Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a28b5c-88d7-4ad4-9e1d-8ac17e9c40db/1/pd2wpZv93rr4hUAk5O_FHsQNOQM.roa
File:                     pd2wpZv93rr4hUAk5O_FHsQNOQM.roa (raw, json)
Hash identifier:          5psMqqrjNVqQwRPjsL582VJu/ZSmRk4O+D9VqXxWC4Q=
Subject key identifier:   A5:DD:B0:A5:9B:FD:DE:BA:F8:85:40:24:E4:EF:C5:1E:C4:0D:39:03
Certificate issuer:       /CN=5070dc5204decf7abea5070d75fa058c8ac013d5
Certificate serial:       03C755C4
Authority key identifier: 50:70:DC:52:04:DE:CF:7A:BE:A5:07:0D:75:FA:05:8C:8A:C0:13:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UHDcUgTez3q-pQcNdfoFjIrAE9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/a28b5c-88d7-4ad4-9e1d-8ac17e9c40db/1/pd2wpZv93rr4hUAk5O_FHsQNOQM.roa
Signing time:             Sat 01 Jan 2022 14:06:46 +0000
ROA not before:           Sat 01 Jan 2022 14:06:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34984
IP address blocks:        94.142.131.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63395268 (0x3c755c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5070dc5204decf7abea5070d75fa058c8ac013d5
        Validity
            Not Before: Jan  1 14:06:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a5ddb0a59bfddebaf8854024e4efc51ec40d3903
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:df:05:d1:77:17:fa:14:a9:93:9a:97:4d:44:
                    e2:90:8f:f8:2b:8a:30:ad:61:cb:5f:8f:eb:c9:28:
                    dc:8b:d4:d4:16:fc:2a:b8:ac:6e:8c:02:31:3b:ad:
                    1b:bd:8a:19:4c:bf:a2:0a:e0:4e:82:81:78:e5:a6:
                    e9:60:f3:78:4f:59:70:39:10:dc:a0:16:05:06:d3:
                    a4:b9:bb:94:ff:e4:d1:94:30:20:e1:5b:f6:d1:f0:
                    16:e9:9a:1b:e0:d4:a5:44:74:2b:45:18:8a:c6:05:
                    b7:fa:85:6a:32:9a:95:ed:5a:51:00:cd:ea:72:0e:
                    64:2c:ff:24:93:b5:4a:7c:8d:8f:fe:a5:27:bd:ec:
                    6f:6c:17:3d:4d:05:45:81:58:e2:eb:36:07:05:57:
                    df:ae:4a:9b:ea:d5:14:9c:d9:f2:d4:e0:fa:ae:c3:
                    76:98:15:2e:8b:f9:5c:a4:aa:06:81:80:34:6b:8e:
                    8f:82:5f:0e:ee:1b:03:2b:e6:60:0b:5a:67:d5:55:
                    f5:dd:09:e8:61:2f:b1:66:c0:9a:29:81:89:22:66:
                    a1:e5:8d:d1:47:f3:8a:0f:38:01:fb:9f:7a:58:a7:
                    95:be:f7:ac:cb:ae:b0:f0:66:6b:c8:20:78:ef:02:
                    79:bb:0c:9c:3a:39:8d:f2:64:54:41:3d:86:7f:ad:
                    39:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:DD:B0:A5:9B:FD:DE:BA:F8:85:40:24:E4:EF:C5:1E:C4:0D:39:03
            X509v3 Authority Key Identifier:
