Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/nXGr4IhtJcbJPlAjRN20-k0sEQ0.roa
File:                     nXGr4IhtJcbJPlAjRN20-k0sEQ0.roa (raw, json)
Hash identifier:          z/mHOTnv7N0qq8s2y30lZr7jjN/jVSzKCUhP6zV564c=
Subject key identifier:   9D:71:AB:E0:88:6D:25:C6:C9:3E:50:23:44:DD:B4:FA:4D:2C:11:0D
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0184A35DADE415CE5BF269F3405BC33F7A24
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/nXGr4IhtJcbJPlAjRN20-k0sEQ0.roa
Signing time:             Wed 23 Nov 2022 07:22:16 +0000
ROA not before:           Wed 23 Nov 2022 07:22:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49519
IP address blocks:        5.105.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a3:5d:ad:e4:15:ce:5b:f2:69:f3:40:5b:c3:3f:7a:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Nov 23 07:22:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9d71abe0886d25c6c93e502344ddb4fa4d2c110d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:85:11:97:27:e4:83:ef:4b:f1:06:e7:b1:15:
                    81:ad:00:04:76:e6:fd:77:67:94:45:73:b2:f4:f7:
                    7b:f7:ed:ea:63:d3:be:8f:6a:39:aa:f0:3c:6b:03:
                    f0:9e:76:14:54:4b:db:72:a0:92:e9:d0:57:af:59:
                    f5:c1:a8:00:3a:2f:60:47:3d:2a:77:27:50:ce:f7:
                    76:95:bf:c8:68:f6:df:74:7d:ef:80:16:12:64:f3:
                    50:ae:7c:1d:4a:0c:98:e1:80:ce:22:61:0d:56:71:
                    81:26:62:97:85:b1:5f:fe:02:83:c0:f8:4d:1f:ea:
                    66:c1:42:a6:72:45:01:2a:03:84:6c:97:44:14:9f:
                    d1:b2:95:74:94:4c:30:1d:97:26:2e:83:84:34:c7:
                    24:bc:41:9b:1e:37:7e:e8:5a:2c:64:05:6a:71:3f:
                    d0:a3:b2:7c:c5:5b:c6:b8:b0:91:4f:2d:5d:23:86:
                    94:59:c9:ce:53:ae:f3:65:15:f6:57:e7:1e:57:2c:
                    39:67:46:d9:9a:d1:23:f1:c4:c4:56:2b:48:a7:d3:
                    ee:e4:0d:61:9e:c6:c3:db:dc:c8:3f:e2:42:4f:0d:
                    26:8c:22:2e:48:38:dc:ad:92:0e:b0:8d:69:77:cb:
                    f6:7f:46:a2:f4:1d:60:1d:35:14:c8:78:7d:b8:3c:
                    fb:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:71:AB:E0:88:6D:25:C6:C9:3E:50:23:44:DD:B4:FA:4D:2C:11:0D
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/nXGr4IhtJcbJPlAjRN20-k0sEQ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:7e:a8:28:fa:e8:aa:f4:6d:6b:a3:5b:37:fc:a3:56:08:be:
         d3:eb:e6:34:d8:33:9d:a8:9e:b3:99:0c:32:cc:93:a8:08:87:
         76:67:73:10:35:a5:93:7e:b1:47:5c:9d:07:70:7c:7b:7d:e0:
         17:89:72:3d:43:81:fb:11:c9:24:49:6a:cb:98:80:8f:a7:f6:
         62:e5:d5:72:5f:a0:7d:da:e8:fc:be:c7:6e:af:ff:35:87:9d:
         b6:c6:6a:f0:e1:30:e5:08:6d:a3:35:ad:1d:8c:97:43:23:8c:
         83:81:ca:1c:1b:e4:42:d0:d8:6a:8a:0f:ab:c5:16:3c:6b:bc:
         80:83:2c:13:27:a7:8a:18:f1:d1:0f:79:c4:b5:41:63:c0:69:
         d7:49:dd:43:6e:c7:ea:9b:b4:b6:09:cc:61:c5:db:d2:86:34:
         3b:1d:9a:ce:ca:f4:d4:6c:d8:77:cc:0e:65:2d:9d:f8:80:c4:
         55:df:52:ec:79:c6:b9:25:4c:db:46:dc:1d:71:43:75:b0:14:
         90:4e:98:d3:40:c2:bb:b4:fe:30:59:82:ef:13:75:1e:0a:8a:
         16:8d:61:d8:f5:38:23:ac:37:c9:50:68:8b:d5:75:bb:1f:e8:
         56:a6:3c:2f:da:e4:71:f9:af:0a:13:4d:ca:b7:ba:ca:0e:89:
         ae:e8:6e:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSjXa3kFc5b8mnzQFvDP3okMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMTIzMDcyMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDcxYWJlMDg4NmQyNWM2YzkzZTUwMjM0NGRkYjRmYTRkMmMxMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoURlyfkg+9L8QbnsRWBrQAEdub9
d2eURXOy9Pd79+3qY9O+j2o5qvA8awPwnnYUVEvbcqCS6dBXr1n1wagAOi9gRz0q
dydQzvd2lb/IaPbfdH3vgBYSZPNQrnwdSgyY4YDOImENVnGBJmKXhbFf/gKDwPhN
H+pmwUKmckUBKgOEbJdEFJ/RspV0lEwwHZcmLoOENMckvEGbHjd+6FosZAVqcT/Q
o7J8xVvGuLCRTy1dI4aUWcnOU67zZRX2V+ceVyw5Z0bZmtEj8cTEVitIp9Pu5A1h
nsbD29zIP+JCTw0mjCIuSDjcrZIOsI1pd8v2f0ai9B1gHTUUyHh9uDz7HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1xq+CIbSXGyT5QI0TdtPpNLBENMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvblhHcjRJaHRKY2JKUGxBalJOMjAtazBzRVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkGMA0G
CSqGSIb3DQEBCwUAA4IBAQB6fqgo+uiq9G1ro1s3/KNWCL7T6+Y02DOdqJ6zmQwy
zJOoCId2Z3MQNaWTfrFHXJ0HcHx7feAXiXI9Q4H7EckkSWrLmICPp/Zi5dVyX6B9
2uj8vsdur/81h522xmrw4TDlCG2jNa0djJdDI4yDgcocG+RC0Nhqig+rxRY8a7yA
gywTJ6eKGPHRD3nEtUFjwGnXSd1Dbsfqm7S2CcxhxdvShjQ7HZrOyvTUbNh3zA5l
LZ34gMRV31Lseca5JUzbRtwdcUN1sBSQTpjTQMK7tP4wWYLvE3UeCooWjWHY9Tgj
rDfJUGiL1XW7H+hWpjwv2uRx+a8KE03Kt7rKDomu6G6a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:58 2024 by rpki-client on console-ams.rpki-client.org