Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/0APfhx-3qiiWUW5BbnZ3IBQiMoE.roa
File:                     0APfhx-3qiiWUW5BbnZ3IBQiMoE.roa (raw, json)
Hash identifier:          wuty9jlZwSgPk+7QCDhYPI+8VjELEm51VY6J/OcBTuE=
Subject key identifier:   D0:03:DF:87:1F:B7:AA:28:96:51:6E:41:6E:76:77:20:14:22:32:81
Certificate issuer:       /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial:       018316F0CECFFF0FB22CB74DBC535858BA5A
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/0APfhx-3qiiWUW5BbnZ3IBQiMoE.roa
Signing time:             Wed 07 Sep 2022 07:53:43 +0000
ROA not before:           Wed 07 Sep 2022 07:53:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211696
IP address blocks:        88.218.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:16:f0:ce:cf:ff:0f:b2:2c:b7:4d:bc:53:58:58:ba:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
        Validity
            Not Before: Sep  7 07:53:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d003df871fb7aa2896516e416e76772014223281
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d5:91:d7:6c:8b:37:bd:53:f8:e7:8c:0e:ea:
                    a7:a4:db:4c:4f:44:44:f9:51:a7:cf:7b:61:f0:10:
                    46:b1:59:c4:46:74:cd:8d:15:1d:c9:17:fa:36:01:
                    4a:9a:01:43:62:1d:27:3b:26:45:e9:48:b7:79:ef:
                    29:79:99:f7:76:46:a8:b4:7b:ed:f2:1d:80:c8:9c:
                    7f:00:a8:55:e3:c5:69:c1:1e:69:77:05:85:58:3d:
                    a8:1e:cf:a1:fe:a9:bd:4a:5d:d1:17:e8:a1:9e:cd:
                    2e:37:8c:fa:07:3d:0d:45:7c:11:20:93:08:9f:7f:
                    43:cb:fe:d7:2b:6c:ce:20:df:fa:62:be:66:51:28:
                    05:e6:3c:68:89:9e:af:f8:96:55:ba:79:99:a6:08:
                    22:b3:de:8f:79:11:b6:42:7a:17:f3:a8:11:df:39:
                    82:a4:c1:65:3c:45:fe:e8:bf:9a:64:f2:55:e1:a6:
                    4f:a6:7b:22:ba:46:87:ae:de:a4:92:8c:f3:c1:bc:
                    8f:cb:a9:04:7a:9d:5e:b3:a8:46:9a:1d:ea:89:63:
                    14:c7:55:11:81:4f:02:01:10:f3:fa:7c:66:dd:8f:
                    c5:e6:ab:ec:ff:68:33:49:16:65:83:25:51:41:22:
                    2b:e1:16:0d:5f:2a:e0:16:b6:f6:46:3f:b1:e6:ea:
                    18:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:03:DF:87:1F:B7:AA:28:96:51:6E:41:6E:76:77:20:14:22:32:81
            X509v3 Authority Key Identifier:
                keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/0APfhx-3qiiWUW5BbnZ3IBQiMoE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:ef:0c:e2:e9:4e:ac:27:73:e5:7c:b5:b8:02:b5:39:36:d5:
         67:77:af:61:db:95:3c:9c:1d:b9:85:15:da:6e:9a:a0:43:88:
         9b:e3:4b:14:72:5f:6e:e9:61:5c:fe:47:c2:bb:a8:5b:6d:28:
         84:4a:9e:ca:c8:4b:51:62:fa:bc:8f:62:b3:70:53:6b:e9:00:
         82:15:04:5d:2e:0b:23:03:1c:79:f5:1a:39:7b:70:a8:45:81:
         78:4e:46:bf:6d:d4:24:09:a8:d1:80:96:bc:23:27:d5:49:23:
         f1:b5:3c:a3:f1:bf:4f:e2:18:f5:ac:91:d0:32:c1:3d:58:fd:
         c5:90:a5:ce:17:17:66:a5:47:cd:94:6e:1d:c9:e9:eb:cc:f0:
         53:7b:c0:5b:06:48:6e:f0:5f:dd:d1:57:ae:5f:b2:e9:83:fc:
         4c:74:49:14:1a:6c:2e:1a:e3:86:8d:4a:ee:ed:7d:cd:61:ec:
         6f:66:c6:40:b8:70:1b:fe:26:aa:8f:37:9e:90:e1:50:49:a7:
         0f:57:4c:b2:55:6d:96:b3:1a:0a:a2:3a:2a:5b:06:a0:2d:18:
         2f:96:4e:75:c4:a7:75:4d:cf:ea:06:02:53:9a:3c:d7:90:ef:
         24:fc:31:8d:94:0d:54:c8:b8:17:ec:8a:ae:a3:a1:32:d1:a1:
         e6:34:64:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMW8M7P/w+yLLdNvFNYWLpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjIwOTA3MDc1MzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDAzZGY4NzFmYjdhYTI4OTY1MTZlNDE2ZTc2NzcyMDE0MjIzMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNWR12yLN71T+OeMDuqnpNtMT0RE
+VGnz3th8BBGsVnERnTNjRUdyRf6NgFKmgFDYh0nOyZF6Ui3ee8peZn3dkaotHvt
8h2AyJx/AKhV48VpwR5pdwWFWD2oHs+h/qm9Sl3RF+ihns0uN4z6Bz0NRXwRIJMI
n39Dy/7XK2zOIN/6Yr5mUSgF5jxoiZ6v+JZVunmZpggis96PeRG2QnoX86gR3zmC
pMFlPEX+6L+aZPJV4aZPpnsiukaHrt6kkozzwbyPy6kEep1es6hGmh3qiWMUx1UR
gU8CARDz+nxm3Y/F5qvs/2gzSRZlgyVRQSIr4RYNXyrgFrb2Rj+x5uoYEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNAD34cft6oollFuQW52dyAUIjKBMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvMEFQZmh4LTNxaWlXVVc1QmJuWjNJQlFpTW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNooMA0G
CSqGSIb3DQEBCwUAA4IBAQB87wzi6U6sJ3PlfLW4ArU5NtVnd69h25U8nB25hRXa
bpqgQ4ib40sUcl9u6WFc/kfCu6hbbSiESp7KyEtRYvq8j2KzcFNr6QCCFQRdLgsj
Axx59Ro5e3CoRYF4Tka/bdQkCajRgJa8IyfVSSPxtTyj8b9P4hj1rJHQMsE9WP3F
kKXOFxdmpUfNlG4dyenrzPBTe8BbBkhu8F/d0VeuX7Lpg/xMdEkUGmwuGuOGjUru
7X3NYexvZsZAuHAb/iaqjzeekOFQSacPV0yyVW2WsxoKojoqWwagLRgvlk51xKd1
Tc/qBgJTmjzXkO8k/DGNlA1UyLgX7Iquo6Ey0aHmNGSr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:03 2024 by rpki-client on console-fra.rpki-client.org