Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ES_sZqHBh8tfqgvvMebyJHWd63o.roa
File:                     ES_sZqHBh8tfqgvvMebyJHWd63o.roa (raw, json)
Hash identifier:          qU5ReRIpVn6TkZKj2d9c8butE2WSSMVGbZsUsBFvlgY=
Subject key identifier:   11:2F:EC:66:A1:C1:87:CB:5F:AA:0B:EF:31:E6:F2:24:75:9D:EB:7A
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       03D906FA
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ES_sZqHBh8tfqgvvMebyJHWd63o.roa
Signing time:             Sat 01 Jan 2022 13:04:04 +0000
ROA not before:           Sat 01 Jan 2022 13:04:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201770
IP address blocks:        31.15.4.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64554746 (0x3d906fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 13:04:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=112fec66a1c187cb5faa0bef31e6f224759deb7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:69:75:ac:98:b8:0f:bf:62:05:81:46:75:21:
                    5e:2e:67:99:c6:77:01:e8:35:f8:e7:6e:45:c3:d9:
                    f1:38:9c:f3:50:f7:8d:ed:b7:60:cb:6c:7c:67:cf:
                    29:75:27:71:cb:7a:86:5f:f8:93:d8:dd:6f:26:ac:
                    6e:e7:e8:3c:9d:a6:fa:84:ed:6f:51:c9:9e:d0:ca:
                    1e:85:b1:2e:ec:ef:a6:c1:5a:ef:91:c0:eb:ce:68:
                    12:d8:6e:20:9d:cd:80:e9:4e:5c:68:d4:2f:21:19:
                    06:af:e8:ad:da:49:12:e8:2f:6e:19:bc:64:77:47:
                    08:10:21:cb:c0:95:c4:56:0b:b2:8a:a2:37:41:7f:
                    73:ea:7a:eb:db:2b:6b:a1:2a:9e:9b:30:13:8c:00:
                    e1:a6:21:8a:d1:6e:40:c8:81:ae:1f:15:95:de:74:
                    17:48:c6:a1:f4:8a:6e:dc:8d:d4:89:80:fe:3f:07:
                    e7:5b:45:76:11:cd:89:bd:93:ab:41:4e:7d:9f:c2:
                    3c:de:e6:1e:42:01:0f:59:2f:fc:e8:74:9d:c5:dd:
                    36:49:18:a5:46:88:62:2f:a7:1c:6c:54:e7:f6:71:
                    2a:6a:89:26:ce:a9:30:06:c1:f9:ca:c4:ff:96:97:
                    75:c9:3e:06:9e:9a:ce:ab:6b:6e:a4:ad:72:c3:24:
                    b7:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:2F:EC:66:A1:C1:87:CB:5F:AA:0B:EF:31:E6:F2:24:75:9D:EB:7A
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ES_sZqHBh8tfqgvvMebyJHWd63o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.15.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:3b:9f:28:27:5a:ad:c2:81:a2:2f:d7:71:bf:e5:fa:7e:0c:
         40:d0:ee:45:06:f5:d5:d7:9d:e8:9f:dd:51:d5:bc:a6:c0:bd:
         fe:6f:be:45:fd:a9:9e:64:f3:92:38:bf:e7:96:4a:fd:de:65:
         09:cb:1f:d4:af:d9:e0:54:b1:7d:86:80:0b:0a:1f:b9:02:f2:
         65:14:e1:7e:59:ec:77:93:37:8c:36:d0:ef:2b:8a:dd:a9:ff:
         99:1c:1d:7e:24:f6:f8:76:1b:81:a4:45:24:f9:52:dd:bf:4f:
         4d:88:a0:6e:da:7c:0a:49:45:85:e1:1e:a0:d1:51:d7:c0:ff:
         ae:bd:bd:e8:33:f6:a7:6d:82:f9:5c:34:85:f2:38:96:35:71:
         7b:b0:bc:62:6a:dd:b3:9d:19:82:4b:0d:d6:a9:e7:7d:dc:15:
         9d:cd:ba:b5:2c:8c:c7:09:fa:56:95:bc:3c:74:03:ad:29:a2:
         47:f3:c5:a7:66:d0:79:d1:0f:74:51:52:41:94:05:cc:2d:a2:
         1f:bf:0e:c6:9b:34:e6:0f:eb:51:ad:3f:cb:21:2f:df:cb:06:
         72:4d:03:b1:21:73:8c:63:3f:b1:25:ee:4f:2d:38:f2:3c:4b:
         7e:0c:5d:93:32:4a:c3:67:19:37:fc:f9:a7:c8:60:3b:a4:d9:
         17:9e:07:35
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9kG+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTM0YzQ5ZmNmYThhNDUwNDFkOTVlZDRkOGQ0ZmM2OWM3MjdhNDY3MB4XDTIyMDEw
MTEzMDQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTEyZmVjNjZhMWMx
ODdjYjVmYWEwYmVmMzFlNmYyMjQ3NTlkZWI3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5pdayYuA+/YgWBRnUhXi5nmcZ3Aeg1+OduRcPZ8Tic81D3
je23YMtsfGfPKXUncct6hl/4k9jdbyasbufoPJ2m+oTtb1HJntDKHoWxLuzvpsFa
75HA685oEthuIJ3NgOlOXGjULyEZBq/ordpJEugvbhm8ZHdHCBAhy8CVxFYLsoqi
N0F/c+p669sra6EqnpswE4wA4aYhitFuQMiBrh8Vld50F0jGofSKbtyN1ImA/j8H
51tFdhHNib2Tq0FOfZ/CPN7mHkIBD1kv/Oh0ncXdNkkYpUaIYi+nHGxU5/ZxKmqJ
Js6pMAbB+crE/5aXdck+Bp6azqtrbqStcsMktzMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQRL+xmocGHy1+qC+8x5vIkdZ3rejAfBgNVHSMEGDAWgBQFNMSfz6ikUEHZ
XtTY1PxpxyekZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8x
L0VTX3NacUhCaDh0ZnFndnZNZWJ5SkhXZDYzby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
MGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8xL0JUVEVuOC1vcEZC
QjJWN1UyTlQ4YWNjbnBHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8PBDANBgkqhkiG9w0BAQsFAAOC
AQEAZTufKCdarcKBoi/Xcb/l+n4MQNDuRQb11ded6J/dUdW8psC9/m++Rf2pnmTz
kji/55ZK/d5lCcsf1K/Z4FSxfYaACwofuQLyZRThflnsd5M3jDbQ7yuK3an/mRwd
fiT2+HYbgaRFJPlS3b9PTYigbtp8CklFheEeoNFR18D/rr296DP2p22C+Vw0hfI4
ljVxe7C8Ymrds50ZgksN1qnnfdwVnc26tSyMxwn6VpW8PHQDrSmiR/PFp2bQedEP
dFFSQZQFzC2iH78Oxps05g/rUa0/yyEv38sGck0DsSFzjGM/sSXuTy048jxLfgxd
kzJKw2cZN/z5p8hgO6TZF54HNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org