Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/mKW3sh9SyKcKJSJRUGubZZ6Y2uk.roa
File:                     mKW3sh9SyKcKJSJRUGubZZ6Y2uk.roa (raw, json)
Hash identifier:          UcnqiE3mL0+FsQ5eNiMh2jG6SS0BJIXIa7ilz9/vjGk=
Subject key identifier:   98:A5:B7:B2:1F:52:C8:A7:0A:25:22:51:50:6B:9B:65:9E:98:DA:E9
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       01838388DCC0485632C58099F2F34CA74216
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/mKW3sh9SyKcKJSJRUGubZZ6Y2uk.roa
Signing time:             Wed 28 Sep 2022 09:58:48 +0000
ROA not before:           Wed 28 Sep 2022 09:58:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13886
IP address blocks:        104.238.26.0/24 maxlen: 24
                          45.150.32.0/22 maxlen: 22
                          104.222.188.0/24 maxlen: 24
                          206.124.104.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:83:88:dc:c0:48:56:32:c5:80:99:f2:f3:4c:a7:42:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Sep 28 09:58:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=98a5b7b21f52c8a70a252251506b9b659e98dae9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:d7:bc:61:53:0d:77:e6:ab:fa:45:ef:6b:70:
                    52:f0:84:e1:6e:d2:b4:27:9b:b1:1b:7d:f7:7b:85:
                    50:6b:d7:b5:c1:04:66:c8:50:73:8d:75:f9:06:85:
                    61:42:fb:db:cc:63:90:58:32:ae:27:91:ac:35:ae:
                    5f:c8:5e:cd:76:53:24:d8:ef:b1:b5:bc:76:86:47:
                    f6:5e:44:5b:7d:90:75:3d:c9:f8:63:ee:98:c4:1d:
                    43:df:87:a6:a0:8f:2c:16:13:14:53:fd:3e:24:57:
                    8b:f6:20:f4:f4:c8:76:bc:6d:72:15:ab:d9:a1:5f:
                    f2:80:d9:3d:48:07:f1:55:57:ae:98:08:4a:6a:4c:
                    35:25:6b:8e:8f:de:b6:fa:7c:e1:a7:cc:f9:79:74:
                    6f:c2:c5:fe:81:fd:1a:ca:66:0a:6f:7a:cd:46:00:
                    ae:37:2c:3f:85:b1:1d:4f:bc:11:ba:cf:fd:5d:df:
                    24:2a:ee:d8:98:79:c4:bb:bf:d9:87:33:c8:8a:23:
                    f0:df:ae:c4:7f:0a:cc:66:23:33:38:24:c6:ea:04:
                    e0:95:b0:bc:d8:5d:88:53:c1:dd:19:c7:cc:b0:f5:
                    fd:ce:8c:3b:db:f5:f7:a1:f3:77:60:9a:62:a6:4c:
                    79:c9:8d:94:1a:cd:98:35:02:ee:f3:ce:c8:a0:9a:
                    0e:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:A5:B7:B2:1F:52:C8:A7:0A:25:22:51:50:6B:9B:65:9E:98:DA:E9
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/mKW3sh9SyKcKJSJRUGubZZ6Y2uk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.32.0/22
                  104.222.188.0/24
                  104.238.26.0/24
                  206.124.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1f:35:43:5a:dd:8c:60:b6:6b:98:80:55:85:36:82:85:4a:60:
         b4:a0:d6:93:b1:4a:4a:b0:c8:49:1a:f4:d0:2a:15:fc:41:ce:
         f0:9a:80:f9:04:3c:42:9f:f9:3e:f3:2a:c0:a9:89:41:89:7e:
         6e:a8:d6:67:a6:43:49:5a:d8:06:8c:85:6c:60:9e:42:d0:b5:
         f3:b1:70:ea:64:3b:4b:81:82:b9:47:bc:ca:85:7f:cb:f6:d4:
         46:0f:b7:85:ee:74:b6:ec:8a:d9:aa:7a:cd:a6:66:49:c6:d5:
         ee:4c:41:09:4b:dd:aa:37:34:6e:a4:d9:f0:be:20:e4:4f:65:
         4a:2e:a0:37:fe:32:62:7a:d9:f6:56:8f:40:81:91:79:55:38:
         6e:c6:2b:cc:ac:a3:5b:19:0e:73:ad:33:9b:b5:9b:01:79:2e:
         90:ab:7c:00:21:37:48:b5:a0:f5:63:3f:0f:71:d8:3f:1a:1e:
         94:8c:9e:26:8f:78:80:43:3c:91:5a:d4:66:d6:8f:9f:bc:2d:
         98:ed:cc:93:e7:8b:cd:1f:2c:09:24:d7:3b:aa:bd:e5:57:91:
         a6:43:de:89:6a:72:66:71:7b:1f:6b:8a:39:23:70:fd:2e:d0:
         51:8c:32:e0:95:45:4a:4d:6a:61:28:29:11:0e:bb:fd:45:29:
         01:17:b0:a8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYODiNzASFYyxYCZ8vNMp0IWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIwOTI4MDk1ODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE1YjdiMjFmNTJjOGE3MGEyNTIyNTE1MDZiOWI2NTllOThkYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9e8YVMNd+ar+kXva3BS8IThbtK0
J5uxG333e4VQa9e1wQRmyFBzjXX5BoVhQvvbzGOQWDKuJ5GsNa5fyF7NdlMk2O+x
tbx2hkf2XkRbfZB1Pcn4Y+6YxB1D34emoI8sFhMUU/0+JFeL9iD09Mh2vG1yFavZ
oV/ygNk9SAfxVVeumAhKakw1JWuOj962+nzhp8z5eXRvwsX+gf0aymYKb3rNRgCu
Nyw/hbEdT7wRus/9Xd8kKu7YmHnEu7/ZhzPIiiPw367EfwrMZiMzOCTG6gTglbC8
2F2IU8HdGcfMsPX9zow72/X3ofN3YJpipkx5yY2UGs2YNQLu887IoJoO5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJilt7IfUsinCiUiUVBrm2WemNrpMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvbUtXM3NoOVN5S2NLSlNKUlVHdWJaWjZZMnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLZYgAwQA
aN68AwQAaO4aAwQDznxoMA0GCSqGSIb3DQEBCwUAA4IBAQAfNUNa3YxgtmuYgFWF
NoKFSmC0oNaTsUpKsMhJGvTQKhX8Qc7wmoD5BDxCn/k+8yrAqYlBiX5uqNZnpkNJ
WtgGjIVsYJ5C0LXzsXDqZDtLgYK5R7zKhX/L9tRGD7eF7nS27IrZqnrNpmZJxtXu
TEEJS92qNzRupNnwviDkT2VKLqA3/jJietn2Vo9AgZF5VThuxivMrKNbGQ5zrTOb
tZsBeS6Qq3wAITdItaD1Yz8Pcdg/Gh6UjJ4mj3iAQzyRWtRm1o+fvC2Y7cyT54vN
HywJJNc7qr3lV5GmQ96JanJmcXsfa4o5I3D9LtBRjDLglUVKTWphKCkRDrv9RSkB
F7Co
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org