                keyid:50:70:DC:52:04:DE:CF:7A:BE:A5:07:0D:75:FA:05:8C:8A:C0:13:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHDcUgTez3q-pQcNdfoFjIrAE9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a28b5c-88d7-4ad4-9e1d-8ac17e9c40db/1/pd2wpZv93rr4hUAk5O_FHsQNOQM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a28b5c-88d7-4ad4-9e1d-8ac17e9c40db/1/UHDcUgTez3q-pQcNdfoFjIrAE9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.142.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:12:d1:79:32:ff:c2:33:2d:cb:d9:68:bf:79:82:5c:b6:ed:
         6a:50:46:72:3f:f8:6c:58:d7:b0:13:ce:9c:9c:fc:68:6b:1e:
         c9:6d:e1:8c:17:4d:d4:90:55:f3:39:2d:3e:f8:1e:78:fe:09:
         df:c7:a0:f9:bb:3c:38:96:2c:8b:03:62:0e:21:0d:77:15:10:
         30:a7:89:7b:c3:35:a6:f1:34:b3:38:2d:0f:b9:28:f4:d6:36:
         a0:1e:b0:7c:d1:a5:7e:b2:4c:8a:88:cf:c5:28:af:b1:2e:66:
         90:29:e3:be:a2:a1:16:ef:47:1a:04:c7:72:23:b0:aa:9e:76:
         83:ff:91:88:29:8c:2a:50:a2:f4:ce:cd:9d:78:0e:b7:68:83:
         66:c3:5c:44:98:67:06:c0:09:4f:59:48:3a:3a:4c:99:a8:fe:
         f2:e4:a5:b9:cc:10:f3:3e:9a:64:29:48:bb:7c:c9:f9:16:a3:
         69:30:91:e4:93:e7:7a:b9:e2:aa:36:21:ff:83:3a:85:da:f0:
         66:7e:a2:b4:40:11:f6:1b:ef:45:1d:73:76:0f:23:8b:da:fc:
         14:ad:c4:e5:0b:0f:9d:45:31:54:ac:f0:e2:2c:13:19:10:be:
         33:40:a0:0b:93:86:ec:41:d6:97:5d:a6:f9:d9:e0:84:5b:bc:
         fd:94:32:1c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8dVxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MDcwZGM1MjA0ZGVjZjdhYmVhNTA3MGQ3NWZhMDU4YzhhYzAxM2Q1MB4XDTIyMDEw
MTE0MDY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVkZGIwYTU5YmZk
ZGViYWY4ODU0MDI0ZTRlZmM1MWVjNDBkMzkwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHfBdF3F/oUqZOal01E4pCP+CuKMK1hy1+P68ko3IvU1Bb8
KrisbowCMTutG72KGUy/ogrgToKBeOWm6WDzeE9ZcDkQ3KAWBQbTpLm7lP/k0ZQw
IOFb9tHwFumaG+DUpUR0K0UYisYFt/qFajKale1aUQDN6nIOZCz/JJO1SnyNj/6l
J73sb2wXPU0FRYFY4us2BwVX365Km+rVFJzZ8tTg+q7DdpgVLov5XKSqBoGANGuO
j4JfDu4bAyvmYAtaZ9VV9d0J6GEvsWbAmimBiSJmoeWN0Ufzig84Afufelinlb73
rMuusPBma8ggeO8CebsMnDo5jfJkVEE9hn+tOUkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSl3bClm/3euviFQCTk78UexA05AzAfBgNVHSMEGDAWgBRQcNxSBN7Per6l
Bw11+gWMisAT1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VIRGNVZ1RlejNxLXBRY05kZm9GaklyQUU5VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvYTI4YjVjLTg4ZDctNGFkNC05ZTFkLThhYzE3ZTljNDBkYi8x
L3BkMndwWnY5M3JyNGhVQWs1T19GSHNRTk9RTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
YTI4YjVjLTg4ZDctNGFkNC05ZTFkLThhYzE3ZTljNDBkYi8xL1VIRGNVZ1RlejNx
LXBRY05kZm9GaklyQUU5VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF6OgzANBgkqhkiG9w0BAQsFAAOC
AQEAIRLReTL/wjMty9lov3mCXLbtalBGcj/4bFjXsBPOnJz8aGseyW3hjBdN1JBV
8zktPvgeeP4J38eg+bs8OJYsiwNiDiENdxUQMKeJe8M1pvE0szgtD7ko9NY2oB6w
fNGlfrJMiojPxSivsS5mkCnjvqKhFu9HGgTHciOwqp52g/+RiCmMKlCi9M7NnXgO
t2iDZsNcRJhnBsAJT1lIOjpMmaj+8uSlucwQ8z6aZClIu3zJ+RajaTCR5JPnerni
qjYh/4M6hdrwZn6itEAR9hvvRR1zdg8ji9r8FK3E5QsPnUUxVKzw4iwTGRC+M0Cg
C5OG7EHWl12m+dnghFu8/ZQyHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:47 2024 by rpki-client on console-ams.rpki-client.org