Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/btt5LdtszDGBaUY7VVRNeB-clR4.roa
File:                     btt5LdtszDGBaUY7VVRNeB-clR4.roa (raw, json)
Hash identifier:          ezfSs8NwOoLbRFkZvDNP/7h4kidJOH/aqkE62AHIuh0=
Subject key identifier:   6E:DB:79:2D:DB:6C:CC:31:81:69:46:3B:55:54:4D:78:1F:9C:95:1E
Certificate issuer:       /CN=5bb1c57055c29d669f289a9f68f392823942132a
Certificate serial:       043979EB
Authority key identifier: 5B:B1:C5:70:55:C2:9D:66:9F:28:9A:9F:68:F3:92:82:39:42:13:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/btt5LdtszDGBaUY7VVRNeB-clR4.roa
Signing time:             Thu 09 Jun 2022 09:41:02 +0000
ROA not before:           Thu 09 Jun 2022 09:41:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44084
IP address blocks:        5.253.212.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 70875627 (0x43979eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5bb1c57055c29d669f289a9f68f392823942132a
        Validity
            Not Before: Jun  9 09:41:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6edb792ddb6ccc318169463b55544d781f9c951e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c2:03:dc:ea:8a:82:62:6a:4f:a8:40:f9:09:
                    88:14:4f:b5:e9:e0:7a:28:5a:e8:d0:5d:77:bb:14:
                    1f:c4:29:e9:25:54:92:cb:62:69:91:33:c5:bc:50:
                    8c:d9:63:25:19:f4:2a:22:b1:4c:8b:b9:84:01:b6:
                    36:28:7a:78:c9:5d:ba:e1:1f:fc:3b:79:e1:1c:ab:
                    4b:42:da:42:8e:b6:ad:30:75:af:d7:9c:73:1c:ea:
                    bd:ff:68:86:e0:a1:fc:2b:fd:fe:63:53:31:c7:1e:
                    b4:af:81:e5:0f:f1:a5:73:c4:0e:1f:f8:f9:40:ea:
                    0c:04:fc:7d:67:c9:4e:7c:d0:b6:ef:39:40:1f:aa:
                    e7:f8:d7:7c:75:3c:32:8a:14:60:b3:1d:eb:f3:08:
                    5f:42:17:4e:94:40:f4:43:00:b0:67:7c:1e:cb:36:
                    a0:52:c3:59:f4:9e:30:e5:75:48:c9:9c:08:eb:98:
                    d9:86:0f:60:f5:0e:73:93:34:02:e5:27:61:89:e6:
                    e1:09:35:72:cc:36:16:2e:3c:df:4e:18:f6:2c:d1:
                    e1:f0:f0:39:46:25:a8:e8:f3:08:6e:3d:21:e3:89:
                    40:c8:24:af:c8:7d:60:b1:48:60:2d:52:d3:0e:01:
                    a5:6b:cc:23:5c:34:57:6a:76:8c:ea:dd:1f:0a:f4:
                    e4:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:DB:79:2D:DB:6C:CC:31:81:69:46:3B:55:54:4D:78:1F:9C:95:1E
            X509v3 Authority Key Identifier:
                keyid:5B:B1:C5:70:55:C2:9D:66:9F:28:9A:9F:68:F3:92:82:39:42:13:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/btt5LdtszDGBaUY7VVRNeB-clR4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/W7HFcFXCnWafKJqfaPOSgjlCEyo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.212.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:b8:99:e7:88:a2:f1:b2:eb:61:08:cb:f9:41:ec:0c:84:3b:
         ff:98:80:45:d7:ba:68:d0:49:08:70:42:c3:e9:5a:cd:a4:62:
         4b:39:e1:41:b1:ed:b5:bd:5c:28:8c:b9:fa:b4:a9:48:27:c4:
         02:72:24:84:88:11:fc:0d:cb:a9:25:a2:39:68:e3:37:8d:90:
         82:97:68:b4:7b:22:aa:5a:34:3e:99:dd:d8:91:30:03:d7:b6:
         5a:ee:76:a2:b3:31:83:54:a5:94:d5:e0:36:14:65:10:fe:1f:
         5d:f1:93:db:7e:9e:29:57:c7:d8:28:40:b6:f6:4d:bc:68:46:
         71:c0:3f:bf:85:82:fd:93:c0:ab:cd:ef:2c:f7:51:40:78:3f:
         28:88:ba:26:63:ad:5b:e2:7a:74:c6:b7:cd:f7:f7:46:03:9e:
         6f:45:6d:5c:7f:54:41:5c:e8:d4:60:df:d4:ce:7e:20:9c:f7:
         d2:97:51:ff:60:1a:4f:ff:92:72:6b:80:11:67:bc:f3:18:11:
         72:d9:ac:8d:bf:77:a0:53:06:da:ba:f2:6e:bd:db:84:d7:2e:
         aa:6d:8e:80:1b:59:37:3a:3d:0c:8f:89:19:81:59:5d:f6:2a:
         2b:28:f6:f5:b0:b3:59:70:f7:66:cf:1a:87:19:ae:bf:ed:6a:
         9f:c2:ff:a5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBDl56zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YmIxYzU3MDU1YzI5ZDY2OWYyODlhOWY2OGYzOTI4MjM5NDIxMzJhMB4XDTIyMDYw
OTA5NDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmVkYjc5MmRkYjZj
Y2MzMTgxNjk0NjNiNTU1NDRkNzgxZjljOTUxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXCA9zqioJiak+oQPkJiBRPtengeiha6NBdd7sUH8Qp6SVU
kstiaZEzxbxQjNljJRn0KiKxTIu5hAG2Nih6eMlduuEf/Dt54RyrS0LaQo62rTB1
r9eccxzqvf9ohuCh/Cv9/mNTMccetK+B5Q/xpXPEDh/4+UDqDAT8fWfJTnzQtu85
QB+q5/jXfHU8MooUYLMd6/MIX0IXTpRA9EMAsGd8Hss2oFLDWfSeMOV1SMmcCOuY
2YYPYPUOc5M0AuUnYYnm4Qk1csw2Fi48304Y9izR4fDwOUYlqOjzCG49IeOJQMgk
r8h9YLFIYC1S0w4BpWvMI1w0V2p2jOrdHwr05GMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRu23kt22zMMYFpRjtVVE14H5yVHjAfBgNVHSMEGDAWgBRbscVwVcKdZp8o
mp9o85KCOUITKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1c3SEZjRlhDbldhZktKcWZhUE9TZ2psQ0V5by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvODIyMzc2LTgwOGEtNDY1Yy1hODdmLTVjZWFlMTlmOTRmOS8x
L2J0dDVMZHRzekRHQmFVWTdWVlJOZUItY2xSNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
ODIyMzc2LTgwOGEtNDY1Yy1hODdmLTVjZWFlMTlmOTRmOS8xL1c3SEZjRlhDbldh
ZktKcWZhUE9TZ2psQ0V5by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQX91DANBgkqhkiG9w0BAQsFAAOC
AQEAQbiZ54ii8bLrYQjL+UHsDIQ7/5iARde6aNBJCHBCw+lazaRiSznhQbHttb1c
KIy5+rSpSCfEAnIkhIgR/A3LqSWiOWjjN42QgpdotHsiqlo0Ppnd2JEwA9e2Wu52
orMxg1SllNXgNhRlEP4fXfGT236eKVfH2ChAtvZNvGhGccA/v4WC/ZPAq83vLPdR
QHg/KIi6JmOtW+J6dMa3zff3RgOeb0VtXH9UQVzo1GDf1M5+IJz30pdR/2AaT/+S
cmuAEWe88xgRctmsjb93oFMG2rrybr3bhNcuqm2OgBtZNzo9DI+JGYFZXfYqKyj2
9bCzWXD3Zs8ahxmuv+1qn8L/pQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:58 2024 by rpki-client on console-ams.rpki-client.org