Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/ca5e24-6e92-4d3a-9ad5-8935e9079796/1/XV1IGA4Flccwd2UxSH7gJTj6mqw.roa
File:                     XV1IGA4Flccwd2UxSH7gJTj6mqw.roa (raw, json)
Hash identifier:          kZysaT1f3I3SU+Fkp1dBqvplEPhEQhVHA8ZOiyH5FFA=
Subject key identifier:   5D:5D:48:18:0E:05:95:C7:30:77:65:31:48:7E:E0:25:38:FA:9A:AC
Certificate issuer:       /CN=8ada4bf5f190f3998b80c6149a1463270fbbee15
Certificate serial:       0182F3825AFE17157007C607D91BA630842A
Authority key identifier: 8A:DA:4B:F5:F1:90:F3:99:8B:80:C6:14:9A:14:63:27:0F:BB:EE:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itpL9fGQ85mLgMYUmhRjJw-77hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/ca5e24-6e92-4d3a-9ad5-8935e9079796/1/XV1IGA4Flccwd2UxSH7gJTj6mqw.roa
Signing time:             Wed 31 Aug 2022 10:46:22 +0000
ROA not before:           Wed 31 Aug 2022 10:46:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50463
IP address blocks:        5.144.55.0/24 maxlen: 24
                          5.144.57.0/24 maxlen: 24
                          5.144.61.0/24 maxlen: 24
                          5.144.48.0/24 maxlen: 24
                          5.144.48.0/20 maxlen: 20
                          5.144.50.0/24 maxlen: 24
                          2a00:c281:101d::/48 maxlen: 48
                          2a00:c281:1013::/48 maxlen: 48
                          2a00:c280:100::/48 maxlen: 48
                          2a00:c281:3004::/48 maxlen: 48
                          2a00:c281:2004::/48 maxlen: 48
                          2a00:c281:1004::/48 maxlen: 48
                          2a00:c281:4::/48 maxlen: 48
                          2a00:c281:101a::/48 maxlen: 48
                          2a00:c281:4001::/48 maxlen: 48
                          2a00:c281:3001::/48 maxlen: 48
                          2a00:c281:2001::/48 maxlen: 48
                          2a00:c281:1001::/48 maxlen: 48
                          2a00:c281:1::/48 maxlen: 48
                          2a00:c281:101c::/48 maxlen: 48
                          2a00:c281:300d::/48 maxlen: 48
                          2a00:c281:200d::/48 maxlen: 48
                          2a00:c281:100d::/48 maxlen: 48
                          2a00:c281:d::/48 maxlen: 48
                          2a00:c281:3003::/48 maxlen: 48
                          2a00:c281:2003::/48 maxlen: 48
                          2a00:c281:1003::/48 maxlen: 48
                          2a00:c281:3::/48 maxlen: 48
                          2a00:c281:1014::/48 maxlen: 48
                          2a00:c281:300a::/48 maxlen: 48
                          2a00:c281:200a::/48 maxlen: 48
                          2a00:c281:100a::/48 maxlen: 48
                          2a00:c281:a::/48 maxlen: 48
                          2a00:c281:4000::/48 maxlen: 48
                          2a00:c281:1011::/48 maxlen: 48
                          2a00:c281:300c::/48 maxlen: 48
                          2a00:c281:200c::/48 maxlen: 48
                          2a00:c281:100c::/48 maxlen: 48
