Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/04ayMuXZZWfRQeGBotbdbu30nrs.roa
File:                     04ayMuXZZWfRQeGBotbdbu30nrs.roa (raw, json)
Hash identifier:          FksKW9hKYgesCZ8nrVJRO5UCZUI4xZa8OOojDouxJcs=
Subject key identifier:   D3:86:B2:32:E5:D9:65:67:D1:41:E1:81:A2:D6:DD:6E:ED:F4:9E:BB
Certificate issuer:       /CN=32ee1bcd8ce393d98a7583ac13f1425d4faf27c9
Certificate serial:       05C96D0A
Authority key identifier: 32:EE:1B:CD:8C:E3:93:D9:8A:75:83:AC:13:F1:42:5D:4F:AF:27:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/04ayMuXZZWfRQeGBotbdbu30nrs.roa
Signing time:             Sat 01 Jan 2022 15:55:42 +0000
ROA not before:           Sat 01 Jan 2022 15:55:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56583
IP address blocks:        31.171.208.0/24 maxlen: 24
                          31.171.210.0/24 maxlen: 24
                          2a0b:71c0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 97086730 (0x5c96d0a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32ee1bcd8ce393d98a7583ac13f1425d4faf27c9
        Validity
            Not Before: Jan  1 15:55:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d386b232e5d96567d141e181a2d6dd6eedf49ebb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0d:5d:0b:b3:9c:f3:ed:8b:78:1a:25:ca:ad:
                    49:93:a1:36:e8:ee:c4:4f:0f:ab:1e:f9:79:12:c6:
                    2b:0b:f3:bd:fe:eb:bc:a8:bc:92:ae:51:e2:78:bd:
                    f8:97:80:a1:fe:e1:6d:1c:0e:13:6f:23:01:4b:42:
                    58:09:6f:c2:bf:30:13:27:36:16:aa:e1:ab:8d:98:
                    2e:1a:84:a9:30:f6:ef:36:8a:ee:1e:e9:cd:24:9f:
                    ed:76:6f:ce:f9:07:bf:89:20:31:18:54:ef:3a:82:
                    18:a9:d8:4b:21:20:97:41:03:ad:f3:9f:59:d8:31:
                    0f:b7:04:72:13:bb:89:4b:10:fb:50:61:94:81:68:
                    36:6c:3d:f5:4b:3f:3d:80:02:c4:6e:3d:6f:a8:87:
                    e7:f3:1d:c6:09:9e:61:18:6b:23:c7:d0:6b:f7:b8:
                    e4:89:b9:cd:e1:2c:c7:df:01:f8:fd:e7:49:7a:24:
                    d2:46:2b:26:1a:e1:ad:82:1c:ee:55:25:2e:03:42:
                    92:0e:d2:fd:25:39:71:0c:76:5c:df:de:47:f0:79:
                    70:80:1c:7d:df:e1:ef:aa:1c:bf:82:c8:0e:51:9a:
                    84:af:3d:45:94:8d:09:d1:63:21:05:c6:f4:bc:f8:
                    c5:40:9d:b8:59:d9:2c:00:a5:13:b6:6d:51:53:a3:
                    f0:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:86:B2:32:E5:D9:65:67:D1:41:E1:81:A2:D6:DD:6E:ED:F4:9E:BB
            X509v3 Authority Key Identifier:
                keyid:32:EE:1B:CD:8C:E3:93:D9:8A:75:83:AC:13:F1:42:5D:4F:AF:27:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/04ayMuXZZWfRQeGBotbdbu30nrs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.171.208.0/24
                  31.171.210.0/24
