Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2029a9-4396-4717-ab05-e24336ec8a08/1/5HLRV6Ye4fd4LGPRkhGzh0riy50.roa
File:                     5HLRV6Ye4fd4LGPRkhGzh0riy50.roa (raw, json)
Hash identifier:          QDzQGpUQhsZCEnJnihCADh1VFK2/tyTiqSfaV1Fiems=
Subject key identifier:   E4:72:D1:57:A6:1E:E1:F7:78:2C:63:D1:92:11:B3:87:4A:E2:CB:9D
Certificate issuer:       /CN=ed5293cd4a627a846aed60ca7fb5d5a9019aae51
Certificate serial:       09265218
Authority key identifier: ED:52:93:CD:4A:62:7A:84:6A:ED:60:CA:7F:B5:D5:A9:01:9A:AE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7VKTzUpieoRq7WDKf7XVqQGarlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/2029a9-4396-4717-ab05-e24336ec8a08/1/5HLRV6Ye4fd4LGPRkhGzh0riy50.roa
Signing time:             Sat 01 Jan 2022 15:05:08 +0000
ROA not before:           Sat 01 Jan 2022 15:05:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     137
IP address blocks:        157.27.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153506328 (0x9265218)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed5293cd4a627a846aed60ca7fb5d5a9019aae51
        Validity
            Not Before: Jan  1 15:05:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e472d157a61ee1f7782c63d19211b3874ae2cb9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:32:77:2e:40:2f:bd:74:3c:3c:f7:d3:ef:33:
                    0a:ec:89:b2:fb:b1:36:f1:8b:b3:ab:22:20:25:6e:
                    a0:ec:f3:c9:ee:8b:59:0c:e9:20:c9:44:fa:fa:da:
                    10:09:7e:d5:21:29:66:7b:ef:66:3c:97:d4:e9:b1:
                    75:86:fa:d3:8a:b6:02:b7:aa:27:be:c3:ab:4c:ce:
                    51:5f:da:1c:9a:9f:cf:c1:a2:24:e3:49:d1:e1:b8:
                    70:49:ea:ec:9f:a2:3f:8c:76:81:e9:c5:7d:34:6b:
                    2a:3b:77:e2:9f:6c:5a:60:7c:12:7e:87:fe:6a:ba:
                    55:f8:ad:fc:25:c9:ce:11:59:c0:44:af:82:09:6d:
                    bd:d1:07:ed:5c:75:94:12:e6:7b:7a:e5:48:02:dd:
                    90:43:1b:5b:dc:be:6a:f8:32:a4:6d:09:4e:bc:db:
                    e9:f4:e8:3a:b8:0b:ee:a2:49:4d:01:ce:4f:4c:c6:
                    e4:16:00:53:cd:bb:31:f9:e6:53:dc:ba:aa:82:8a:
                    24:66:2d:0d:74:17:93:db:8b:76:1e:81:72:07:ce:
                    4b:80:3e:6d:fe:da:c3:94:dc:17:29:d8:5f:d0:2d:
                    98:77:9d:15:11:ad:01:dd:5f:11:e4:04:66:da:85:
                    86:5c:75:49:f3:bf:8c:b6:d2:41:9e:c1:63:ae:2c:
                    a6:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:72:D1:57:A6:1E:E1:F7:78:2C:63:D1:92:11:B3:87:4A:E2:CB:9D
            X509v3 Authority Key Identifier:
                keyid:ED:52:93:CD:4A:62:7A:84:6A:ED:60:CA:7F:B5:D5:A9:01:9A:AE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7VKTzUpieoRq7WDKf7XVqQGarlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2029a9-4396-4717-ab05-e24336ec8a08/1/5HLRV6Ye4fd4LGPRkhGzh0riy50.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2029a9-4396-4717-ab05-e24336ec8a08/1/7VKTzUpieoRq7WDKf7XVqQGarlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.27.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8d:80:e5:0c:0d:74:82:22:6e:15:7f:85:14:0a:e1:f8:08:bd:
         23:05:8e:d3:56:42:db:a9:d5:de:be:cc:a3:72:c5:c7:6c:11:
         91:a1:8e:fe:69:45:d3:af:0d:aa:3a:f8:42:ca:ae:92:60:74:
         ff:1a:d3:e3:49:e0:83:57:39:88:14:f2:b1:3f:e9:58:ea:47:
         13:02:f3:25:6a:a5:32:82:44:b5:ef:8a:ac:37:65:13:ab:6f:
         2b:da:f8:03:a7:6a:80:db:bb:5e:c4:60:f7:2c:6b:c8:6b:f5:
         4e:57:01:69:f7:46:ab:8a:3a:c4:89:f0:48:09:bc:ec:dc:0e:
         db:67:9d:d9:20:e9:51:f0:dc:f3:27:f4:7f:c7:7a:0a:4c:0a:
         2a:00:fa:c1:11:d9:af:6e:2a:79:d2:b2:31:c4:89:1a:66:ee:
         21:90:8f:94:23:3a:c3:d3:0a:25:cb:75:b2:ca:e3:ba:32:72:
         90:68:4e:3b:35:89:04:dd:93:86:76:bf:d6:58:f0:11:21:84:
         de:fb:d5:fa:5f:e4:17:00:e7:d4:9a:a4:8e:f7:9f:2b:92:3c:
         aa:92:00:9a:a4:81:f1:a8:4d:27:66:bd:c0:b6:f2:d0:eb:b7:
         56:4f:51:19:45:77:44:37:cc:25:33:fe:42:5e:c6:7a:f2:0b:
         e1:92:07:74
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIECSZSGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZDUyOTNjZDRhNjI3YTg0NmFlZDYwY2E3ZmI1ZDVhOTAxOWFhZTUxMB4XDTIyMDEw
MTE1MDUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ3MmQxNTdhNjFl
ZTFmNzc4MmM2M2QxOTIxMWIzODc0YWUyY2I5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkydy5AL710PDz30+8zCuyJsvuxNvGLs6siICVuoOzzye6L
WQzpIMlE+vraEAl+1SEpZnvvZjyX1OmxdYb604q2AreqJ77Dq0zOUV/aHJqfz8Gi
JONJ0eG4cEnq7J+iP4x2genFfTRrKjt34p9sWmB8En6H/mq6Vfit/CXJzhFZwESv
ggltvdEH7Vx1lBLme3rlSALdkEMbW9y+avgypG0JTrzb6fToOrgL7qJJTQHOT0zG
5BYAU827MfnmU9y6qoKKJGYtDXQXk9uLdh6BcgfOS4A+bf7aw5TcFynYX9AtmHed
FRGtAd1fEeQEZtqFhlx1SfO/jLbSQZ7BY64spvMCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBTkctFXph7h93gsY9GSEbOHSuLLnTAfBgNVHSMEGDAWgBTtUpPNSmJ6hGrt
YMp/tdWpAZquUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdWS1R6VXBpZW9ScTdXREtmN1hWcVFHYXJsRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvMjAyOWE5LTQzOTYtNDcxNy1hYjA1LWUyNDMzNmVjOGEwOC8x
LzVITFJWNlllNGZkNExHUFJraEd6aDByaXk1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
MjAyOWE5LTQzOTYtNDcxNy1hYjA1LWUyNDMzNmVjOGEwOC8xLzdWS1R6VXBpZW9S
cTdXREtmN1hWcVFHYXJsRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ0bMA0GCSqGSIb3DQEBCwUAA4IB
AQCNgOUMDXSCIm4Vf4UUCuH4CL0jBY7TVkLbqdXevsyjcsXHbBGRoY7+aUXTrw2q
OvhCyq6SYHT/GtPjSeCDVzmIFPKxP+lY6kcTAvMlaqUygkS174qsN2UTq28r2vgD
p2qA27texGD3LGvIa/VOVwFp90arijrEifBICbzs3A7bZ53ZIOlR8NzzJ/R/x3oK
TAoqAPrBEdmvbip50rIxxIkaZu4hkI+UIzrD0woly3WyyuO6MnKQaE47NYkE3ZOG
dr/WWPARIYTe+9X6X+QXAOfUmqSO958rkjyqkgCapIHxqE0nZr3AtvLQ67dWT1EZ
RXdEN8wlM/5CXsZ68gvhkgd0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:47 2024 by rpki-client on console-fra.rpki-client.org