Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/XhOHZe002jhYHlBrgepeteLg3rc.roa
File:                     XhOHZe002jhYHlBrgepeteLg3rc.roa (raw, json)
Hash identifier:          qnhFin4ZN+kQkjHyiFJAxwEkoJ8v4/ookz7I9rfhfdw=
Subject key identifier:   5E:13:87:65:ED:34:DA:38:58:1E:50:6B:81:EA:5E:B5:E2:E0:DE:B7
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       031AA1EB
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/XhOHZe002jhYHlBrgepeteLg3rc.roa
Signing time:             Fri 27 May 2022 05:54:13 +0000
ROA not before:           Fri 27 May 2022 05:54:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49999
IP address blocks:        62.72.185.0/24 maxlen: 24
                          62.72.184.0/22 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          176.57.52.0/22 maxlen: 24
                          176.57.60.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52077035 (0x31aa1eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: May 27 05:54:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5e138765ed34da38581e506b81ea5eb5e2e0deb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a8:71:64:6c:1a:6f:ba:71:cc:95:0b:9e:37:
                    af:bf:08:25:6f:0b:83:37:fd:8c:c3:91:36:24:4a:
                    de:ea:63:fa:6d:75:cd:20:39:db:bc:cf:04:69:02:
                    89:d2:1c:d9:bf:b7:10:dc:a0:cf:e1:c4:86:30:c8:
                    83:6e:da:79:47:3a:49:bb:93:df:b0:1d:7f:41:cc:
                    93:9b:42:9d:6d:ce:b9:29:08:49:f4:b0:04:a6:25:
                    c5:27:7d:23:8e:9c:d2:4a:dd:cb:be:55:61:5a:29:
                    00:5c:03:0c:1e:1b:1d:e3:25:7d:67:fa:a7:0b:e0:
                    9f:f1:d8:fc:42:20:35:3c:59:27:be:b1:4b:e3:fa:
                    e7:74:09:05:e1:9e:e2:0c:e3:80:b4:38:1a:59:97:
                    e9:02:19:f7:46:b1:4e:1f:55:e0:4d:6b:28:2b:ef:
                    24:56:6b:84:12:df:e2:f8:24:f6:96:9b:99:85:5c:
                    30:21:28:d8:a2:9e:fb:00:b9:20:eb:ef:b0:56:1e:
                    be:da:e7:67:25:3a:b2:fc:5b:b0:69:52:8b:f8:bc:
                    e5:b1:e0:20:bb:47:3f:54:0a:68:33:9d:52:aa:4f:
                    69:e2:13:ed:15:98:77:36:90:9a:b6:0f:7f:f1:b4:
                    35:d7:54:2b:e9:ca:e4:28:2e:94:d0:ed:cf:70:36:
                    48:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:13:87:65:ED:34:DA:38:58:1E:50:6B:81:EA:5E:B5:E2:E0:DE:B7
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/XhOHZe002jhYHlBrgepeteLg3rc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.184.0-62.72.188.255
                  62.72.191.0/24
                  176.57.52.0/22
                  176.57.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:20:e5:b0:64:15:4a:63:2a:f3:32:92:10:32:ae:2e:6f:e6:
         36:c8:4a:f2:c2:e7:58:29:4b:08:55:fd:a5:c3:39:dc:56:1e:
         6b:04:63:1c:48:8e:bc:a3:d5:8f:8d:71:6d:9a:2a:e1:38:5c:
         42:0f:79:d5:cd:d3:e7:2a:bc:b9:a7:61:67:e3:31:2d:ef:39:
         82:bf:72:2a:32:d9:6d:63:82:8c:66:a6:b0:2d:6a:e3:b2:08:
         d5:8d:1c:34:35:45:ab:f9:45:c9:cb:a2:65:9d:e2:ab:9d:9f:
         97:ca:3f:94:c3:33:5e:b7:73:0a:17:c5:4e:50:31:b4:4e:f5:
         13:05:ec:87:0f:ae:64:b0:14:3e:e6:12:2a:fd:2d:bf:9c:17:
         b8:77:27:35:f1:df:5e:a5:64:18:76:a8:80:db:61:db:57:1b:
         64:63:10:12:e7:9b:9b:9d:f7:b0:cb:a2:0c:68:cf:eb:24:13:
         19:95:bd:e0:15:b1:77:7a:8d:44:82:62:8e:7a:b2:fd:32:24:
         5b:ea:73:c2:33:22:b5:d4:88:b7:be:e6:fe:ec:a8:26:94:b5:
         4f:8a:c0:1c:6c:b7:81:b8:9a:cf:e1:09:4b:76:fd:5c:89:58:
         2a:ba:c4:2d:a8:31:30:c6:07:4a:8a:2b:bc:12:6a:c6:21:09:
         b5:b2:37:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEAxqh6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NWYxOTA3NDU0OGQyYTI5NGU0Mzg1ZDk1Y2Q2NzUyNDkwZWU0NmQ3MB4XDTIyMDUy
NzA1NTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWUxMzg3NjVlZDM0
ZGEzODU4MWU1MDZiODFlYTVlYjVlMmUwZGViNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeocWRsGm+6ccyVC543r78IJW8Lgzf9jMORNiRK3upj+m11
zSA527zPBGkCidIc2b+3ENygz+HEhjDIg27aeUc6SbuT37Adf0HMk5tCnW3OuSkI
SfSwBKYlxSd9I46c0krdy75VYVopAFwDDB4bHeMlfWf6pwvgn/HY/EIgNTxZJ76x
S+P653QJBeGe4gzjgLQ4GlmX6QIZ90axTh9V4E1rKCvvJFZrhBLf4vgk9pabmYVc
MCEo2KKe+wC5IOvvsFYevtrnZyU6svxbsGlSi/i85bHgILtHP1QKaDOdUqpPaeIT
7RWYdzaQmrYPf/G0NddUK+nK5CgulNDtz3A2SJ0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBReE4dl7TTaOFgeUGuB6l614uDetzAfBgNVHSMEGDAWgBQV8ZB0VI0qKU5D
hdlc1nUkkO5G1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZmR1FkRlNOS2lsT1E0WFpYTloxSkpEdVJ0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMDA2MjQxLTgwOGQtNGE0OS1iMGNkLTU2MjQ0ZjQzMGRjYy8x
L1hoT0haZTAwMmpoWUhsQnJnZXBldGVMZzNyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MDA2MjQxLTgwOGQtNGE0OS1iMGNkLTU2MjQ0ZjQzMGRjYy8xL0ZmR1FkRlNOS2ls
T1E0WFpYTloxSkpEdVJ0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQDPki4AwQAPki8AwQAPki/AwQC
sDk0AwQCsDk8MA0GCSqGSIb3DQEBCwUAA4IBAQBXIOWwZBVKYyrzMpIQMq4ub+Y2
yErywudYKUsIVf2lwzncVh5rBGMcSI68o9WPjXFtmirhOFxCD3nVzdPnKry5p2Fn
4zEt7zmCv3IqMtltY4KMZqawLWrjsgjVjRw0NUWr+UXJy6JlneKrnZ+Xyj+UwzNe
t3MKF8VOUDG0TvUTBeyHD65ksBQ+5hIq/S2/nBe4dyc18d9epWQYdqiA22HbVxtk
YxAS55ubnfewy6IMaM/rJBMZlb3gFbF3eo1EgmKOerL9MiRb6nPCMyK11Ii3vub+
7KgmlLVPisAcbLeBuJrP4QlLdv1ciVgqusQtqDEwxgdKiiu8EmrGIQm1sjcO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org