Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ea1ae-1f87-4cfb-9412-df542cdc3976/1/52khfLHzYoFHFJh0p3EZf3-k4CQ.roa
File:                     52khfLHzYoFHFJh0p3EZf3-k4CQ.roa (raw, json)
Hash identifier:          cnLdanXwexVqfXevoZOB5Df2dQ0AhZWyspXAGOGCk7c=
Subject key identifier:   E7:69:21:7C:B1:F3:62:81:47:14:98:74:A7:71:19:7F:7F:A4:E0:24
Certificate issuer:       /CN=083332d2f60784f12bb2d210aec80ab41bbf1159
Certificate serial:       098697
Authority key identifier: 08:33:32:D2:F6:07:84:F1:2B:B2:D2:10:AE:C8:0A:B4:1B:BF:11:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CDMy0vYHhPErstIQrsgKtBu_EVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/3ea1ae-1f87-4cfb-9412-df542cdc3976/1/52khfLHzYoFHFJh0p3EZf3-k4CQ.roa
Signing time:             Sat 29 Jan 2022 15:10:40 +0000
ROA not before:           Sat 29 Jan 2022 15:10:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59441
IP address blocks:        80.91.208.0/24 maxlen: 24
                          2a09:5880::/29 maxlen: 128

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 624279 (0x98697)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=083332d2f60784f12bb2d210aec80ab41bbf1159
        Validity
            Not Before: Jan 29 15:10:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e769217cb1f3628147149874a771197f7fa4e024
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:18:65:b3:87:53:e4:dc:bd:22:37:98:73:6e:
                    80:f0:f8:86:1f:c2:1d:78:05:38:1a:f8:16:ca:4a:
                    dd:be:68:1f:5b:bd:be:59:0f:ac:ba:f6:98:2e:c7:
                    b2:ac:31:57:0d:fb:4e:1f:ee:8c:79:0a:93:08:31:
                    22:9f:c0:14:02:c9:d6:4a:48:f2:ba:37:43:fd:7f:
                    70:e6:99:59:7c:14:f4:a4:40:e0:d4:79:bf:ac:be:
                    e5:af:52:4f:3e:45:13:17:99:59:b0:01:f0:fe:97:
                    7b:bc:87:b1:52:88:5b:e8:2e:66:3c:4e:5f:18:09:
                    bb:c6:a0:0a:c0:71:a8:10:3d:0a:15:6e:77:f2:bd:
                    c7:b0:7d:be:da:c9:be:f5:93:92:fb:99:1c:ce:65:
                    fb:6b:ac:1c:bd:fe:87:1e:d0:92:94:f7:54:86:3a:
                    23:62:a1:ca:d2:c1:a3:48:6d:63:6c:14:c6:d7:14:
                    37:be:70:e6:07:b8:c3:47:f8:c9:e2:97:01:56:e2:
                    47:87:29:e0:05:e6:7a:bb:92:a9:d0:91:3f:89:e9:
                    8b:64:32:00:d1:c9:bd:d7:6d:94:49:ae:e9:e6:df:
                    80:d1:69:bf:13:5f:0f:b8:e4:1c:10:46:9b:d0:45:
                    84:0e:59:c5:a6:87:b0:04:cf:2e:cd:7f:53:62:21:
                    94:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:69:21:7C:B1:F3:62:81:47:14:98:74:A7:71:19:7F:7F:A4:E0:24
            X509v3 Authority Key Identifier:
                keyid:08:33:32:D2:F6:07:84:F1:2B:B2:D2:10:AE:C8:0A:B4:1B:BF:11:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDMy0vYHhPErstIQrsgKtBu_EVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ea1ae-1f87-4cfb-9412-df542cdc3976/1/52khfLHzYoFHFJh0p3EZf3-k4CQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ea1ae-1f87-4cfb-9412-df542cdc3976/1/CDMy0vYHhPErstIQrsgKtBu_EVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.91.208.0/24
