Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/lUQ8rSVPvECEYPw0k8pPJmyy8ns.roa
File:                     lUQ8rSVPvECEYPw0k8pPJmyy8ns.roa (raw, json)
Hash identifier:          OkWZ0uc7Ojey+aJrtEwZXy3j8OuMsRSTGwC8ICSB72U=
Subject key identifier:   95:44:3C:AD:25:4F:BC:40:84:60:FC:34:93:CA:4F:26:6C:B2:F2:7B
Certificate issuer:       /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial:       02096842
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/lUQ8rSVPvECEYPw0k8pPJmyy8ns.roa
Signing time:             Mon 14 Feb 2022 09:53:52 +0000
ROA not before:           Mon 14 Feb 2022 09:53:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     63213
IP address blocks:        31.223.200.0/21 maxlen: 24
                          31.223.192.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34170946 (0x2096842)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
        Validity
            Not Before: Feb 14 09:53:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=95443cad254fbc408460fc3493ca4f266cb2f27b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:44:b2:f5:b4:50:b9:0f:7f:7f:25:b4:80:15:
                    76:58:37:db:9d:0f:97:a6:30:85:d1:95:05:28:1a:
                    c1:02:0d:7a:df:17:3e:13:23:ec:9e:53:e3:b0:f9:
                    3b:6f:b9:77:fa:23:76:a2:2a:49:7a:a4:60:ef:b6:
                    e6:bc:43:df:cd:a1:85:50:e4:c3:56:51:ea:37:bd:
                    c3:3a:8e:63:09:71:4d:fc:c3:35:53:aa:ee:76:4b:
                    1a:5d:27:c7:1d:57:df:f9:bd:b9:e6:88:64:c6:44:
                    8e:63:6c:73:a0:50:1b:bf:98:3e:05:ba:46:cc:fe:
                    68:e1:7b:b7:7a:78:0c:b7:fd:dc:2c:10:02:eb:46:
                    81:ac:c7:8e:89:00:9d:2f:91:0e:f3:21:cf:a3:dc:
                    bc:50:03:df:05:c4:53:fa:b8:b5:8d:22:5d:5c:62:
                    07:14:61:45:2d:3e:d6:df:5d:be:93:34:b0:49:95:
                    c4:9e:8d:27:58:c7:18:ce:45:38:17:9b:4a:12:19:
                    f5:31:ca:c8:ef:aa:6d:bb:07:26:6f:06:24:31:78:
                    68:a7:d5:8e:7f:35:68:d1:74:0d:d8:f8:f3:25:4f:
                    ad:94:0e:ea:86:33:29:31:04:34:ff:8e:5a:e1:3d:
                    a8:a4:84:5e:16:99:a7:df:41:31:b2:d4:69:bf:1c:
                    b5:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:44:3C:AD:25:4F:BC:40:84:60:FC:34:93:CA:4F:26:6C:B2:F2:7B
            X509v3 Authority Key Identifier:
                keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/lUQ8rSVPvECEYPw0k8pPJmyy8ns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.223.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         50:ba:70:09:32:e8:ff:e6:73:08:3f:71:7b:89:5f:56:f1:b2:
         c0:b6:24:62:0b:2c:97:f3:eb:ba:b9:b7:b5:5c:ad:af:1d:8d:
         99:15:54:e7:b2:e5:b5:1b:71:76:89:8b:b0:6d:b9:e4:4c:9f:
         a9:a7:29:18:15:0c:4f:8b:b7:06:32:4a:b1:29:20:47:73:3e:
         9b:ba:cd:2c:5b:1b:e5:75:bb:64:99:0e:92:09:bd:2c:37:76:
         9f:47:48:be:84:0d:38:6c:69:ea:57:69:d0:ea:a2:58:07:1a:
         98:da:aa:cb:92:60:8a:24:ed:f5:7e:c3:f7:45:a6:04:7a:48:
         7b:6a:67:41:22:ac:8f:4d:88:c4:61:30:73:2a:65:e9:3b:a1:
         32:8b:4c:4a:32:2c:28:28:8b:a1:65:17:03:25:87:22:47:75:
         81:75:f7:4e:d4:d1:c6:46:90:41:05:b1:1e:30:ec:93:fd:5a:
         3d:73:cd:9a:65:89:59:7c:3f:7d:27:06:b5:9d:be:17:65:d9:
         95:ea:40:14:0d:65:39:11:8d:86:94:39:77:5a:99:4e:0d:c2:
         7c:1a:e6:a5:87:09:40:ed:73:71:28:2b:37:dd:6d:b9:04:37:
         a9:ae:fb:88:45:20:6c:9a:dd:ee:28:8f:9d:6c:b1:2b:26:44:
         9a:21:52:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAgloQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzI1Mzc2MDFhMzE2OTc0MDQ5MjJkOTU3ZTc0NDUwZjVhOWNiZTczMB4XDTIyMDIx
NDA5NTM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU0NDNjYWQyNTRm
YmM0MDg0NjBmYzM0OTNjYTRmMjY2Y2IyZjI3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMlEsvW0ULkPf38ltIAVdlg3250Pl6YwhdGVBSgawQINet8X
PhMj7J5T47D5O2+5d/ojdqIqSXqkYO+25rxD382hhVDkw1ZR6je9wzqOYwlxTfzD
NVOq7nZLGl0nxx1X3/m9ueaIZMZEjmNsc6BQG7+YPgW6Rsz+aOF7t3p4DLf93CwQ
AutGgazHjokAnS+RDvMhz6PcvFAD3wXEU/q4tY0iXVxiBxRhRS0+1t9dvpM0sEmV
xJ6NJ1jHGM5FOBebShIZ9THKyO+qbbsHJm8GJDF4aKfVjn81aNF0Ddj48yVPrZQO
6oYzKTEENP+OWuE9qKSEXhaZp99BMbLUab8ctaMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSVRDytJU+8QIRg/DSTyk8mbLLyezAfBgNVHSMEGDAWgBQXJTdgGjFpdASS
LZV+dEUPWpy+czAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z5VTNZQm94YVhRRWtpMlZmblJGRDFxY3ZuTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMjE5Y2FlLTI2NGQtNDZhNy05ZTY0LWU2MDRiNjFiZTBlYS8x
L2xVUThyU1ZQdkVDRVlQdzBrOHBQSm15eThucy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
MjE5Y2FlLTI2NGQtNDZhNy05ZTY0LWU2MDRiNjFiZTBlYS8xL0Z5VTNZQm94YVhR
RWtpMlZmblJGRDFxY3ZuTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBB/fwDANBgkqhkiG9w0BAQsFAAOC
AQEAULpwCTLo/+ZzCD9xe4lfVvGywLYkYgssl/Prurm3tVytrx2NmRVU57LltRtx
domLsG255EyfqacpGBUMT4u3BjJKsSkgR3M+m7rNLFsb5XW7ZJkOkgm9LDd2n0dI
voQNOGxp6ldp0OqiWAcamNqqy5JgiiTt9X7D90WmBHpIe2pnQSKsj02IxGEwcypl
6TuhMotMSjIsKCiLoWUXAyWHIkd1gXX3TtTRxkaQQQWxHjDsk/1aPXPNmmWJWXw/
fScGtZ2+F2XZlepAFA1lORGNhpQ5d1qZTg3CfBrmpYcJQO1zcSgrN91tuQQ3qa77
iEUgbJrd7iiPnWyxKyZEmiFSwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:32 2024 by rpki-client on console-ams.rpki-client.org