Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/5qvI-1NuVtqi9oIZdQxnhT50WsY.roa
File:                     5qvI-1NuVtqi9oIZdQxnhT50WsY.roa (raw, json)
Hash identifier:          D3W/LYpm/5bPMzpLrjZDVttOexC5EwZmSb3T025B3hQ=
Subject key identifier:   E6:AB:C8:FB:53:6E:56:DA:A2:F6:82:19:75:0C:67:85:3E:74:5A:C6
Certificate issuer:       /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial:       09A00C52
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/5qvI-1NuVtqi9oIZdQxnhT50WsY.roa
Signing time:             Sat 01 Jan 2022 01:51:57 +0000
ROA not before:           Sat 01 Jan 2022 01:51:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34549
IP address blocks:        85.153.48.0/22 maxlen: 22
                          85.153.88.0/22 maxlen: 22
                          85.153.104.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 161483858 (0x9a00c52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
        Validity
            Not Before: Jan  1 01:51:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e6abc8fb536e56daa2f68219750c67853e745ac6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f4:54:5f:c2:39:85:b1:17:fc:cc:52:96:6d:
                    1a:14:fc:ea:34:0a:e4:2c:d7:08:c9:e8:41:1b:28:
                    bb:dc:4c:fb:41:8e:a3:dd:c6:dd:ca:ce:3a:54:b6:
                    09:1b:64:08:f8:b1:44:ea:64:48:ff:ac:84:5f:de:
                    17:cc:95:70:a8:c2:c6:18:02:b4:96:e0:d9:e6:c4:
                    ae:3e:88:e7:21:54:8f:d8:c8:f5:10:43:0e:d3:c7:
                    12:ae:b3:d4:f3:a4:cb:fd:ac:0d:c4:f1:06:b7:d8:
                    87:e9:3e:3a:95:18:c3:54:36:cb:49:df:7e:a6:72:
                    a5:fe:60:3b:4d:4d:c1:5d:8a:53:43:46:d8:3a:8e:
                    b2:b4:a9:0b:18:5e:90:10:e3:41:dd:33:a4:3b:5e:
                    39:ff:b9:af:37:c9:96:d2:be:d9:96:58:cb:78:0c:
                    67:bd:c6:64:1f:2b:c7:51:c2:6a:37:16:d4:c7:e1:
                    57:b1:9b:d0:26:b0:b4:c8:e1:58:13:cc:d1:6c:12:
                    e4:e4:4e:4f:55:a7:21:57:6c:e3:5e:0f:60:ca:53:
                    27:29:d7:c1:90:c6:ec:bc:c3:60:e1:4b:1d:12:d4:
                    e7:5c:fd:ef:84:6c:75:4a:75:67:99:e1:1f:17:d7:
                    6f:f9:43:93:51:eb:97:a6:9d:2c:24:d1:bc:1f:ca:
                    b1:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:AB:C8:FB:53:6E:56:DA:A2:F6:82:19:75:0C:67:85:3E:74:5A:C6
            X509v3 Authority Key Identifier:
                keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/5qvI-1NuVtqi9oIZdQxnhT50WsY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.153.48.0/22
                  85.153.88.0/22