                IPv6:
                  2a09:5880::/29

    Signature Algorithm: sha256WithRSAEncryption
         a3:fa:bb:21:c3:90:f6:15:ea:4f:02:f2:da:9a:50:05:6e:21:
         05:7f:8f:0a:8b:99:ec:be:38:1e:ab:f5:b1:5b:0e:82:06:67:
         94:81:b4:8d:3a:c4:72:a0:78:d3:1f:8b:c4:fc:66:c0:24:c4:
         e8:1d:2b:0e:4e:30:c3:c8:5b:fb:12:cc:cf:f1:9d:d7:0c:e3:
         63:10:e0:2a:eb:77:f6:8e:8f:52:0b:54:ed:8d:eb:28:13:d6:
         14:47:f8:ec:09:46:ed:f5:6c:95:83:f6:8f:e1:94:f1:00:4b:
         12:c8:90:22:3f:9d:d8:8c:12:f2:57:58:32:06:04:b9:0b:3c:
         8b:3f:c7:9e:5c:0e:95:af:4c:3a:65:70:0f:f3:3c:be:70:7d:
         91:a3:d1:c1:30:bc:89:55:4a:17:22:37:84:85:4d:0d:48:2f:
         c5:6f:ef:79:bd:5f:aa:8b:f9:e4:5d:e0:c5:dc:4e:cf:b2:a4:
         42:f2:5c:63:89:f8:b1:c9:bc:6b:f2:ec:0d:55:ff:2d:4e:1d:
         f1:dc:b9:0a:5f:72:d2:5b:ef:20:ff:32:c2:31:05:67:c0:5f:
         85:d7:9e:f0:05:01:cb:b3:f1:05:29:a3:3e:3e:98:c0:02:41:
         f9:b0:aa:04:a5:7c:5c:c0:5b:e3:ac:87:41:13:42:a7:8b:b4:
         0b:8e:0f:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDCYaXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA4
MzMzMmQyZjYwNzg0ZjEyYmIyZDIxMGFlYzgwYWI0MWJiZjExNTkwHhcNMjIwMTI5
MTUxMDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlNzY5MjE3Y2IxZjM2
MjgxNDcxNDk4NzRhNzcxMTk3ZjdmYTRlMDI0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsBhls4dT5Ny9IjeYc26A8PiGH8IdeAU4GvgWykrdvmgfW72+
WQ+suvaYLseyrDFXDftOH+6MeQqTCDEin8AUAsnWSkjyujdD/X9w5plZfBT0pEDg
1Hm/rL7lr1JPPkUTF5lZsAHw/pd7vIexUohb6C5mPE5fGAm7xqAKwHGoED0KFW53
8r3HsH2+2sm+9ZOS+5kczmX7a6wcvf6HHtCSlPdUhjojYqHK0sGjSG1jbBTG1xQ3
vnDmB7jDR/jJ4pcBVuJHhyngBeZ6u5Kp0JE/iemLZDIA0cm9122USa7p5t+A0Wm/
E18PuOQcEEab0EWEDlnFpoewBM8uzX9TYiGUPQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFOdpIXyx82KBRxSYdKdxGX9/pOAkMB8GA1UdIwQYMBaAFAgzMtL2B4TxK7LS
EK7ICrQbvxFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Q0RNeTB2WUhoUEVyc3RJUXJzZ0t0QnVfRVZrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Mi8zZWExYWUtMWY4Ny00Y2ZiLTk0MTItZGY1NDJjZGMzOTc2LzEv
NTJraGZMSHpZb0ZIRkpoMHAzRVpmMy1rNENRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8z
ZWExYWUtMWY4Ny00Y2ZiLTk0MTItZGY1NDJjZGMzOTc2LzEvQ0RNeTB2WUhoUEVy
c3RJUXJzZ0t0QnVfRVZrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUFvQMA0EAgACMAcDBQMqCViAMA0G
CSqGSIb3DQEBCwUAA4IBAQCj+rshw5D2FepPAvLamlAFbiEFf48Ki5nsvjgeq/Wx
Ww6CBmeUgbSNOsRyoHjTH4vE/GbAJMToHSsOTjDDyFv7EszP8Z3XDONjEOAq63f2
jo9SC1TtjesoE9YUR/jsCUbt9WyVg/aP4ZTxAEsSyJAiP53YjBLyV1gyBgS5CzyL
P8eeXA6Vr0w6ZXAP8zy+cH2Ro9HBMLyJVUoXIjeEhU0NSC/Fb+95vV+qi/nkXeDF
3E7PsqRC8lxjifixybxr8uwNVf8tTh3x3LkKX3LSW+8g/zLCMQVnwF+F157wBQHL
s/EFKaM+PpjAAkH5sKoEpXxcwFvjrIdBE0Kni7QLjg/S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:47 2024 by rpki-client on console-fra.rpki-client.org