Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/2OQj6fK6hjKhpOLA6bVu4JxGlM0.roa
File:                     2OQj6fK6hjKhpOLA6bVu4JxGlM0.roa (raw, json)
Hash identifier:          D6Sg7Xs5Ei1PQFV5WnyoQIt1gbHtnF4o0414CwEgPaA=
Subject key identifier:   D8:E4:23:E9:F2:BA:86:32:A1:A4:E2:C0:E9:B5:6E:E0:9C:46:94:CD
Certificate issuer:       /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial:       018341670C7C7EA6661E089F374D4E67BECC
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/2OQj6fK6hjKhpOLA6bVu4JxGlM0.roa
Signing time:             Thu 15 Sep 2022 13:46:55 +0000
ROA not before:           Thu 15 Sep 2022 13:46:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     150303
IP address blocks:        103.75.69.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:41:67:0c:7c:7e:a6:66:1e:08:9f:37:4d:4e:67:be:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
        Validity
            Not Before: Sep 15 13:46:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d8e423e9f2ba8632a1a4e2c0e9b56ee09c4694cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:83:d8:d1:ca:34:45:e2:d7:e4:9b:41:97:0a:
                    c4:30:e8:d3:c3:86:e8:04:51:85:28:c7:fa:54:77:
                    f6:b1:5e:88:24:a8:7d:c2:2e:58:76:3f:3d:8a:e5:
                    e1:b3:ff:42:47:e7:e3:9d:a7:04:fb:62:1d:e4:75:
                    ca:99:e2:07:c0:7a:dc:5a:30:8c:42:11:16:33:73:
                    e5:c0:86:78:30:6c:31:54:df:ef:2c:94:7b:21:d3:
                    da:5b:20:d7:14:06:73:11:e3:37:82:bf:2d:75:ae:
                    53:9f:45:6a:dd:5e:1f:9c:a7:96:df:4d:c0:70:52:
                    fb:c9:69:6e:92:85:41:1c:df:3d:4a:ed:58:36:5c:
                    53:59:0a:98:d8:1a:9b:5f:6c:15:1f:5c:1e:73:5f:
                    a7:fc:b1:80:c3:e3:b7:78:e6:23:f3:70:d6:77:cd:
                    a0:70:21:4b:48:a0:19:85:4b:3f:67:e3:1b:e4:db:
                    12:ce:fd:cd:73:ea:4a:8d:92:35:35:f9:b9:cb:af:
                    18:fb:3b:cd:ed:02:1e:5b:96:7f:55:fd:6a:b8:84:
                    4d:38:2b:2a:a3:65:05:2f:4c:35:30:51:f8:d1:eb:
                    36:72:ec:23:12:ee:c7:e6:c6:66:b4:56:02:3e:e4:
                    f0:d9:7c:f7:90:9e:1c:b9:35:3e:0a:ed:dd:82:1c:
                    45:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:E4:23:E9:F2:BA:86:32:A1:A4:E2:C0:E9:B5:6E:E0:9C:46:94:CD
            X509v3 Authority Key Identifier:
                keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/2OQj6fK6hjKhpOLA6bVu4JxGlM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.75.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:18:5a:e1:75:9f:8a:39:3a:e4:60:41:5f:f7:82:69:3a:d9:
         90:fc:4f:82:48:5d:9a:49:e0:b3:cd:6c:5c:e8:a4:ba:7f:2d:
         d9:e7:74:74:a2:ff:ee:10:a9:8b:3e:64:23:81:93:30:74:e0:
         b3:9d:c1:ed:d8:5e:c1:7a:19:c9:bb:4c:c0:4a:4e:44:8f:e2:
         ac:ec:28:81:94:dc:fe:fd:90:c7:02:de:df:75:aa:97:f4:66:
         63:bb:93:b3:97:c6:0c:5e:1d:aa:25:02:b7:d4:9c:0a:c0:74:
         e8:0e:22:d3:eb:54:0f:ae:60:36:f2:6d:10:36:b5:27:ea:a1:
         ae:2b:a3:04:62:e5:ef:c5:3e:d4:3b:84:fe:44:40:4b:9a:45:
         5a:2e:cb:92:95:81:b6:a8:9f:d3:5a:8c:72:82:ab:8d:b5:75:
         e2:11:46:d8:79:07:b2:57:28:f1:18:59:52:45:48:5e:a3:7b:
         bf:38:4a:7a:5d:55:ee:a7:ba:aa:65:4e:c2:63:de:81:dc:b7:
         46:4e:64:a5:18:c7:6c:8f:ca:78:b6:53:40:f8:70:bc:84:71:
         a9:fe:de:ae:69:1d:34:2b:8c:6d:39:03:5f:68:69:5d:40:1b:
         13:45:49:bb:b7:a5:5f:49:69:4b:f1:e7:b2:69:3b:1a:36:35:
         87:a6:9e:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNBZwx8fqZmHgifN01OZ77MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjIwOTE1MTM0NjU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU0MjNlOWYyYmE4NjMyYTFhNGUyYzBlOWI1NmVlMDljNDY5NGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIPY0co0ReLX5JtBlwrEMOjTw4bo
BFGFKMf6VHf2sV6IJKh9wi5Ydj89iuXhs/9CR+fjnacE+2Id5HXKmeIHwHrcWjCM
QhEWM3PlwIZ4MGwxVN/vLJR7IdPaWyDXFAZzEeM3gr8tda5Tn0Vq3V4fnKeW303A
cFL7yWlukoVBHN89Su1YNlxTWQqY2BqbX2wVH1wec1+n/LGAw+O3eOYj83DWd82g
cCFLSKAZhUs/Z+Mb5NsSzv3Nc+pKjZI1Nfm5y68Y+zvN7QIeW5Z/Vf1quIRNOCsq
o2UFL0w1MFH40es2cuwjEu7H5sZmtFYCPuTw2Xz3kJ4cuTU+Cu3dghxFpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjkI+nyuoYyoaTiwOm1buCcRpTNMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvMk9RajZmSzZoaktocE9MQTZiVnU0SnhHbE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0tFMA0G
CSqGSIb3DQEBCwUAA4IBAQCKGFrhdZ+KOTrkYEFf94JpOtmQ/E+CSF2aSeCzzWxc
6KS6fy3Z53R0ov/uEKmLPmQjgZMwdOCzncHt2F7BehnJu0zASk5Ej+Ks7CiBlNz+
/ZDHAt7fdaqX9GZju5Ozl8YMXh2qJQK31JwKwHToDiLT61QPrmA28m0QNrUn6qGu
K6MEYuXvxT7UO4T+REBLmkVaLsuSlYG2qJ/TWoxygquNtXXiEUbYeQeyVyjxGFlS
RUheo3u/OEp6XVXup7qqZU7CY96B3LdGTmSlGMdsj8p4tlNA+HC8hHGp/t6uaR00
K4xtOQNfaGldQBsTRUm7t6VfSWlL8eeyaTsaNjWHpp5p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:37 2024 by rpki-client on console-ams.rpki-client.org