Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/cdSmDbQEzN0i39KVAFvTz93liQ8.roa
File:                     cdSmDbQEzN0i39KVAFvTz93liQ8.roa (raw, json)
Hash identifier:          x4N5AMAUywH7k0g8aAcwJtdgMPs88ke1XeBlAaxk8X8=
Subject key identifier:   71:D4:A6:0D:B4:04:CC:DD:22:DF:D2:95:00:5B:D3:CF:DD:E5:89:0F
Certificate issuer:       /CN=943e3f4856dac2a005c3a52347114dec453934b8
Certificate serial:       0184AE5B05E0A20F3B4197AFDB5F275CDD0B
Authority key identifier: 94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/cdSmDbQEzN0i39KVAFvTz93liQ8.roa
Signing time:             Fri 25 Nov 2022 10:35:11 +0000
ROA not before:           Fri 25 Nov 2022 10:35:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29286
IP address blocks:        62.202.152.0/21 maxlen: 24
                          62.202.168.0/21 maxlen: 24
                          2a02:1215:ffff::/48 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ae:5b:05:e0:a2:0f:3b:41:97:af:db:5f:27:5c:dd:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=943e3f4856dac2a005c3a52347114dec453934b8
        Validity
            Not Before: Nov 25 10:35:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=71d4a60db404ccdd22dfd295005bd3cfdde5890f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:28:96:99:64:62:ac:c7:7a:fa:eb:7c:70:64:
                    e7:81:02:6b:c4:b7:04:3c:17:d5:90:c9:6f:53:96:
                    dc:cc:4d:76:78:3a:3d:9a:a6:b4:90:dd:18:b5:51:
                    a5:e6:ac:b0:ef:3a:3b:25:4f:a2:7b:37:25:56:19:
                    b9:d8:0e:5a:4a:12:d5:76:87:b5:a0:ba:3c:ea:5f:
                    37:06:18:6c:8e:f4:75:7f:a4:25:be:b5:e1:e2:9c:
                    07:41:dd:8c:48:9a:29:43:d5:1c:8d:6c:5b:e8:01:
                    28:1f:b2:ff:d8:65:39:cd:9d:0f:74:ca:5d:d8:00:
                    50:38:7b:c9:b3:a9:7e:b7:2e:43:ff:c4:9d:36:34:
                    ad:d8:49:f6:96:25:c3:83:aa:8d:0e:12:60:10:85:
                    27:a3:e1:e8:54:b1:fe:62:68:56:0f:16:d5:18:bd:
                    a6:7b:5e:2b:76:2b:ff:04:d3:c7:7a:bb:b5:03:59:
                    f6:a6:96:6e:4b:55:ec:de:76:85:18:96:34:c6:33:
                    fd:e1:6a:24:2c:bb:fc:fd:47:9c:40:5c:d0:4c:23:
                    68:f5:13:c9:0d:00:3b:d4:15:ee:a4:70:69:1e:68:
                    94:9d:fe:bb:db:a2:0e:2d:5d:90:e6:ea:d3:00:68:
                    ad:b6:36:75:cf:27:0f:b4:8c:30:7c:70:a0:73:47:
                    cb:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:D4:A6:0D:B4:04:CC:DD:22:DF:D2:95:00:5B:D3:CF:DD:E5:89:0F
            X509v3 Authority Key Identifier:
                keyid:94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/cdSmDbQEzN0i39KVAFvTz93liQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.202.152.0/21
