:56:69:05:bc:99:09:ed:0a:f5:
         e9:ef:96:47:bd:72:6c:b3:43:c3:6b:a3:f5:93:93:d0:84:36:
         a2:cf:95:d6:72:03:37:77:9c:eb:a3:36:2a:b2:36:50:c2:83:
         16:11:ae:80:5a:1d:bb:44:8d:3c:99:31:1a:46:9f:a9:3d:6c:
         7f:47:2b:d1:c6:38:b8:b9:a3:ca:85:1c:76:d5:20:b4:58:23:
         aa:42:b8:d8:c1:ea:a8:51:7e:5d:d8:21:c8:3e:fb:8f:8c:8f:
         b8:fc:13:f0:34:4e:1b:65:4f:85:5f:6b:95:63:e5:f8:b9:4d:
         5a:7d:34:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKl1yFogITvCSXOwYiNlH+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIwODE2MDg0ODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGZhNDRiYmQwZWYyZDBlNWM3YmMwYmU2ZWNhNWM0NDVhZTEyNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXo2wQfiTlsyg8viX+ucEHV5PJwm
VTrTcpk3i/KYiwH0Ds9vPBB6wgd8Fd9x1qdv77Z/j+88pDt1DRuozuHMZTA83bXZ
7mTDpAvj/08HG9aqh2kHLYl+Ww26BqPxxookHVlxwJ1WS8E9APji79DjAvq7cS+3
JJ3Jf8dySkSKuWMUvraN3vcDMYJiSr/bxoIxo/S5Cd0ZhYtrKE6m0mB2XzezPepa
jZN5Wwu7My8W/EfxgLHu66qum8zHh5jwY2cFcJNTgmBbOtGNXIanAkB3X14DiCRW
4DR2aNtQlBvfVQ3LePqsUgdaEYtHkBf5be30QRvp/1lKA+t2LgZKBgyX7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGj6RLvQ7y0OXHvAvm7KXERa4SSbMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvYVBwRXU5RHZMUTVjZThDLWJzcGNSRnJoSkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkCMA0G
CSqGSIb3DQEBCwUAA4IBAQAHiwCeYPcavMsnzguihRtf9EZDEqvBfGDtcFZMl/f/
e32/7J2LYPI9YeKvVxXN4DWOmMXt0/Epvz+oOJWmncXSyfSQcEKVM6lS2ldmj2Kb
SgUvvvyBZcvL0+1BSLJWtj/7zr/pFnSJsZH72+pwo8zoo3xVHynQPMwYpk8jHgp0
ONFGK4czsxhWaQW8mQntCvXp75ZHvXJss0PDa6P1k5PQhDaiz5XWcgM3d5zrozYq
sjZQwoMWEa6AWh27RI08mTEaRp+pPWx/RyvRxji4uaPKhRx21SC0WCOqQrjYweqo
UX5d2CHIPvuPjI+4/BPwNE4bZU+FX2uVY+X4uU1afTQJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:28 2024 by rpki-client on console-fra.rpki-client.org