Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/Bdtsez6aoIx6E8IiqQ6BbqNahSE.roa
File:                     Bdtsez6aoIx6E8IiqQ6BbqNahSE.roa (raw, json)
Hash identifier:          zejU83JSIIxOpcPdoizQBV7ifLH9hZM6quoTzaIkf1E=
Subject key identifier:   05:DB:6C:7B:3E:9A:A0:8C:7A:13:C2:22:A9:0E:81:6E:A3:5A:85:21
Certificate issuer:       /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial:       0183EBD55C521F58B577D6AB18485EAB7C31
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/Bdtsez6aoIx6E8IiqQ6BbqNahSE.roa
Signing time:             Tue 18 Oct 2022 16:02:51 +0000
ROA not before:           Tue 18 Oct 2022 16:02:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203346
IP address blocks:        31.14.66.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:eb:d5:5c:52:1f:58:b5:77:d6:ab:18:48:5e:ab:7c:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
        Validity
            Not Before: Oct 18 16:02:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=05db6c7b3e9aa08c7a13c222a90e816ea35a8521
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:5d:10:d3:38:65:6c:c1:8e:a9:f6:e7:88:e6:
                    60:44:31:27:fb:2f:be:d4:99:06:d2:53:9c:e6:ba:
                    12:13:e0:e3:14:3a:fe:b4:ee:c7:6d:ef:d5:66:d6:
                    90:f9:e8:dc:21:15:23:4e:a8:86:3c:b2:31:7a:48:
                    ce:98:e0:a0:19:1e:fb:db:df:a0:88:f2:bb:66:ab:
                    98:f9:da:d7:c4:88:14:2c:7b:a9:a8:69:de:02:ea:
                    0f:82:21:a7:40:39:51:59:fd:9f:8e:87:91:1f:9c:
                    27:7e:4a:9d:c1:e8:ea:67:cd:73:9b:4f:a3:d1:fc:
                    b1:2f:da:71:a7:a6:bc:ce:4c:65:cc:e8:1e:06:61:
                    5f:e0:77:3f:35:41:41:4a:50:09:69:5c:97:41:2c:
                    a3:f1:6c:7d:0b:9c:09:45:7f:19:cf:df:1a:83:38:
                    de:50:17:6b:71:56:55:1c:cb:e6:a8:17:4b:b1:04:
                    ef:2d:ee:75:1c:8e:4e:2e:0e:dc:cb:8b:1f:be:88:
                    3f:5c:7a:0b:2a:76:61:a3:c8:60:df:f9:23:e8:2f:
                    33:4d:f6:75:aa:bf:83:b0:6c:28:d9:45:1b:d1:c9:
                    c7:aa:e5:eb:ee:1d:6a:1a:d9:3d:7e:f7:d0:72:79:
                    52:b4:01:2a:0b:32:d4:65:45:a6:a8:c9:66:6a:8c:
                    11:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:DB:6C:7B:3E:9A:A0:8C:7A:13:C2:22:A9:0E:81:6E:A3:5A:85:21
            X509v3 Authority Key Identifier:
                keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/Bdtsez6aoIx6E8IiqQ6BbqNahSE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.14.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:b1:5d:e6:2d:81:b4:05:5c:24:5d:21:f4:8a:ed:b7:b2:ae:
         20:a1:06:98:b7:20:fa:cc:46:fa:d9:b3:71:79:32:90:23:26:
         29:ba:bb:a4:3d:75:0f:05:8e:b2:6e:76:6c:37:b0:f1:7c:c7:
         c1:2d:f5:07:30:4e:30:42:0f:6f:07:f8:67:14:60:b9:48:bd:
         21:ee:71:75:49:f5:a4:cc:7f:07:9f:89:64:19:9c:9d:e5:12:
         8a:87:0c:97:08:79:1b:54:3a:53:e0:a8:72:b1:f2:b2:6c:dd:
         eb:68:89:af:cc:f4:c1:69:60:a9:1e:8a:a2:c6:39:b0:0a:63:
         30:b8:6f:61:e4:92:10:0c:a5:f3:8b:e2:c4:f4:5b:03:9d:1c:
         72:48:78:b5:6c:72:2d:79:c4:26:f3:12:95:36:53:c8:76:b4:
         78:8d:9f:e2:c2:7a:e2:a3:25:bf:73:81:fb:77:9f:a4:88:5d:
         69:a1:cd:de:64:bf:2d:f2:e2:e0:31:e4:97:90:80:3e:85:2e:
         b5:ef:a8:7b:8b:c6:6a:ae:7b:db:f0:0a:cd:2c:78:53:aa:8a:
         cc:6d:98:c2:bf:ad:b1:68:5d:59:64:c1:c5:01:a8:1f:5e:62:
         c5:c0:b6:8b:40:24:90:fe:37:4a:1d:4e:3c:79:41:e3:dd:12:
         00:dc:1d:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPr1VxSH1i1d9arGEheq3wxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjIxMDE4MTYwMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWRiNmM3YjNlOWFhMDhjN2ExM2MyMjJhOTBlODE2ZWEzNWE4NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4V0Q0zhlbMGOqfbniOZgRDEn+y++
1JkG0lOc5roSE+DjFDr+tO7Hbe/VZtaQ+ejcIRUjTqiGPLIxekjOmOCgGR7729+g
iPK7ZquY+drXxIgULHupqGneAuoPgiGnQDlRWf2fjoeRH5wnfkqdwejqZ81zm0+j
0fyxL9pxp6a8zkxlzOgeBmFf4Hc/NUFBSlAJaVyXQSyj8Wx9C5wJRX8Zz98agzje
UBdrcVZVHMvmqBdLsQTvLe51HI5OLg7cy4sfvog/XHoLKnZho8hg3/kj6C8zTfZ1
qr+DsGwo2UUb0cnHquXr7h1qGtk9fvfQcnlStAEqCzLUZUWmqMlmaowRiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXbbHs+mqCMehPCIqkOgW6jWoUhMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvQmR0c2V6NmFvSXg2RThJaXFRNkJicU5haFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw5CMA0G
CSqGSIb3DQEBCwUAA4IBAQAMsV3mLYG0BVwkXSH0iu23sq4goQaYtyD6zEb62bNx
eTKQIyYpurukPXUPBY6ybnZsN7DxfMfBLfUHME4wQg9vB/hnFGC5SL0h7nF1SfWk
zH8Hn4lkGZyd5RKKhwyXCHkbVDpT4KhysfKybN3raImvzPTBaWCpHoqixjmwCmMw
uG9h5JIQDKXzi+LE9FsDnRxySHi1bHItecQm8xKVNlPIdrR4jZ/iwnrioyW/c4H7
d5+kiF1poc3eZL8t8uLgMeSXkIA+hS6176h7i8Zqrnvb8ArNLHhTqorMbZjCv62x
aF1ZZMHFAagfXmLFwLaLQCSQ/jdKHU48eUHj3RIA3B0b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org