Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/pcULA2ly3jC-xBND3G_tN_VYhmo.roa
File:                     pcULA2ly3jC-xBND3G_tN_VYhmo.roa (raw, json)
Hash identifier:          XO4n55S6+Yx3Yp22NuVcCNg0635JBr2qMXH+ASh3xeY=
Subject key identifier:   A5:C5:0B:03:69:72:DE:30:BE:C4:13:43:DC:6F:ED:37:F5:58:86:6A
Certificate issuer:       /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial:       0183FA0717D2930016316F3DEB47FD73A9A0
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/pcULA2ly3jC-xBND3G_tN_VYhmo.roa
Signing time:             Fri 21 Oct 2022 10:11:52 +0000
ROA not before:           Fri 21 Oct 2022 10:11:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34549
IP address blocks:        85.153.48.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:fa:07:17:d2:93:00:16:31:6f:3d:eb:47:fd:73:a9:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
        Validity
            Not Before: Oct 21 10:11:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a5c50b036972de30bec41343dc6fed37f558866a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:eb:45:5f:5d:c4:d3:57:eb:cb:3e:19:76:9d:
                    9c:26:ad:70:14:25:19:17:06:ab:cc:5f:a7:d4:13:
                    b5:48:98:37:29:a6:42:34:fb:5e:be:7c:87:7a:b2:
                    da:1f:ab:47:25:e3:eb:0f:8b:c2:8c:c2:64:5c:86:
                    41:05:69:a2:17:86:cb:e8:8d:f1:0a:1e:37:a1:cf:
                    74:ce:3a:4e:2a:a9:5a:0e:e8:ff:f3:1f:ed:5b:8b:
                    8c:19:bc:2d:2e:75:4f:68:74:e2:48:18:1d:38:c3:
                    d6:4b:bf:9e:b1:fc:20:4b:a7:20:ab:0a:3a:98:26:
                    b6:ef:65:39:b7:54:7a:64:e4:69:bf:72:60:c4:a8:
                    a1:65:05:eb:d9:76:36:80:84:f2:13:4b:a3:af:23:
                    6f:f3:46:c4:6a:f9:61:f3:cc:5f:af:70:de:f4:e0:
                    4f:b0:62:cd:9b:5e:a6:d5:8e:fe:e7:a1:65:95:fa:
                    c0:7c:0b:92:80:24:4c:4f:7c:e6:2f:f7:63:00:ee:
                    f6:e6:f6:2a:18:dc:82:21:50:61:1b:0d:74:17:26:
                    6e:80:91:32:30:7a:26:1c:cc:81:b9:90:d3:30:b7:
                    83:19:6a:d4:0e:8b:52:0b:03:4d:48:29:8f:56:08:
                    4f:b4:ca:3f:d0:3c:0d:d2:9d:9a:1e:0c:ea:f4:eb:
                    ab:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:C5:0B:03:69:72:DE:30:BE:C4:13:43:DC:6F:ED:37:F5:58:86:6A
            X509v3 Authority Key Identifier:
                keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/pcULA2ly3jC-xBND3G_tN_VYhmo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.153.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:e4:a6:76:1a:3e:cd:64:50:56:a0:4a:d6:11:82:8d:a7:5d:
         26:08:33:6f:31:9f:1a:d1:b6:bb:84:47:fe:d3:2c:59:8e:63:
         be:16:35:38:6f:f9:b8:19:4e:9e:a9:59:29:b6:b9:5a:e5:d2:
         a6:a0:f5:79:ac:8a:11:98:03:e7:c3:11:65:2c:fd:5a:af:a7:
         b1:a3:c7:8c:33:f1:31:3b:d5:15:93:19:11:13:e2:0c:eb:e3:
         a0:2c:63:0e:03:cc:78:be:24:0b:c1:e3:9d:cc:6a:f1:d6:39:
         69:eb:44:16:c5:40:70:62:72:1d:09:05:85:e6:19:5d:75:0f:
         76:ce:11:c0:f7:8a:17:4f:1a:76:46:f6:51:b5:7f:39:83:f1:
         98:6c:81:26:c8:89:cd:16:b4:d2:20:41:63:32:a9:08:b6:76:
         5f:60:fd:48:70:ac:54:30:64:b6:7f:9c:e9:ba:bb:fc:a9:05:
         fd:19:e0:b0:09:5c:c1:d2:23:e5:80:5f:f3:9a:ab:6d:fe:b5:
         91:71:c8:b5:fe:b1:1a:7b:ee:22:85:69:16:15:14:bb:b5:9e:
         3c:83:79:93:d8:55:2a:fd:3c:2c:17:9e:a1:33:10:d6:cc:18:
         05:a4:7c:5c:b0:66:c5:06:94:3f:e3:b2:e4:c9:bd:60:0f:af:
         8b:ed:49:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP6BxfSkwAWMW8960f9c6mgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjIxMDIxMTAxMTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWM1MGIwMzY5NzJkZTMwYmVjNDEzNDNkYzZmZWQzN2Y1NTg4NjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhetFX13E01fryz4Zdp2cJq1wFCUZ
FwarzF+n1BO1SJg3KaZCNPtevnyHerLaH6tHJePrD4vCjMJkXIZBBWmiF4bL6I3x
Ch43oc90zjpOKqlaDuj/8x/tW4uMGbwtLnVPaHTiSBgdOMPWS7+esfwgS6cgqwo6
mCa272U5t1R6ZORpv3JgxKihZQXr2XY2gITyE0ujryNv80bEavlh88xfr3De9OBP
sGLNm16m1Y7+56FllfrAfAuSgCRMT3zmL/djAO725vYqGNyCIVBhGw10FyZugJEy
MHomHMyBuZDTMLeDGWrUDotSCwNNSCmPVghPtMo/0DwN0p2aHgzq9OurzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXFCwNpct4wvsQTQ9xv7Tf1WIZqMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvcGNVTEEybHkzakMteEJORDNHX3ROX1ZZaG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVZkwMA0G
CSqGSIb3DQEBCwUAA4IBAQAy5KZ2Gj7NZFBWoErWEYKNp10mCDNvMZ8a0ba7hEf+
0yxZjmO+FjU4b/m4GU6eqVkptrla5dKmoPV5rIoRmAPnwxFlLP1ar6exo8eMM/Ex
O9UVkxkRE+IM6+OgLGMOA8x4viQLweOdzGrx1jlp60QWxUBwYnIdCQWF5hlddQ92
zhHA94oXTxp2RvZRtX85g/GYbIEmyInNFrTSIEFjMqkItnZfYP1IcKxUMGS2f5zp
urv8qQX9GeCwCVzB0iPlgF/zmqtt/rWRcci1/rEae+4ihWkWFRS7tZ48g3mT2FUq
/TwsF56hMxDWzBgFpHxcsGbFBpQ/47Lkyb1gD6+L7Unn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:43 2024 by rpki-client on console-fra.rpki-client.org