Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/s5-zZ3v3_4WFnO0kae1AQjOzYuc.roa
File:                     s5-zZ3v3_4WFnO0kae1AQjOzYuc.roa (raw, json)
Hash identifier:          rMNEbb0dXNyWadZ1OAF8mFbEtEVjALGXBBgrQeaRIWg=
Subject key identifier:   B3:9F:B3:67:7B:F7:FF:85:85:9C:ED:24:69:ED:40:42:33:B3:62:E7
Certificate issuer:       /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial:       01845EB6B860E898D93A12F77AFF51356CCF
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/s5-zZ3v3_4WFnO0kae1AQjOzYuc.roa
Signing time:             Wed 09 Nov 2022 23:25:43 +0000
ROA not before:           Wed 09 Nov 2022 23:25:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21473
IP address blocks:        152.89.92.0/22 maxlen: 22
                          2a0c:6b00::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:5e:b6:b8:60:e8:98:d9:3a:12:f7:7a:ff:51:35:6c:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
        Validity
            Not Before: Nov  9 23:25:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b39fb3677bf7ff85859ced2469ed404233b362e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:f3:ee:c2:0a:2f:7d:fa:37:71:c2:88:93:9a:
                    3e:44:f6:8c:d6:25:a7:1d:9b:82:97:c1:f2:7f:ba:
                    e7:b8:5c:1d:64:55:ab:65:b5:3a:a8:26:68:50:9c:
                    98:c4:55:08:a0:cf:cc:a5:65:d6:37:02:45:d8:2e:
                    1b:ca:0a:14:b0:cb:8c:d7:e8:32:3d:3e:28:a2:02:
                    9d:c8:36:5f:7a:9b:56:7d:f7:dd:2f:55:5e:f9:22:
                    cb:66:de:92:27:8c:be:1e:32:81:74:6c:1a:a6:1d:
                    3c:ac:6d:c6:8b:1b:3b:50:0c:b1:76:94:53:fa:06:
                    11:dc:32:05:12:0b:4b:9e:1f:31:5c:49:04:a6:d8:
                    c7:11:01:6b:f7:c8:b7:5d:0b:24:4c:61:c2:d1:f2:
                    62:74:aa:4f:21:e9:3e:8d:00:f8:cd:fd:32:94:f1:
                    3d:0b:ae:b2:66:60:fd:01:14:fc:d7:e1:6a:d0:f7:
                    8d:1a:0c:28:67:48:fc:6d:03:c4:10:b9:02:6d:bc:
                    aa:68:a8:76:3b:15:2c:54:9e:7c:cb:ec:0c:bf:e0:
                    f6:db:91:f6:05:05:c1:b5:f1:23:64:95:15:a1:13:
                    c3:e2:fd:be:1d:ef:40:ec:58:af:f5:4f:b4:12:7a:
                    ea:10:e3:07:bf:a1:4f:20:ba:0e:d5:19:78:87:44:
                    ca:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:9F:B3:67:7B:F7:FF:85:85:9C:ED:24:69:ED:40:42:33:B3:62:E7
            X509v3 Authority Key Identifier:
                keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/s5-zZ3v3_4WFnO0kae1AQjOzYuc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.92.0/22
                IPv6:
                  2a0c:6b00::/32

    Signature Algorithm: sha256WithRSAEncryption
         31:29:80:0a:72:06:46:6d:13:58:f5:c1:df:98:72:e3:ad:df:
         d6:8e:a0:06:1d:93:80:4c:89:79:d5:f7:1f:fa:a1:db:8f:75:
         50:1d:7b:94:93:8e:a8:7d:74:17:2e:ef:05:b3:7a:80:2d:78:
         ca:62:15:b2:6c:db:7a:7e:1f:7c:18:d5:45:8d:57:ae:bf:4a:
         99:e2:00:b3:2b:93:aa:65:da:eb:d4:f8:f4:56:fd:65:d6:03:
         9a:69:20:ad:67:7b:52:c1:93:c6:9a:bc:ec:f2:59:f8:44:7e:
         83:6f:a0:d1:5b:9c:8a:4c:d5:c4:7a:86:53:e8:cd:ab:2e:f1:
         24:1f:70:25:b6:1d:e6:aa:09:26:d6:ee:3e:f6:f1:9a:b5:8e:
         97:48:c9:da:70:c3:6e:17:b7:5c:7a:54:82:e1:16:cc:da:54:
         43:64:49:c5:af:51:c2:eb:c6:b3:eb:bd:0a:a5:2f:d6:a8:82:
         0b:0e:9e:87:ca:45:59:e9:e6:f9:39:3d:b2:76:fa:4f:d9:e1:
         51:df:79:d5:38:0c:d0:e6:23:59:68:de:e5:11:4a:79:23:6f:
         bb:a3:bd:00:b9:7e:fa:cb:6b:c1:88:2e:53:e7:c6:85:50:90:
         d4:ef:d5:ea:0b:47:ea:62:0a:c6:d7:15:40:f7:71:1e:33:93:
         62:34:62:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRetrhg6JjZOhL3ev9RNWzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjIxMTA5MjMyNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzlmYjM2NzdiZjdmZjg1ODU5Y2VkMjQ2OWVkNDA0MjMzYjM2MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/Puwgovffo3ccKIk5o+RPaM1iWn
HZuCl8Hyf7rnuFwdZFWrZbU6qCZoUJyYxFUIoM/MpWXWNwJF2C4bygoUsMuM1+gy
PT4oogKdyDZfeptWfffdL1Ve+SLLZt6SJ4y+HjKBdGwaph08rG3Gixs7UAyxdpRT
+gYR3DIFEgtLnh8xXEkEptjHEQFr98i3XQskTGHC0fJidKpPIek+jQD4zf0ylPE9
C66yZmD9ART81+Fq0PeNGgwoZ0j8bQPEELkCbbyqaKh2OxUsVJ58y+wMv+D225H2
BQXBtfEjZJUVoRPD4v2+He9A7Fiv9U+0EnrqEOMHv6FPILoO1Rl4h0TKSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLOfs2d79/+FhZztJGntQEIzs2LnMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvczUtelozdjNfNFdGbk8wa2FlMUFRak96WXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCmFlcMA0E
AgACMAcDBQAqDGsAMA0GCSqGSIb3DQEBCwUAA4IBAQAxKYAKcgZGbRNY9cHfmHLj
rd/WjqAGHZOATIl51fcf+qHbj3VQHXuUk46ofXQXLu8Fs3qALXjKYhWybNt6fh98
GNVFjVeuv0qZ4gCzK5OqZdrr1Pj0Vv1l1gOaaSCtZ3tSwZPGmrzs8ln4RH6Db6DR
W5yKTNXEeoZT6M2rLvEkH3Alth3mqgkm1u4+9vGatY6XSMnacMNuF7dcelSC4RbM
2lRDZEnFr1HC68az670KpS/WqIILDp6HykVZ6eb5OT2ydvpP2eFR33nVOAzQ5iNZ
aN7lEUp5I2+7o70AuX76y2vBiC5T58aFUJDU79XqC0fqYgrG1xVA93EeM5NiNGIR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org