Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/5OFmXwHOrr5Qm5meo_hqUTxb_Jc.roa
File:                     5OFmXwHOrr5Qm5meo_hqUTxb_Jc.roa (raw, json)
Hash identifier:          PH9DQILVATO9TwI0mkp6nY8Bm0+ODFUITNFvbW1wmE0=
Subject key identifier:   E4:E1:66:5F:01:CE:AE:BE:50:9B:99:9E:A3:F8:6A:51:3C:5B:FC:97
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018311A737855E6FB53995A1F3F3816A7761
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/5OFmXwHOrr5Qm5meo_hqUTxb_Jc.roa
Signing time:             Tue 06 Sep 2022 07:15:14 +0000
ROA not before:           Tue 06 Sep 2022 07:15:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58212
IP address blocks:        80.71.227.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:11:a7:37:85:5e:6f:b5:39:95:a1:f3:f3:81:6a:77:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Sep  6 07:15:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e4e1665f01ceaebe509b999ea3f86a513c5bfc97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:aa:7b:66:d1:e4:7d:ce:61:65:34:62:5c:6b:
                    ed:e9:7e:c1:5d:6b:f7:4b:6e:82:d4:ce:7b:00:29:
                    5a:20:bb:7b:28:88:fc:b4:13:42:aa:4c:cf:da:ee:
                    21:48:ee:b6:57:f5:77:ae:15:c9:36:ac:8e:a4:73:
                    66:36:58:e2:82:2b:d9:9d:40:ed:02:a2:de:bb:0a:
                    98:5c:0f:6e:a1:a2:8e:e8:6e:9a:fb:7b:1f:45:dc:
                    b6:f8:a8:d5:89:2e:ff:fc:e9:a5:b9:92:79:0a:59:
                    22:98:f3:80:c2:8a:4b:f9:16:7c:e7:10:f1:d9:0f:
                    c2:87:7b:61:78:4e:b0:af:ce:b7:9a:a7:8d:51:65:
                    e5:80:71:c8:5c:85:81:98:fe:c1:2e:4a:96:85:56:
                    36:ef:71:84:c8:82:a0:e4:1b:bc:a9:c0:d7:fb:b3:
                    9e:e7:ec:a4:aa:3f:97:2f:01:40:b8:a2:e6:cc:f6:
                    98:ae:e5:6d:00:c5:61:66:ee:1e:bc:03:a1:18:14:
                    7c:0c:19:1d:c5:ab:8e:15:a8:53:a8:1c:37:a0:4c:
                    d6:29:b6:39:38:79:6a:d5:f3:52:c8:99:cf:31:ca:
                    01:09:49:14:31:74:11:57:42:b7:b0:1e:e2:56:ac:
                    05:19:b0:27:0c:08:b6:05:d3:f2:29:6c:8d:c3:55:
                    8e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:E1:66:5F:01:CE:AE:BE:50:9B:99:9E:A3:F8:6A:51:3C:5B:FC:97
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/5OFmXwHOrr5Qm5meo_hqUTxb_Jc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:01:c4:16:41:03:12:30:50:51:13:ad:55:d9:5a:88:e9:e7:
         89:55:51:4a:0c:b2:0f:be:a6:c1:09:f8:21:94:4b:97:87:30:
         f8:31:7d:03:4b:cb:1f:9c:ba:1d:ec:2c:a6:3a:71:a1:c3:66:
         9c:29:59:01:d4:16:8b:b6:37:05:c3:98:94:5c:3b:14:e9:cf:
         09:c1:50:dd:cc:19:ba:f2:fa:ae:ee:4b:96:c1:59:f3:de:7d:
         e1:0b:15:2b:0d:50:3a:f2:32:f2:a1:ae:7e:88:6d:27:fd:05:
         7d:8f:41:a7:d7:eb:65:4c:62:e4:44:9c:05:66:6d:9a:a1:a0:
         5b:20:15:35:9a:1b:8a:37:43:89:0f:64:b6:37:8f:d2:4c:bc:
         3f:15:dc:b7:36:41:25:22:2c:81:5e:36:6a:ec:c9:8d:9f:30:
         85:c8:86:2b:a2:58:58:7e:8d:85:50:60:4b:e1:dc:a9:74:86:
         59:c7:54:a9:6e:3a:86:ff:96:4b:92:31:13:e3:c2:fb:52:38:
         44:ec:aa:91:e2:b4:4d:05:ca:6d:9c:3b:e3:4a:4a:7a:b8:36:
         eb:f5:9f:24:3a:f5:ed:26:c6:9c:b6:81:49:15:e7:8c:68:80:
         3f:2d:7b:af:97:40:f9:fc:45:42:09:72:66:60:2d:f0:03:2c:
         89:7c:80:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMRpzeFXm+1OZWh8/OBandhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIwOTA2MDcxNTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGUxNjY1ZjAxY2VhZWJlNTA5Yjk5OWVhM2Y4NmE1MTNjNWJmYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqp7ZtHkfc5hZTRiXGvt6X7BXWv3
S26C1M57AClaILt7KIj8tBNCqkzP2u4hSO62V/V3rhXJNqyOpHNmNljigivZnUDt
AqLeuwqYXA9uoaKO6G6a+3sfRdy2+KjViS7//OmluZJ5ClkimPOAwopL+RZ85xDx
2Q/Ch3theE6wr863mqeNUWXlgHHIXIWBmP7BLkqWhVY273GEyIKg5Bu8qcDX+7Oe
5+ykqj+XLwFAuKLmzPaYruVtAMVhZu4evAOhGBR8DBkdxauOFahTqBw3oEzWKbY5
OHlq1fNSyJnPMcoBCUkUMXQRV0K3sB7iVqwFGbAnDAi2BdPyKWyNw1WO/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOThZl8Bzq6+UJuZnqP4alE8W/yXMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvNU9GbVh3SE9ycjVRbTVtZW9faHFVVHhiX0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEfjMA0G
CSqGSIb3DQEBCwUAA4IBAQBRAcQWQQMSMFBRE61V2VqI6eeJVVFKDLIPvqbBCfgh
lEuXhzD4MX0DS8sfnLod7CymOnGhw2acKVkB1BaLtjcFw5iUXDsU6c8JwVDdzBm6
8vqu7kuWwVnz3n3hCxUrDVA68jLyoa5+iG0n/QV9j0Gn1+tlTGLkRJwFZm2aoaBb
IBU1mhuKN0OJD2S2N4/STLw/Fdy3NkElIiyBXjZq7MmNnzCFyIYrolhYfo2FUGBL
4dypdIZZx1SpbjqG/5ZLkjET48L7UjhE7KqR4rRNBcptnDvjSkp6uDbr9Z8kOvXt
JsactoFJFeeMaIA/LXuvl0D5/EVCCXJmYC3wAyyJfIBL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org