                  85.153.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9e:57:6b:97:5b:bf:ca:c3:eb:85:ec:fc:08:bd:4c:1f:cd:c5:
         63:d7:75:9e:48:a8:43:3f:a9:69:6a:93:50:36:16:c5:d2:44:
         6a:d2:46:50:23:18:a3:67:58:f4:08:95:36:5c:f8:cf:e4:ea:
         63:fd:90:05:44:cd:7f:b9:20:15:1e:b3:2b:90:e4:25:b4:e2:
         8e:5e:71:50:5e:1b:f4:2d:06:da:0a:9d:23:cf:fa:20:5e:cd:
         78:91:4f:b5:a1:5c:67:d6:03:69:89:21:83:a7:08:0e:95:b4:
         fe:88:55:e4:d5:e2:74:27:4f:93:bf:d8:30:2c:fe:c0:ab:b4:
         ab:23:39:0b:ed:92:5c:b0:05:21:dd:bd:0a:bf:44:0e:67:7f:
         fd:8e:d3:32:15:59:88:60:7b:09:79:7d:6c:87:54:7d:18:32:
         c6:76:95:2a:43:f2:b3:05:71:e1:03:cd:d4:b7:0b:a1:a0:86:
         d8:53:61:20:25:a8:89:88:8a:df:0f:6c:57:c2:01:a5:0b:3f:
         47:69:b7:b6:43:a9:3e:34:a2:f2:98:c7:04:dd:d2:3e:71:d8:
         18:b0:92:6d:f1:d3:81:08:58:e3:dd:e7:83:c5:33:52:0e:e9:
         c5:40:ef:ee:3d:e8:f8:1e:92:68:68:2d:71:26:77:dd:eb:76:
         e3:81:d5:c1
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECaAMUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MWExODVkMGViMGNhNzgxMWM1ODY0MjVkZTBlOTYwZTFjZmViNjFiMB4XDTIyMDEw
MTAxNTE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTZhYmM4ZmI1MzZl
NTZkYWEyZjY4MjE5NzUwYzY3ODUzZTc0NWFjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALD0VF/COYWxF/zMUpZtGhT86jQK5CzXCMnoQRsou9xM+0GO
o93G3crOOlS2CRtkCPixROpkSP+shF/eF8yVcKjCxhgCtJbg2ebErj6I5yFUj9jI
9RBDDtPHEq6z1POky/2sDcTxBrfYh+k+OpUYw1Q2y0nffqZypf5gO01NwV2KU0NG
2DqOsrSpCxhekBDjQd0zpDteOf+5rzfJltK+2ZZYy3gMZ73GZB8rx1HCajcW1Mfh
V7Gb0CawtMjhWBPM0WwS5OROT1WnIVds414PYMpTJynXwZDG7LzDYOFLHRLU51z9
74RsdUp1Z5nhHxfXb/lDk1Hrl6adLCTRvB/KsQ8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTmq8j7U25W2qL2ghl1DGeFPnRaxjAfBgNVHSMEGDAWgBQxoYXQ6wyngRxY
ZCXeDpYOHP62GzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01hR0YwT3NNcDRFY1dHUWwzZzZXRGh6LXRocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvMDgxYzZlLTFkNjUtNGNjZC05NmY1LTFkY2M4NmMxMWU3NC8x
LzVxdkktMU51VnRxaTlvSVpkUXhuaFQ1MFdzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
MDgxYzZlLTFkNjUtNGNjZC05NmY1LTFkY2M4NmMxMWU3NC8xL01hR0YwT3NNcDRF
Y1dHUWwzZzZXRGh6LXRocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAlWZMAMEAlWZWAMEAlWZaDANBgkq
hkiG9w0BAQsFAAOCAQEAnldrl1u/ysPrhez8CL1MH83FY9d1nkioQz+paWqTUDYW
xdJEatJGUCMYo2dY9AiVNlz4z+TqY/2QBUTNf7kgFR6zK5DkJbTijl5xUF4b9C0G
2gqdI8/6IF7NeJFPtaFcZ9YDaYkhg6cIDpW0/ohV5NXidCdPk7/YMCz+wKu0qyM5
C+2SXLAFId29Cr9EDmd//Y7TMhVZiGB7CXl9bIdUfRgyxnaVKkPyswVx4QPN1LcL
oaCG2FNhICWoiYiK3w9sV8IBpQs/R2m3tkOpPjSi8pjHBN3SPnHYGLCSbfHTgQhY
493ng8UzUg7pxUDv7j3o+B6SaGgtcSZ33et244HVwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:43 2024 by rpki-client on console-fra.rpki-client.org