Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/2TuJdncA--4YC5u-BfF8Fgv_Stg.roa
File:                     2TuJdncA--4YC5u-BfF8Fgv_Stg.roa (raw, json)
Hash identifier:          4hyrCJhhEFa3yj007ptKBw51jCtGJn4yTo6U6pS65n4=
Subject key identifier:   D9:3B:89:76:77:00:FB:EE:18:0B:9B:BE:05:F1:7C:16:0B:FF:4A:D8
Certificate issuer:       /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial:       1765A4DE
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/2TuJdncA--4YC5u-BfF8Fgv_Stg.roa
Signing time:             Sat 01 Jan 2022 09:54:04 +0000
ROA not before:           Sat 01 Jan 2022 09:54:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199598
IP address blocks:        62.228.253.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 392537310 (0x1765a4de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
        Validity
            Not Before: Jan  1 09:54:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d93b89767700fbee180b9bbe05f17c160bff4ad8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:90:7c:ca:97:8c:a9:65:b2:2f:69:78:6f:84:
                    6c:46:fb:fd:e0:43:84:f6:77:d5:03:2f:3e:95:10:
                    42:f4:b3:7f:40:5d:bf:54:9e:d1:e7:d2:2b:67:bd:
                    51:d2:76:fd:b4:57:d5:cd:5c:ad:40:3e:79:75:79:
                    b2:5a:e9:be:c1:05:58:a8:94:25:e3:70:ef:cf:45:
                    35:ac:7b:cd:cf:01:6e:f7:62:59:a0:64:c4:7e:9d:
                    41:be:a5:e3:1a:37:ec:13:75:20:d7:87:f1:0a:cc:
                    b0:f0:52:ce:e4:87:89:41:05:37:66:c7:43:f7:00:
                    4a:2f:2b:6a:44:83:67:e1:53:eb:26:28:78:d2:59:
                    40:1a:e2:01:c0:09:40:31:e5:6a:40:81:79:88:57:
                    f6:28:09:aa:64:77:ab:43:6e:8c:4d:e7:6d:46:c5:
                    80:eb:05:9c:46:8c:cc:7f:42:23:8f:fa:89:80:ca:
                    d2:c7:58:1d:4e:4c:0e:be:c8:20:8d:15:4b:60:41:
                    f9:e8:a9:4f:82:f4:bd:aa:8a:6f:79:de:33:80:8a:
                    68:52:03:13:3b:62:8a:50:01:c7:8a:56:48:88:26:
                    9f:1c:51:38:14:3c:e7:ea:47:9d:d6:ed:04:ae:31:
                    3d:75:48:4f:57:30:86:9d:f2:06:d7:5d:95:b4:e8:
                    3d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:3B:89:76:77:00:FB:EE:18:0B:9B:BE:05:F1:7C:16:0B:FF:4A:D8
            X509v3 Authority Key Identifier:
                keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/2TuJdncA--4YC5u-BfF8Fgv_Stg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.228.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:88:f3:12:8f:ca:2b:e2:62:70:97:ca:d8:92:97:1f:8b:b6:
         d0:9a:47:13:1a:f6:4d:c3:54:20:5c:48:0e:6c:8d:ca:cf:37:
         57:18:37:e1:af:08:51:ec:60:c2:8a:bf:87:83:21:9b:3a:76:
         0a:d0:eb:5f:11:be:66:52:81:7b:49:dd:58:23:8e:64:ea:33:
         d2:22:d4:ea:85:2e:7f:38:86:5b:42:a5:d2:93:a4:9c:71:5b:
         2f:15:48:98:55:80:86:5e:d8:f7:da:71:9a:cb:2f:c2:12:e1:
         1e:e7:94:72:c2:87:f8:8f:6d:87:45:3f:7a:43:2f:de:96:09:
         f8:b9:aa:04:a4:f7:85:7f:2e:cb:bb:e1:a3:f9:40:51:e4:83:
         4c:94:d5:f6:3a:fc:35:09:7f:ec:04:cf:d8:cf:5e:aa:17:80:
         04:64:14:27:79:fd:6d:48:a0:37:8c:07:75:5e:8e:82:f7:b7:
         02:ec:b8:f8:0c:03:ab:5d:cf:43:cb:e3:85:92:20:fc:40:61:
         c2:d7:e9:71:9b:70:1b:3e:6d:45:65:1f:f7:0b:87:75:4e:83:
         57:5f:22:89:7e:a6:dc:51:40:62:ed:e8:e7:b9:82:a4:9c:f8:
         e8:60:42:19:e8:94:81:80:6a:26:6f:6c:a6:17:48:9a:53:dc:
         04:0d:fc:2d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF2Wk3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDExYWJjNGMwNDY4YWIyODkxZWFhY2FkYmEwZGMwMzc3OTM2ZmQ1MB4XDTIyMDEw
MTA5NTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDkzYjg5NzY3NzAw
ZmJlZTE4MGI5YmJlMDVmMTdjMTYwYmZmNGFkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSQfMqXjKllsi9peG+EbEb7/eBDhPZ31QMvPpUQQvSzf0Bd
v1Se0efSK2e9UdJ2/bRX1c1crUA+eXV5slrpvsEFWKiUJeNw789FNax7zc8Bbvdi
WaBkxH6dQb6l4xo37BN1INeH8QrMsPBSzuSHiUEFN2bHQ/cASi8rakSDZ+FT6yYo
eNJZQBriAcAJQDHlakCBeYhX9igJqmR3q0NujE3nbUbFgOsFnEaMzH9CI4/6iYDK
0sdYHU5MDr7III0VS2BB+eipT4L0vaqKb3neM4CKaFIDEztiilABx4pWSIgmnxxR
OBQ85+pHndbtBK4xPXVIT1cwhp3yBtddlbToPV0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZO4l2dwD77hgLm74F8XwWC/9K2DAfBgNVHSMEGDAWgBTUEavEwEaKsoke
qsrboNwDd5Nv1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFCR3J4TUJHaXJLSkhxcksyNkRjQTNlVGI5VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvNjE4ZTUzLWFmYzQtNDBkZi04NjEyLWIwZjRiOWMzN2U0OS8x
LzJUdUpkbmNBLS00WUM1dS1CZkY4Rmd2X1N0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
NjE4ZTUzLWFmYzQtNDBkZi04NjEyLWIwZjRiOWMzN2U0OS8xLzFCR3J4TUJHaXJL
SkhxcksyNkRjQTNlVGI5VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD7k/TANBgkqhkiG9w0BAQsFAAOC
AQEAWojzEo/KK+JicJfK2JKXH4u20JpHExr2TcNUIFxIDmyNys83Vxg34a8IUexg
woq/h4Mhmzp2CtDrXxG+ZlKBe0ndWCOOZOoz0iLU6oUufziGW0Kl0pOknHFbLxVI
mFWAhl7Y99pxmssvwhLhHueUcsKH+I9th0U/ekMv3pYJ+LmqBKT3hX8uy7vho/lA
UeSDTJTV9jr8NQl/7ATP2M9eqheABGQUJ3n9bUigN4wHdV6Ogve3Auy4+AwDq13P
Q8vjhZIg/EBhwtfpcZtwGz5tRWUf9wuHdU6DV18iiX6m3FFAYu3o57mCpJz46GBC
GeiUgYBqJm9sphdImlPcBA38LQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:17 2024 by rpki-client on console-ams.rpki-client.org