Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/EzsbNSRCQSsLJepT4z8nSyNecCY.roa
File:                     EzsbNSRCQSsLJepT4z8nSyNecCY.roa (raw, json)
Hash identifier:          0AabnxDN4ITPJRI4zybGrPVWZiwKXlXCUX5/++hylmo=
Subject key identifier:   13:3B:1B:35:24:42:41:2B:0B:25:EA:53:E3:3F:27:4B:23:5E:70:26
Certificate issuer:       /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial:       018270E663F6BCDA392F269E9E1553C8D7ED
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/EzsbNSRCQSsLJepT4z8nSyNecCY.roa
Signing time:             Sat 06 Aug 2022 02:05:23 +0000
ROA not before:           Sat 06 Aug 2022 02:05:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        31.223.200.0/21 maxlen: 24
                          31.223.192.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:70:e6:63:f6:bc:da:39:2f:26:9e:9e:15:53:c8:d7:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
        Validity
            Not Before: Aug  6 02:05:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=133b1b352442412b0b25ea53e33f274b235e7026
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:98:7e:37:25:d0:4e:71:99:d2:60:d7:f1:65:
                    b5:c0:2d:a0:fb:68:ca:82:17:c9:10:d3:20:77:ae:
                    36:2a:63:41:ef:1a:e9:44:fb:02:5b:71:b6:32:4a:
                    73:1c:fd:b5:5e:67:9e:45:6a:18:41:00:54:52:39:
                    a0:7d:de:13:66:14:ca:7f:34:81:10:a8:92:28:2b:
                    5e:0e:37:8c:79:16:c8:fe:56:f5:56:1f:d1:45:d0:
                    d6:33:5e:74:7f:fb:e1:7e:fe:b7:1c:25:ad:00:4c:
                    3f:40:76:25:a7:85:5b:63:27:90:87:67:df:33:2d:
                    be:9a:9c:06:e5:56:bd:50:10:82:72:83:de:59:e5:
                    91:91:4e:b2:d5:e4:6b:dc:c6:f1:20:b8:d8:ef:af:
                    60:31:7b:75:85:a5:3d:df:81:02:9c:ee:c5:b2:e4:
                    12:35:84:06:e5:d7:fb:25:64:75:0a:76:f9:11:9b:
                    cf:16:1f:24:45:84:bd:5c:37:70:a6:86:28:0f:ee:
                    dc:c4:ab:9b:48:b4:75:34:48:6c:2f:88:92:d0:56:
                    06:ee:11:ba:a6:b3:5f:bb:d4:61:1c:93:19:37:8a:
                    e9:9a:ac:37:f9:cc:f0:01:78:16:7e:45:4e:e5:be:
                    1d:52:a0:0a:45:ef:72:52:a8:86:65:7e:b2:c3:f8:
                    92:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:3B:1B:35:24:42:41:2B:0B:25:EA:53:E3:3F:27:4B:23:5E:70:26
            X509v3 Authority Key Identifier:
                keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/EzsbNSRCQSsLJepT4z8nSyNecCY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.223.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         73:46:4c:7b:21:6b:b7:07:ed:8b:f8:3b:20:fc:47:b4:3d:05:
         4f:cb:10:84:50:52:47:be:50:f8:b5:51:4e:68:43:69:4c:56:
         fa:87:3c:38:01:21:0a:60:43:2f:45:58:c2:c7:48:fe:a0:aa:
         df:c3:d0:1c:81:57:76:b4:f8:28:95:6a:ff:18:d8:e1:9f:ca:
         5d:93:75:72:85:66:a1:59:01:2b:b6:c4:2d:f6:1c:3a:a1:8b:
         8f:ec:76:8a:95:af:5b:c2:9f:11:00:8e:de:0c:46:47:8f:77:
         fc:ce:89:97:32:62:f1:fa:60:f0:ce:5d:f4:45:8f:98:2e:76:
         3a:54:07:b6:ee:49:92:9b:2f:e1:ec:63:b5:80:1e:ba:77:4a:
         b9:8a:7c:07:be:f6:64:46:f6:a0:52:92:6f:e1:b0:3f:7c:12:
         80:71:cc:a6:45:8b:05:d9:73:c7:cd:0f:0d:84:40:ed:9b:df:
         dd:83:70:1a:0c:d6:fe:c1:39:bd:6b:08:a7:f3:0a:15:98:b0:
         db:b9:21:6c:5f:fe:d8:36:15:e4:9b:26:81:5d:18:6a:09:b6:
         ea:f9:13:4f:f5:76:37:90:8b:73:c0:81:4a:8b:3f:3a:9a:6d:
         49:2c:7f:63:21:d5:f6:25:1e:29:3a:2e:85:cd:2c:fa:76:4a:
         d2:29:1a:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJw5mP2vNo5LyaenhVTyNftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjIwODA2MDIwNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzNiMWIzNTI0NDI0MTJiMGIyNWVhNTNlMzNmMjc0YjIzNWU3MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJh+NyXQTnGZ0mDX8WW1wC2g+2jK
ghfJENMgd642KmNB7xrpRPsCW3G2MkpzHP21XmeeRWoYQQBUUjmgfd4TZhTKfzSB
EKiSKCteDjeMeRbI/lb1Vh/RRdDWM150f/vhfv63HCWtAEw/QHYlp4VbYyeQh2ff
My2+mpwG5Va9UBCCcoPeWeWRkU6y1eRr3MbxILjY769gMXt1haU934ECnO7FsuQS
NYQG5df7JWR1Cnb5EZvPFh8kRYS9XDdwpoYoD+7cxKubSLR1NEhsL4iS0FYG7hG6
prNfu9RhHJMZN4rpmqw3+czwAXgWfkVO5b4dUqAKRe9yUqiGZX6yw/iSbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBM7GzUkQkErCyXqU+M/J0sjXnAmMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvRXpzYk5TUkNRU3NMSmVwVDR6OG5TeU5lY0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH9/AMA0G
CSqGSIb3DQEBCwUAA4IBAQBzRkx7IWu3B+2L+Dsg/Ee0PQVPyxCEUFJHvlD4tVFO
aENpTFb6hzw4ASEKYEMvRVjCx0j+oKrfw9AcgVd2tPgolWr/GNjhn8pdk3VyhWah
WQErtsQt9hw6oYuP7HaKla9bwp8RAI7eDEZHj3f8zomXMmLx+mDwzl30RY+YLnY6
VAe27kmSmy/h7GO1gB66d0q5inwHvvZkRvagUpJv4bA/fBKAccymRYsF2XPHzQ8N
hEDtm9/dg3AaDNb+wTm9awin8woVmLDbuSFsX/7YNhXkmyaBXRhqCbbq+RNP9XY3
kItzwIFKiz86mm1JLH9jIdX2JR4pOi6FzSz6dkrSKRr7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:32 2024 by rpki-client on console-ams.rpki-client.org