Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/5b9Y0U6tMrqBsqhbGf_04lToJ1w.roa
File:                     5b9Y0U6tMrqBsqhbGf_04lToJ1w.roa (raw, json)
Hash identifier:          LUnWwnnHg2P7FlRWpTd+elYFESjXe155G+cpc1eD+Rs=
Subject key identifier:   E5:BF:58:D1:4E:AD:32:BA:81:B2:A8:5B:19:FF:F4:E2:54:E8:27:5C
Certificate issuer:       /CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
Certificate serial:       0184C2F3FC3D04B8D89B34DB7602C2AF6E06
Authority key identifier: DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/5b9Y0U6tMrqBsqhbGf_04lToJ1w.roa
Signing time:             Tue 29 Nov 2022 10:34:40 +0000
ROA not before:           Tue 29 Nov 2022 10:34:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        185.248.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c2:f3:fc:3d:04:b8:d8:9b:34:db:76:02:c2:af:6e:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
        Validity
            Not Before: Nov 29 10:34:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e5bf58d14ead32ba81b2a85b19fff4e254e8275c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:1f:a4:d6:a9:09:ce:d5:7c:7e:4d:ce:04:e6:
                    86:58:fc:63:2e:a2:c3:ac:ca:69:5d:b8:b3:88:ed:
                    62:64:34:4d:1e:0d:3d:41:ac:6b:a4:f8:a3:5b:7e:
                    9e:e6:4f:84:0f:14:38:45:3a:2e:97:c8:4a:93:f5:
                    66:24:36:4e:17:79:71:0c:93:69:f3:32:17:00:51:
                    db:86:de:71:6a:84:ea:3f:a3:b2:aa:82:a8:61:b7:
                    f3:e0:ed:02:ac:da:fb:00:a9:0c:3b:4e:0f:86:6b:
                    93:c8:ce:e0:80:e0:b2:ad:7a:d1:e2:b5:37:c4:93:
                    f5:8f:1a:69:b8:23:d5:6e:0c:8d:2a:77:e3:d8:0d:
                    ee:d9:d5:89:a0:c9:fd:ce:f0:43:38:21:2f:f7:50:
                    2d:09:ad:b1:66:0e:04:40:0d:ca:11:58:6c:d0:53:
                    41:be:69:c6:8f:8c:6b:0f:c0:97:4b:61:79:c7:06:
                    6e:2e:90:d2:ee:42:64:e2:a3:5a:ea:73:85:da:69:
                    31:70:02:34:6f:8c:48:d5:94:f1:8b:63:ab:c5:cf:
                    6c:19:59:81:9d:51:c9:32:b2:08:24:6e:4d:97:8a:
                    67:1d:b6:89:7c:a2:a8:1f:2a:af:9b:30:70:e0:a3:
                    22:34:1d:1e:a8:c1:92:ae:77:7f:1a:94:c7:52:78:
                    4c:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:BF:58:D1:4E:AD:32:BA:81:B2:A8:5B:19:FF:F4:E2:54:E8:27:5C
            X509v3 Authority Key Identifier:
                keyid:DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/5b9Y0U6tMrqBsqhbGf_04lToJ1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/3EFBHpPiXV7GUJlWmxtcX63Brj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:94:0d:50:5c:7d:a7:89:22:90:df:d3:62:27:db:ff:2d:84:
         d3:e2:a0:35:eb:8f:81:1b:30:48:3a:a9:83:a5:f0:c8:f9:08:
         d6:06:1a:d2:0c:42:39:33:42:87:85:4d:21:ef:35:4e:60:17:
         44:98:89:9f:75:d3:34:ce:88:25:87:fe:5e:2c:be:73:8b:51:
         bf:68:ae:d4:4e:40:21:bf:0d:b7:47:05:a3:97:8d:51:6f:6e:
         c3:ee:65:f3:a6:21:c5:0f:5c:44:c2:82:98:00:65:e7:07:25:
         de:58:16:cf:90:8e:0f:57:f2:7c:e1:fd:36:11:ad:a9:03:46:
         4e:16:c6:00:f4:8a:13:3a:f0:c1:8e:69:2f:c5:39:90:ee:b1:
         99:d9:6d:b1:17:8f:28:3b:1a:2d:bf:91:54:c7:e6:2e:bc:b8:
         27:69:30:3a:4b:1b:74:14:1a:40:7d:d7:2b:38:df:93:ad:1a:
         f8:c9:f5:35:1c:a3:7c:44:39:e9:e3:d1:d2:c5:c5:34:54:fe:
         62:20:28:1a:81:a6:5e:e6:6d:40:90:65:1a:d3:7d:e4:bc:f6:
         b0:43:79:0a:86:c5:0c:c1:e2:a5:40:4c:30:20:b9:df:17:91:
         5a:f8:fd:19:4b:8e:48:28:38:63:d7:54:c8:62:f5:80:e6:b3:
         81:bb:bd:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTC8/w9BLjYmzTbdgLCr24GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDE0MTFlOTNlMjVkNWVjNjUwOTk1NjliMWI1YzVmYWRj
MWFlM2QwHhcNMjIxMTI5MTAzNDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJmNThkMTRlYWQzMmJhODFiMmE4NWIxOWZmZjRlMjU0ZTgyNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx+k1qkJztV8fk3OBOaGWPxjLqLD
rMppXbiziO1iZDRNHg09QaxrpPijW36e5k+EDxQ4RToul8hKk/VmJDZOF3lxDJNp
8zIXAFHbht5xaoTqP6OyqoKoYbfz4O0CrNr7AKkMO04PhmuTyM7ggOCyrXrR4rU3
xJP1jxppuCPVbgyNKnfj2A3u2dWJoMn9zvBDOCEv91AtCa2xZg4EQA3KEVhs0FNB
vmnGj4xrD8CXS2F5xwZuLpDS7kJk4qNa6nOF2mkxcAI0b4xI1ZTxi2Orxc9sGVmB
nVHJMrIIJG5Nl4pnHbaJfKKoHyqvmzBw4KMiNB0eqMGSrnd/GpTHUnhMHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOW/WNFOrTK6gbKoWxn/9OJU6CdcMB8GA1UdIwQY
MBaAFNxBQR6T4l1exlCZVpsbXF+twa49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VGQkhwUGlYVjdHVUpsV214dGNYNjNCcmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZDQ3MzEtOGNmMy00MzI3LWFlNmEt
NTEzODdkMTYwYmE5LzEvNWI5WTBVNnRNcnFCc3FoYkdmXzA0bFRvSjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZDQ3MzEtOGNmMy00MzI3LWFlNmEtNTEzODdkMTYwYmE5
LzEvM0VGQkhwUGlYVjdHVUpsV214dGNYNjNCcmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufgwMA0G
CSqGSIb3DQEBCwUAA4IBAQBRlA1QXH2niSKQ39NiJ9v/LYTT4qA164+BGzBIOqmD
pfDI+QjWBhrSDEI5M0KHhU0h7zVOYBdEmImfddM0zoglh/5eLL5zi1G/aK7UTkAh
vw23RwWjl41Rb27D7mXzpiHFD1xEwoKYAGXnByXeWBbPkI4PV/J84f02Ea2pA0ZO
FsYA9IoTOvDBjmkvxTmQ7rGZ2W2xF48oOxotv5FUx+YuvLgnaTA6Sxt0FBpAfdcr
ON+TrRr4yfU1HKN8RDnp49HSxcU0VP5iICgagaZe5m1AkGUa033kvPawQ3kKhsUM
weKlQEwwILnfF5Fa+P0ZS45IKDhj11TIYvWA5rOBu73R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:07 2024 by rpki-client on console-ams.rpki-client.org