Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5LwCcdrlTsZS-Kzh976BRzMnQAg.roa
File:                     5LwCcdrlTsZS-Kzh976BRzMnQAg.roa (raw, json)
Hash identifier:          8fUhfJ5ts2z6KLq6EnIOhSKaI+xMgkQjJPkilYA+A8s=
Subject key identifier:   E4:BC:02:71:DA:E5:4E:C6:52:F8:AC:E1:F7:BE:81:47:33:27:40:08
Certificate issuer:       /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial:       06D239AA
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5LwCcdrlTsZS-Kzh976BRzMnQAg.roa
Signing time:             Sun 10 Apr 2022 02:44:13 +0000
ROA not before:           Sun 10 Apr 2022 02:44:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     23454
IP address blocks:        193.108.92.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114440618 (0x6d239aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
        Validity
            Not Before: Apr 10 02:44:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e4bc0271dae54ec652f8ace1f7be814733274008
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:a6:35:d8:70:ba:63:b5:59:43:f0:2e:d2:19:
                    63:5a:18:c9:a6:c8:6f:e6:1a:1c:b2:c3:c0:6a:ff:
                    48:e2:4e:f6:6a:3b:fb:93:8e:ba:69:34:23:f8:7c:
                    9b:2c:e2:68:cd:55:5b:ca:8d:a4:cf:a8:72:7c:9a:
                    8f:76:e7:9f:f5:ae:ab:29:d1:cd:01:0b:91:44:73:
                    71:75:8a:54:73:bb:71:42:00:4f:3b:ef:9f:03:1c:
                    48:18:68:5b:b3:09:85:70:9c:69:9d:13:d5:b3:ca:
                    41:ea:e5:80:6d:1c:2a:52:9d:39:25:e2:ed:85:b2:
                    53:bd:be:8c:a2:9e:3b:65:15:38:b1:bf:01:70:08:
                    66:d2:08:ea:34:37:3d:76:57:13:ab:d6:27:1e:6c:
                    50:b6:c3:aa:b4:95:a8:56:5f:c0:cf:1f:a9:2d:60:
                    33:ba:a7:c9:00:7b:92:11:e0:63:71:0d:4e:cd:4d:
                    b2:34:23:99:fd:1a:60:e0:e6:a0:5e:b5:a2:80:e8:
                    ee:98:02:04:5d:48:e9:f0:14:f7:23:2d:ea:64:3d:
                    ec:f5:f4:3b:f8:8a:f8:f4:9b:e1:5c:fa:88:5d:55:
                    58:21:38:0e:5b:7f:37:dc:fa:03:6d:5d:34:ea:a3:
                    e3:f5:e0:a8:86:a6:4c:f0:fd:61:0d:70:b2:ea:51:
                    e1:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:BC:02:71:DA:E5:4E:C6:52:F8:AC:E1:F7:BE:81:47:33:27:40:08
            X509v3 Authority Key Identifier:
                keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5LwCcdrlTsZS-Kzh976BRzMnQAg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:32:4f:6e:37:d1:44:c7:34:91:fe:17:af:83:10:9b:ce:bf:
         c5:fd:67:8b:46:5d:80:57:a3:f5:97:78:80:40:5e:00:cc:80:
         7d:56:25:de:59:90:9c:ab:cb:62:e5:b1:5a:7f:78:13:e0:2a:
         90:fa:2d:8c:fe:62:46:86:f5:f3:05:43:e9:b4:fa:ae:a4:47:
         90:60:c2:2b:30:ef:1b:64:1a:f0:d2:6e:d9:4e:91:c7:3a:31:
         59:ab:e0:47:8c:23:0b:79:d0:93:3b:30:48:2f:b5:ad:18:25:
         85:67:93:8a:e9:ab:d7:38:7f:26:31:cc:5b:13:51:32:a4:57:
         f0:d3:82:42:b8:04:4b:3d:07:62:3a:c1:f6:81:a6:93:e7:59:
         50:ed:6a:d4:d0:f2:47:c9:24:e5:ad:29:50:e1:aa:0f:a7:c7:
         94:40:d3:dc:78:f3:96:d0:7e:34:2e:43:5a:cc:56:00:a5:85:
         c4:bf:99:ca:e8:bb:7a:b0:37:6f:52:51:d9:d1:bf:ce:e8:5d:
         bf:c1:43:33:16:f4:70:cc:02:90:ab:1b:6b:e9:db:f5:18:3e:
         6a:73:69:75:cb:09:a4:e0:7f:03:19:68:87:c2:b8:31:c4:48:
         c5:4c:1a:93:cd:8d:59:4c:a9:a6:3d:98:c6:75:04:64:bf:5a:
         45:b7:ac:51
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBtI5qjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YjVmY2JiZWE0ODkzN2E0NDJiYWJkYjMzMDIxMzJjNGJjOWJkNmFhMB4XDTIyMDQx
MDAyNDQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRiYzAyNzFkYWU1
NGVjNjUyZjhhY2UxZjdiZTgxNDczMzI3NDAwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANOmNdhwumO1WUPwLtIZY1oYyabIb+YaHLLDwGr/SOJO9mo7
+5OOumk0I/h8myziaM1VW8qNpM+ocnyaj3bnn/WuqynRzQELkURzcXWKVHO7cUIA
TzvvnwMcSBhoW7MJhXCcaZ0T1bPKQerlgG0cKlKdOSXi7YWyU72+jKKeO2UVOLG/
AXAIZtII6jQ3PXZXE6vWJx5sULbDqrSVqFZfwM8fqS1gM7qnyQB7khHgY3ENTs1N
sjQjmf0aYODmoF61ooDo7pgCBF1I6fAU9yMt6mQ97PX0O/iK+PSb4Vz6iF1VWCE4
Dlt/N9z6A21dNOqj4/XgqIamTPD9YQ1wsupR4b8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTkvAJx2uVOxlL4rOH3voFHMydACDAfBgNVHSMEGDAWgBRrX8u+pIk3pEK6
vbMwITLEvJvWqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ExX0x2cVNKTjZSQ3VyMnpNQ0V5eEx5YjFxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvMDQyMTg4LWRmYjYtNGFkNC05MWE0LTg4ZDFjYWM5ZTRmMS8x
LzVMd0NjZHJsVHNaUy1Lemg5NzZCUnpNblFBZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
MDQyMTg4LWRmYjYtNGFkNC05MWE0LTg4ZDFjYWM5ZTRmMS8xL2ExX0x2cVNKTjZS
Q3VyMnpNQ0V5eEx5YjFxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFsXDANBgkqhkiG9w0BAQsFAAOC
AQEAfTJPbjfRRMc0kf4Xr4MQm86/xf1ni0ZdgFej9Zd4gEBeAMyAfVYl3lmQnKvL
YuWxWn94E+AqkPotjP5iRob18wVD6bT6rqRHkGDCKzDvG2Qa8NJu2U6RxzoxWavg
R4wjC3nQkzswSC+1rRglhWeTiumr1zh/JjHMWxNRMqRX8NOCQrgESz0HYjrB9oGm
k+dZUO1q1NDyR8kk5a0pUOGqD6fHlEDT3HjzltB+NC5DWsxWAKWFxL+Zyui7erA3
b1JR2dG/zuhdv8FDMxb0cMwCkKsba+nb9Rg+anNpdcsJpOB/Axloh8K4McRIxUwa
k82NWUyppj2YxnUEZL9aRbesUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:12 2024 by rpki-client on console-ams.rpki-client.org