                  62.202.168.0/21
                IPv6:
                  2a02:1215:ffff::/48

    Signature Algorithm: sha256WithRSAEncryption
         87:95:ef:86:a0:8c:91:a3:7e:13:f7:35:9d:aa:b7:7e:b1:a1:
         47:45:5d:07:13:a1:8e:31:74:cf:55:70:b0:3b:c1:1c:ae:19:
         e0:be:bb:38:f6:20:77:da:33:47:2b:26:bc:a6:af:9c:10:64:
         7b:5c:5e:26:2e:e1:61:3f:9d:70:db:4b:47:a1:dc:28:d2:44:
         bf:d3:2e:51:47:93:e2:90:d0:b0:91:39:a5:d5:0d:59:ba:2a:
         c5:9f:1f:56:87:c9:46:fb:a6:08:4f:5f:0e:0c:a6:c9:10:05:
         04:ef:41:41:eb:25:e2:7b:d9:5a:26:56:5d:0f:9a:7f:b6:4e:
         3c:16:32:32:66:a6:b2:53:6e:95:14:51:bc:87:78:ca:6f:e8:
         ce:c6:78:80:62:c9:25:ac:01:89:ec:09:44:c0:48:9b:2b:d3:
         a5:fa:04:d6:30:60:df:c0:50:3f:b9:16:b1:ef:5c:d8:72:49:
         de:cb:06:23:68:8a:cd:34:a4:d7:bd:fa:02:5b:f6:14:58:b0:
         27:94:e9:a5:eb:b7:43:31:e3:7b:e5:2d:dd:a3:c0:66:91:36:
         1b:60:40:2e:a8:58:64:0e:8b:b8:6f:dc:bc:4a:e2:3c:84:98:
         3e:88:ea:b7:95:47:5c:32:d9:52:d7:67:3e:9d:e3:f3:ed:ff:
         34:68:62:ce
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYSuWwXgog87QZev218nXN0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0M2UzZjQ4NTZkYWMyYTAwNWMzYTUyMzQ3MTE0ZGVjNDUz
OTM0YjgwHhcNMjIxMTI1MTAzNTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ0YTYwZGI0MDRjY2RkMjJkZmQyOTUwMDViZDNjZmRkZTU4OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCiWmWRirMd6+ut8cGTngQJrxLcE
PBfVkMlvU5bczE12eDo9mqa0kN0YtVGl5qyw7zo7JU+iezclVhm52A5aShLVdoe1
oLo86l83BhhsjvR1f6QlvrXh4pwHQd2MSJopQ9UcjWxb6AEoH7L/2GU5zZ0PdMpd
2ABQOHvJs6l+ty5D/8SdNjSt2En2liXDg6qNDhJgEIUno+HoVLH+YmhWDxbVGL2m
e14rdiv/BNPHeru1A1n2ppZuS1Xs3naFGJY0xjP94WokLLv8/UecQFzQTCNo9RPJ
DQA71BXupHBpHmiUnf6726IOLV2Q5urTAGittjZ1zycPtIwwfHCgc0fLdQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHHUpg20BMzdIt/SlQBb08/d5YkPMB8GA1UdIwQY
MBaAFJQ+P0hW2sKgBcOlI0cRTexFOTS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYt
MDI1M2QwNGZiOGZmLzEvY2RTbURiUUV6TjBpMzlLVkFGdlR6OTNsaVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYtMDI1M2QwNGZiOGZm
LzEvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDPsqYAwQD
PsqoMA8EAgACMAkDBwAqAhIV//8wDQYJKoZIhvcNAQELBQADggEBAIeV74agjJGj
fhP3NZ2qt36xoUdFXQcToY4xdM9VcLA7wRyuGeC+uzj2IHfaM0crJrymr5wQZHtc
XiYu4WE/nXDbS0eh3CjSRL/TLlFHk+KQ0LCROaXVDVm6KsWfH1aHyUb7pghPXw4M
pskQBQTvQUHrJeJ72VomVl0Pmn+2TjwWMjJmprJTbpUUUbyHeMpv6M7GeIBiySWs
AYnsCUTASJsr06X6BNYwYN/AUD+5FrHvXNhySd7LBiNois00pNe9+gJb9hRYsCeU
6aXrt0Mx43vlLd2jwGaRNhtgQC6oWGQOi7hv3LxK4jyEmD6I6reVR1wy2VLXZz6d
4/Pt/zRoYs4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:32 2024 by rpki-client on console-ams.rpki-client.org