                          2a00:c281:c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:f3:82:5a:fe:17:15:70:07:c6:07:d9:1b:a6:30:84:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ada4bf5f190f3998b80c6149a1463270fbbee15
        Validity
            Not Before: Aug 31 10:46:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5d5d48180e0595c730776531487ee02538fa9aac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:8e:14:b1:ad:c4:51:b0:6c:38:04:ac:51:ef:
                    3b:35:08:22:c2:c4:5b:09:4e:da:97:d4:39:ca:c6:
                    b4:1c:90:a5:ff:7a:4c:cc:cc:ab:fd:00:37:d9:6f:
                    25:0a:16:56:f4:b6:c5:7a:99:0e:7e:5d:5f:cd:f1:
                    4f:a5:41:bd:88:97:32:04:35:cc:ae:bc:7c:2d:48:
                    81:1e:c0:e8:71:c8:0a:60:53:2d:00:13:79:d2:b9:
                    b6:86:3c:ef:eb:40:63:86:c6:a0:59:d8:26:45:96:
                    5a:4a:1c:53:47:01:71:ff:e6:9c:82:45:20:2a:28:
                    45:64:67:20:75:9f:94:7d:6e:21:cb:6f:83:19:77:
                    af:22:b4:00:1a:3d:e3:49:96:cb:f8:15:26:81:ea:
                    e7:bf:22:7a:77:dd:32:66:a4:fa:f1:2f:4c:d0:ac:
                    a0:7b:77:09:b0:36:60:02:cc:b4:ce:28:48:d4:66:
                    b9:82:71:3e:21:4b:09:8f:d0:6d:a2:84:1d:1c:5f:
                    3d:9e:af:b9:12:14:6e:34:41:fb:f9:65:62:70:49:
                    2c:a4:a6:17:60:98:f9:07:b0:9f:64:30:28:49:de:
                    a8:77:39:1f:33:24:01:cb:d0:51:27:aa:51:df:27:
                    25:85:e5:e1:77:f3:d2:1e:55:69:fb:85:03:0f:d7:
                    33:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:5D:48:18:0E:05:95:C7:30:77:65:31:48:7E:E0:25:38:FA:9A:AC
            X509v3 Authority Key Identifier:
                keyid:8A:DA:4B:F5:F1:90:F3:99:8B:80:C6:14:9A:14:63:27:0F:BB:EE:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itpL9fGQ85mLgMYUmhRjJw-77hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ca5e24-6e92-4d3a-9ad5-8935e9079796/1/XV1IGA4Flccwd2UxSH7gJTj6mqw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ca5e24-6e92-4d3a-9ad5-8935e9079796/1/itpL9fGQ85mLgMYUmhRjJw-77hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.48.0/20
                IPv6:
                  2a00:c280:100::/48
                  2a00:c281:1::/48
                  2a00:c281:3::-2a00:c281:4:ffff:ffff:ffff:ffff:ffff
                  2a00:c281:a::/48
                  2a00:c281:c::/47
                  2a00:c281:1001::/48
                  2a00:c281:1003::-2a00:c281:1004:ffff:ffff:ffff:ffff:ffff
                  2a00:c281:100a::/48
                  2a00:c281:100c::/47
                  2a00:c281:1011::/48
                  2a00:c281:1013::-2a00:c281:1014:ffff:ffff:ffff:ffff:ffff
                  2a00:c281:101a::/48
                  2a00:c281:101c::/47
                  2a00:c281:2001::/48
                  2a00:c281:2003::-2a00:c281:2004:ffff:ffff:ffff:ffff:ffff
                  2a00:c281:200a::/48
                  2a00:c281:200c::/47
                  2a00:c281:3001::/48
                  2a00:c281:3003::-2a00:c281:3004:ffff:ffff:ffff:ffff:ffff
                  2a00:c281:300a::/48
                  2a00:c281:300c::/47
