Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/r5JCP4wgkT1r_B5JUp1LNTsiQ7U.roa
File:                     r5JCP4wgkT1r_B5JUp1LNTsiQ7U.roa (raw, json)
Hash identifier:          h4YEHYAdQVYnigc/ku7YCxEA02ua3vFVVk332YJiF6M=
Subject key identifier:   AF:92:42:3F:8C:20:91:3D:6B:FC:1E:49:52:9D:4B:35:3B:22:43:B5
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       01154071
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/r5JCP4wgkT1r_B5JUp1LNTsiQ7U.roa
Signing time:             Fri 15 Apr 2022 09:19:29 +0000
ROA not before:           Fri 15 Apr 2022 09:19:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     63213
IP address blocks:        37.19.64.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18169969 (0x1154071)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Apr 15 09:19:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=af92423f8c20913d6bfc1e49529d4b353b2243b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:e8:ef:13:b2:d7:2f:82:d3:54:3d:d2:b9:ae:
                    36:a4:da:8d:39:33:d5:09:32:64:15:94:59:05:78:
                    ef:3a:72:2e:93:fb:b6:6a:6e:0d:67:65:61:46:48:
                    33:6f:39:66:60:be:b1:5c:6a:ba:70:79:02:df:7f:
                    16:48:96:b2:9f:ab:a2:ca:7d:5d:e6:18:e2:77:0e:
                    4a:27:3a:c7:7d:de:09:5c:41:2d:91:b2:12:32:5d:
                    be:92:e0:5f:55:b3:0c:bb:6f:e8:3b:95:da:44:d5:
                    e3:cb:a9:3a:a0:54:ab:f9:4e:17:d5:2a:5e:c4:98:
                    28:fe:fb:28:b1:85:f8:3e:61:27:7d:32:35:b9:67:
                    9d:7c:5a:78:d9:d2:6b:46:eb:53:24:c1:6a:51:3d:
                    42:ab:6b:e8:3a:d7:4d:2d:06:d8:a0:c5:82:99:b7:
                    df:c0:e3:79:5e:5b:85:6f:92:0c:d4:c1:6f:cd:dc:
                    ee:64:c9:e8:89:80:03:ee:7b:4c:63:0c:b8:71:91:
                    43:12:77:a0:6e:10:b7:b0:b9:70:31:d2:22:e2:a1:
                    f0:0d:82:12:e8:26:ac:0f:e6:dc:e8:a1:53:80:6b:
                    4e:13:d6:3a:2d:02:f5:9b:5d:6b:e2:76:20:e2:45:
                    23:a3:2d:e0:bc:15:f8:d0:4c:b2:94:61:80:e2:e5:
                    ce:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:92:42:3F:8C:20:91:3D:6B:FC:1E:49:52:9D:4B:35:3B:22:43:B5
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/r5JCP4wgkT1r_B5JUp1LNTsiQ7U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.19.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:e5:d6:fe:f1:da:29:80:80:3e:86:31:63:ee:d6:c3:cd:96:
         d5:48:a2:e8:69:3c:54:90:c4:32:3e:57:8f:b7:06:64:95:54:
         38:ef:7e:77:68:50:5f:51:ee:b7:39:3a:67:f2:4d:0d:f5:d3:
         d3:4a:f9:21:b5:35:83:49:93:5e:bc:ef:b2:15:8f:ff:05:ea:
         00:f6:7c:0c:34:f5:2d:53:6f:c1:d5:1c:71:cd:a1:4d:9c:a1:
         b5:c1:88:26:71:85:0d:87:b0:76:d0:a0:8f:db:54:5d:63:4f:
         6c:67:12:45:bd:4d:94:62:5f:6b:1c:ee:bd:20:44:24:72:40:
         27:0b:31:b7:90:4c:a9:4d:d3:42:49:7d:67:c6:6e:33:3a:4e:
         19:50:74:6f:b5:dd:6a:01:26:62:37:b6:8e:0c:5f:82:6f:72:
         1e:cc:24:47:4d:d4:73:b8:cb:03:ee:b7:64:47:57:85:1f:85:
         8f:00:50:cc:1b:4a:cc:cf:c6:82:97:00:90:8a:9c:80:c8:73:
         04:40:ac:3d:21:52:de:3d:7a:fe:01:fb:b1:b6:41:e0:b3:fe:
         a1:17:35:54:25:dc:86:3d:92:2f:d7:3a:38:51:d8:9d:3e:f3:
         74:61:00:fc:05:ce:bc:fb:08:aa:d9:f6:5f:d6:88:a5:ef:c6:
         f5:69:5d:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARVAcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTgyOTYzZmYxYWE3MGFiMTBkMWQzM2U4NmIxZDZkNDk0ZDZjZTUxMB4XDTIyMDQx
NTA5MTkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWY5MjQyM2Y4YzIw
OTEzZDZiZmMxZTQ5NTI5ZDRiMzUzYjIyNDNiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO3o7xOy1y+C01Q90rmuNqTajTkz1QkyZBWUWQV47zpyLpP7
tmpuDWdlYUZIM285ZmC+sVxqunB5At9/FkiWsp+rosp9XeYY4ncOSic6x33eCVxB
LZGyEjJdvpLgX1WzDLtv6DuV2kTV48upOqBUq/lOF9UqXsSYKP77KLGF+D5hJ30y
NblnnXxaeNnSa0brUyTBalE9Qqtr6DrXTS0G2KDFgpm338DjeV5bhW+SDNTBb83c
7mTJ6ImAA+57TGMMuHGRQxJ3oG4Qt7C5cDHSIuKh8A2CEugmrA/m3OihU4BrThPW
Oi0C9Ztda+J2IOJFI6Mt4LwV+NBMspRhgOLlzv0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSvkkI/jCCRPWv8HklSnUs1OyJDtTAfBgNVHSMEGDAWgBQugpY/8apwqxDR
0z6GsdbUlNbOUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xvS1dQX0dxY0tzUTBkTS1ockhXMUpUV3psRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvOTU3YzY4LTZmMjctNDBlZC1hYmVkLWRmNjRmMGU4MjM2MC8x
L3I1SkNQNHdna1Qxcl9CNUpVcDFMTlRzaVE3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
OTU3YzY4LTZmMjctNDBlZC1hYmVkLWRmNjRmMGU4MjM2MC8xL0xvS1dQX0dxY0tz
UTBkTS1ockhXMUpUV3psRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiUTQDANBgkqhkiG9w0BAQsFAAOC
AQEAF+XW/vHaKYCAPoYxY+7Ww82W1Uii6Gk8VJDEMj5Xj7cGZJVUOO9+d2hQX1Hu
tzk6Z/JNDfXT00r5IbU1g0mTXrzvshWP/wXqAPZ8DDT1LVNvwdUccc2hTZyhtcGI
JnGFDYewdtCgj9tUXWNPbGcSRb1NlGJfaxzuvSBEJHJAJwsxt5BMqU3TQkl9Z8Zu
MzpOGVB0b7XdagEmYje2jgxfgm9yHswkR03Uc7jLA+63ZEdXhR+FjwBQzBtKzM/G
gpcAkIqcgMhzBECsPSFS3j16/gH7sbZB4LP+oRc1VCXchj2SL9c6OFHYnT7zdGEA
/AXOvPsIqtn2X9aIpe/G9Wldtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:09 2024 by rpki-client on console-ams.rpki-client.org