                IPv6:
                  2a0b:71c0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         5d:1e:79:88:ac:5c:e9:5e:2e:c2:3b:9d:45:2d:5d:c7:4f:e8:
         33:01:88:e1:3a:d4:2a:cb:5d:cc:90:10:14:dc:48:02:79:4e:
         0d:26:4f:88:e6:eb:2c:29:6b:2f:88:ba:f7:94:fa:dd:9b:62:
         4c:9c:6c:cf:ad:e8:e0:05:07:c8:79:b3:72:4c:ab:1b:1c:f0:
         11:e2:7a:04:af:50:8c:5a:26:d2:d6:c7:b1:3c:11:26:d0:45:
         a4:4e:ba:27:0c:b6:0c:e2:98:1a:5c:93:86:67:58:9e:60:21:
         13:22:21:0b:23:df:93:8f:22:3e:b2:ee:92:22:58:cb:26:b5:
         1b:53:89:ba:22:a6:1d:f6:e1:fa:5b:9b:25:15:82:29:e6:ed:
         71:63:c2:3d:89:57:c7:40:5c:88:e6:29:df:38:1c:e7:49:e6:
         e9:32:dc:7d:cc:0f:92:d5:97:36:f7:8c:bd:ff:7a:e6:08:eb:
         04:88:d9:93:8b:7d:bb:74:cc:a6:23:78:0f:f2:aa:ff:63:2a:
         de:66:1c:bb:e4:20:f0:6e:05:f2:ec:57:ef:e2:df:8c:7b:9a:
         3b:40:e8:8e:12:9c:21:58:df:86:f9:bb:80:c9:e3:c0:39:2e:
         ad:60:56:d8:48:a5:6b:af:c4:8e:2e:30:ba:de:94:c6:09:58:
         37:04:e8:28
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEBcltCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MmVlMWJjZDhjZTM5M2Q5OGE3NTgzYWMxM2YxNDI1ZDRmYWYyN2M5MB4XDTIyMDEw
MTE1NTU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM4NmIyMzJlNWQ5
NjU2N2QxNDFlMTgxYTJkNmRkNmVlZGY0OWViYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJENXQuznPPti3gaJcqtSZOhNujuxE8Pqx75eRLGKwvzvf7r
vKi8kq5R4ni9+JeAof7hbRwOE28jAUtCWAlvwr8wEyc2Fqrhq42YLhqEqTD27zaK
7h7pzSSf7XZvzvkHv4kgMRhU7zqCGKnYSyEgl0EDrfOfWdgxD7cEchO7iUsQ+1Bh
lIFoNmw99Us/PYACxG49b6iH5/MdxgmeYRhrI8fQa/e45Im5zeEsx98B+P3nSXok
0kYrJhrhrYIc7lUlLgNCkg7S/SU5cQx2XN/eR/B5cIAcfd/h76ocv4LIDlGahK89
RZSNCdFjIQXG9Lz4xUCduFnZLAClE7ZtUVOj8CECAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTThrIy5dllZ9FB4YGi1t1u7fSeuzAfBgNVHSMEGDAWgBQy7hvNjOOT2Yp1
g6wT8UJdT68nyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L011NGJ6WXpqazltS2RZT3NFX0ZDWFUtdko4ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvZTRlODlmLTBhYWQtNDcwNy04NjVhLTQwMDEyYzgyOTc5Yi8x
LzA0YXlNdVhaWldmUlFlR0JvdGJkYnUzMG5ycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
ZTRlODlmLTBhYWQtNDcwNy04NjVhLTQwMDEyYzgyOTc5Yi8xL011NGJ6WXpqazlt
S2RZT3NFX0ZDWFUtdko4ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAB+r0AMEAB+r0jAPBAIAAjAJAwcA
KgtxwAABMA0GCSqGSIb3DQEBCwUAA4IBAQBdHnmIrFzpXi7CO51FLV3HT+gzAYjh
OtQqy13MkBAU3EgCeU4NJk+I5ussKWsviLr3lPrdm2JMnGzPrejgBQfIebNyTKsb
HPAR4noEr1CMWibS1sexPBEm0EWkTronDLYM4pgaXJOGZ1ieYCETIiELI9+TjyI+
su6SIljLJrUbU4m6IqYd9uH6W5slFYIp5u1xY8I9iVfHQFyI5infOBznSebpMtx9
zA+S1Zc294y9/3rmCOsEiNmTi327dMymI3gP8qr/YyreZhy75CDwbgXy7Ffv4t+M
e5o7QOiOEpwhWN+G+buAyePAOS6tYFbYSKVrr8SOLjC63pTGCVg3BOgo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:44 2024 by rpki-client on console-fra.rpki-client.org