                  2a00:c281:4000::/47

    Signature Algorithm: sha256WithRSAEncryption
         11:9b:a6:2d:db:a0:85:e7:78:2f:30:a9:9a:5b:7b:3a:9a:0e:
         a7:2f:c0:ee:bd:77:2b:ca:8e:96:7b:f5:1c:9d:51:25:bd:ec:
         81:64:5d:f5:ca:d7:75:d4:22:d6:e3:0a:db:15:33:b7:c5:f0:
         24:cb:15:67:bd:fc:70:e4:9e:78:79:74:44:e3:21:39:51:58:
         a4:7c:b0:c6:2c:a8:22:26:3e:4c:aa:d6:cf:e3:b5:6c:3d:1d:
         2a:38:78:05:0c:f4:97:29:82:3b:d9:75:d5:bb:d4:f9:1c:48:
         1e:b3:69:cc:2a:6f:fb:56:2f:d6:8b:71:40:b7:d1:09:15:b9:
         66:e7:af:1c:88:7b:00:6c:b8:58:94:1e:3c:52:97:bd:9d:a9:
         16:54:0c:c3:46:ba:84:94:8d:65:28:2b:62:fd:b9:21:c3:de:
         5b:58:4a:f8:8d:73:cd:be:55:89:d5:c7:08:f9:46:d0:8b:eb:
         15:73:85:8e:2c:a6:55:80:d0:74:ab:6b:d5:eb:70:5a:13:4f:
         b2:e8:ed:8d:f8:99:f5:6e:36:02:c0:7a:8d:36:95:60:fe:2a:
         4a:7c:e6:54:80:59:d6:d2:52:4d:be:5d:7a:2f:db:dd:79:d7:
         81:ac:7f:cd:81:9c:3d:68:42:45:42:a8:31:d1:de:cd:6f:25:
         34:f1:ea:82
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAYLzglr+FxVwB8YH2RumMIQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZGE0YmY1ZjE5MGYzOTk4YjgwYzYxNDlhMTQ2MzI3MGZi
YmVlMTUwHhcNMjIwODMxMTA0NjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDVkNDgxODBlMDU5NWM3MzA3NzY1MzE0ODdlZTAyNTM4ZmE5YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho4Usa3EUbBsOASsUe87NQgiwsRb
CU7al9Q5ysa0HJCl/3pMzMyr/QA32W8lChZW9LbFepkOfl1fzfFPpUG9iJcyBDXM
rrx8LUiBHsDoccgKYFMtABN50rm2hjzv60BjhsagWdgmRZZaShxTRwFx/+acgkUg
KihFZGcgdZ+UfW4hy2+DGXevIrQAGj3jSZbL+BUmgernvyJ6d90yZqT68S9M0Kyg
e3cJsDZgAsy0zihI1Ga5gnE+IUsJj9BtooQdHF89nq+5EhRuNEH7+WVicEkspKYX
YJj5B7CfZDAoSd6odzkfMyQBy9BRJ6pR3yclheXhd/PSHlVp+4UDD9cz1wIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFF1dSBgOBZXHMHdlMUh+4CU4+pqsMB8GA1UdIwQY
MBaAFIraS/XxkPOZi4DGFJoUYycPu+4VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRwTDlmR1E4NW1MZ01ZVW1oUmpKdy03N2hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9jYTVlMjQtNmU5Mi00ZDNhLTlhZDUt
ODkzNWU5MDc5Nzk2LzEvWFYxSUdBNEZsY2N3ZDJVeFNIN2dKVGo2bXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9jYTVlMjQtNmU5Mi00ZDNhLTlhZDUtODkzNWU5MDc5Nzk2
LzEvaXRwTDlmR1E4NW1MZ01ZVW1oUmpKdy03N2hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjAMBAIAATAGAwQE
BZAwMIIBBAQCAAIwgf0DBwAqAMKAAQADBwAqAMKBAAEwEgMHACoAwoEAAwMHACoA
woEABAMHACoAwoEACgMHASoAwoEADAMHACoAwoEQATASAwcAKgDCgRADAwcAKgDC
gRAEAwcAKgDCgRAKAwcBKgDCgRAMAwcAKgDCgRARMBIDBwAqAMKBEBMDBwAqAMKB
EBQDBwAqAMKBEBoDBwEqAMKBEBwDBwAqAMKBIAEwEgMHACoAwoEgAwMHACoAwoEg
BAMHACoAwoEgCgMHASoAwoEgDAMHACoAwoEwATASAwcAKgDCgTADAwcAKgDCgTAE
AwcAKgDCgTAKAwcBKgDCgTAMAwcBKgDCgUAAMA0GCSqGSIb3DQEBCwUAA4IBAQAR
m6Yt26CF53gvMKmaW3s6mg6nL8DuvXcryo6We/UcnVElveyBZF31ytd11CLW4wrb
FTO3xfAkyxVnvfxw5J54eXRE4yE5UVikfLDGLKgiJj5MqtbP47VsPR0qOHgFDPSX
KYI72XXVu9T5HEges2nMKm/7Vi/Wi3FAt9EJFblm568ciHsAbLhYlB48Upe9nakW
VAzDRrqElI1lKCti/bkhw95bWEr4jXPNvlWJ1ccI+UbQi+sVc4WOLKZVgNB0q2vV
63BaE0+y6O2N+Jn1bjYCwHqNNpVg/ipKfOZUgFnW0lJNvl16L9vdedeBrH/NgZw9
aEJFQqgx0d7NbyU08eqC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:14 2024 by rpki-client on console-ams.rpki-client.org