Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/pVrZ9eALs9UStvaFF-MDTs2jW84.roa
File:                     pVrZ9eALs9UStvaFF-MDTs2jW84.roa (raw, json)
Hash identifier:          aySOOa2SW6HWpLd+nMdtncsVgML5IMTFu83JDbieU4E=
Subject key identifier:   A5:5A:D9:F5:E0:0B:B3:D5:12:B6:F6:85:17:E3:03:4E:CD:A3:5B:CE
Certificate issuer:       /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial:       01849EBB2A5AF53A2E9B178D02412768B0E2
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/pVrZ9eALs9UStvaFF-MDTs2jW84.roa
Signing time:             Tue 22 Nov 2022 09:46:16 +0000
ROA not before:           Tue 22 Nov 2022 09:46:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204592
IP address blocks:        62.228.244.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9e:bb:2a:5a:f5:3a:2e:9b:17:8d:02:41:27:68:b0:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
        Validity
            Not Before: Nov 22 09:46:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a55ad9f5e00bb3d512b6f68517e3034ecda35bce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:ab:85:0f:76:fa:a9:72:9d:5b:b8:b4:e4:42:
                    47:a0:a2:f4:e0:3c:e4:0e:58:2e:59:1a:5a:34:9f:
                    25:20:3a:72:43:90:45:3e:1b:23:e1:fd:42:ff:f4:
                    62:3a:a6:54:2b:ca:9d:6e:b8:e7:1e:01:91:35:a3:
                    12:c3:d4:de:b1:47:7a:d3:25:f6:77:b6:3c:bc:01:
                    92:73:1a:1e:63:ee:f0:e8:05:3f:29:24:52:5d:6f:
                    2d:6c:2c:dd:c2:50:71:90:ce:37:f9:6d:e3:b5:6a:
                    8a:00:f3:f7:17:3d:ea:2b:9d:67:bb:b9:e9:f9:a8:
                    0d:91:47:d0:bb:80:f8:3f:21:d8:f9:87:35:fa:17:
                    82:c9:52:a5:32:c5:22:1e:b0:b3:89:5f:42:74:5a:
                    86:63:c5:b6:e6:b1:34:7b:83:f3:a5:cb:ec:2a:30:
                    b8:20:2f:d8:02:e9:bf:6f:69:38:e7:7b:7c:00:c0:
                    9a:b1:b8:30:c9:f8:f5:4c:74:4f:ca:c5:4b:c2:b3:
                    51:e9:22:98:8c:5b:37:a3:b5:e4:25:d0:fc:45:65:
                    5a:26:c9:f9:8b:0c:5a:ef:47:46:f8:ed:37:b7:37:
                    78:dc:42:d4:77:64:9b:e9:cc:be:d7:04:9e:87:79:
                    8e:fb:68:da:b0:74:e3:cc:2b:24:ce:69:f0:87:9b:
                    91:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:5A:D9:F5:E0:0B:B3:D5:12:B6:F6:85:17:E3:03:4E:CD:A3:5B:CE
            X509v3 Authority Key Identifier:
                keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/pVrZ9eALs9UStvaFF-MDTs2jW84.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.228.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:b3:cf:00:bd:95:7b:b5:98:57:09:c3:55:a2:f6:8b:76:2a:
         0a:90:55:b0:2c:a9:06:95:87:9f:1a:f3:9d:61:ec:d6:b0:78:
         c2:67:5b:8c:bc:f9:5b:0b:44:94:ec:77:80:a7:68:1a:52:8f:
         15:bd:79:94:7d:86:c7:52:8a:6c:63:6c:c6:6f:e3:ff:30:c4:
         e4:4e:e4:f5:10:3b:28:6a:6e:bd:cb:73:7d:f7:09:c0:ce:0a:
         1b:c0:9d:92:4f:66:6a:6f:e3:20:9f:76:c0:d9:c1:5e:06:f6:
         99:11:75:5f:63:54:d5:5c:4f:3d:65:bb:35:92:ff:1d:81:e9:
         5e:06:fb:18:12:ad:9c:12:bb:f0:c5:52:fa:d6:cb:ca:41:b0:
         93:c4:57:6b:99:0d:08:86:8b:84:78:be:fb:18:19:ed:9a:61:
         28:a6:16:81:7b:19:08:cf:11:37:a2:cc:cd:6b:cb:f7:25:70:
         c1:7b:8b:29:35:a5:a0:cb:7c:48:d3:67:ec:1e:30:55:76:42:
         8d:ba:5f:d3:5b:84:ee:49:ba:e7:1b:cf:57:bf:4e:ce:52:3a:
         cf:49:49:53:a7:d7:8d:55:de:4d:bb:16:f0:89:11:68:03:1b:
         b0:11:e9:4d:20:0c:77:ba:df:43:2e:1c:db:01:42:68:a1:56:
         26:b1:4c:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSeuypa9ToumxeNAkEnaLDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTFhYmM0YzA0NjhhYjI4OTFlYWFjYWRiYTBkYzAzNzc5
MzZmZDUwHhcNMjIxMTIyMDk0NjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTVhZDlmNWUwMGJiM2Q1MTJiNmY2ODUxN2UzMDM0ZWNkYTM1YmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgauFD3b6qXKdW7i05EJHoKL04Dzk
DlguWRpaNJ8lIDpyQ5BFPhsj4f1C//RiOqZUK8qdbrjnHgGRNaMSw9TesUd60yX2
d7Y8vAGScxoeY+7w6AU/KSRSXW8tbCzdwlBxkM43+W3jtWqKAPP3Fz3qK51nu7np
+agNkUfQu4D4PyHY+Yc1+heCyVKlMsUiHrCziV9CdFqGY8W25rE0e4PzpcvsKjC4
IC/YAum/b2k453t8AMCasbgwyfj1THRPysVLwrNR6SKYjFs3o7XkJdD8RWVaJsn5
iwxa70dG+O03tzd43ELUd2Sb6cy+1wSeh3mO+2jasHTjzCskzmnwh5uRZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKVa2fXgC7PVErb2hRfjA07No1vOMB8GA1UdIwQY
MBaAFNQRq8TARoqyiR6qytug3AN3k2/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTIt
YjBmNGI5YzM3ZTQ5LzEvcFZyWjllQUxzOVVTdHZhRkYtTURUczJqVzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTItYjBmNGI5YzM3ZTQ5
LzEvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPuT0MA0G
CSqGSIb3DQEBCwUAA4IBAQAxs88AvZV7tZhXCcNVovaLdioKkFWwLKkGlYefGvOd
YezWsHjCZ1uMvPlbC0SU7HeAp2gaUo8VvXmUfYbHUopsY2zGb+P/MMTkTuT1EDso
am69y3N99wnAzgobwJ2ST2Zqb+Mgn3bA2cFeBvaZEXVfY1TVXE89Zbs1kv8dgele
BvsYEq2cErvwxVL61svKQbCTxFdrmQ0IhouEeL77GBntmmEophaBexkIzxE3oszN
a8v3JXDBe4spNaWgy3xI02fsHjBVdkKNul/TW4TuSbrnG89Xv07OUjrPSUlTp9eN
Vd5NuxbwiRFoAxuwEelNIAx3ut9DLhzbAUJooVYmsUz9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:17 2024 by rpki-client on console-ams.rpki-client.org