Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/eAhzjYuk-_kizyh37oDKaloXLZI.roa
File:                     eAhzjYuk-_kizyh37oDKaloXLZI.roa (raw, json)
Hash identifier:          X8WiLv9r6sCutIaN/ScKs0Yue0kZeaqwQFaLR8jJE8U=
Subject key identifier:   78:08:73:8D:8B:A4:FB:F9:22:CF:28:77:EE:80:CA:6A:5A:17:2D:92
Certificate issuer:       /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial:       0183390C4B0FD23451A41131BA5501D56F6C
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/eAhzjYuk-_kizyh37oDKaloXLZI.roa
Signing time:             Tue 13 Sep 2022 22:50:50 +0000
ROA not before:           Tue 13 Sep 2022 22:50:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212042
IP address blocks:        5.181.201.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:39:0c:4b:0f:d2:34:51:a4:11:31:ba:55:01:d5:6f:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
        Validity
            Not Before: Sep 13 22:50:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7808738d8ba4fbf922cf2877ee80ca6a5a172d92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d3:32:a5:03:00:7b:0e:6c:d4:35:5d:a1:0a:
                    8b:ca:c9:39:3d:b8:7e:29:c0:2e:db:58:12:9d:83:
                    0b:ee:26:de:ca:3b:34:46:78:5c:b6:76:a1:a0:29:
                    01:b8:53:d2:eb:99:3f:cf:58:80:24:04:ee:cd:3b:
                    fc:82:02:9d:9a:a3:ae:9a:ac:bf:a6:14:f4:3e:1b:
                    a3:ce:f0:6e:da:c5:cd:30:e6:2e:15:60:0b:59:54:
                    dc:68:ad:28:39:fd:54:39:6e:3b:1c:59:c2:55:3f:
                    15:c6:3f:fb:e5:0f:a9:e4:7c:00:1e:01:30:7b:df:
                    73:39:72:a2:02:74:47:02:f8:ba:27:02:3e:de:4c:
                    36:0c:11:59:e0:df:98:70:5c:d6:41:04:d7:40:db:
                    c4:42:4f:1b:0f:fd:f9:06:ff:44:d7:8f:a1:c7:05:
                    4a:5a:51:3b:bb:51:44:af:99:f2:6a:9a:ea:a6:2b:
                    f8:5d:94:f6:69:d6:06:5f:7e:92:2a:ab:fd:ec:0e:
                    84:d1:e0:25:21:c2:b8:79:11:8e:85:a6:9e:2c:6d:
                    a3:3e:9c:52:cb:7b:a0:b2:57:d9:14:9c:80:4c:7f:
                    d3:68:d5:96:29:92:c0:35:4b:3f:20:a3:c2:79:50:
                    92:82:1b:b6:13:cf:43:2e:c5:86:33:71:86:d3:d8:
                    10:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:08:73:8D:8B:A4:FB:F9:22:CF:28:77:EE:80:CA:6A:5A:17:2D:92
            X509v3 Authority Key Identifier:
                keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/eAhzjYuk-_kizyh37oDKaloXLZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:99:13:04:5a:8c:ee:1e:26:09:7b:b6:6e:28:d5:7b:aa:d2:
         b3:b3:b0:ec:bb:15:cb:e3:50:e9:24:e2:94:6c:cd:89:d4:5f:
         f4:ec:37:e2:00:b7:f6:f1:be:4c:4f:05:4d:72:75:1e:2b:16:
         c3:27:15:2a:87:e3:20:09:dc:a3:06:fd:d4:6f:14:2c:ed:54:
         5b:33:91:8e:36:b1:86:b3:53:a2:7d:ca:da:76:b1:b1:83:8e:
         77:dd:f0:98:cf:0a:48:3e:c1:13:1c:c0:51:d2:61:67:7e:87:
         2c:2a:f5:6e:dc:7d:e4:c9:04:bf:e1:e5:08:e8:73:20:cc:05:
         fd:a6:84:dc:5d:62:91:9d:07:c1:66:30:07:3e:fa:36:d5:8c:
         50:10:bc:bc:a4:7d:ae:60:63:4e:bd:87:17:95:af:72:9b:d6:
         ee:a9:59:d2:58:95:02:ea:e1:fa:d5:bd:bf:35:d4:7a:af:1b:
         44:24:8b:f9:2c:f6:9d:5b:81:0f:4d:05:c9:79:77:b0:05:f9:
         fd:1d:21:c3:58:81:76:6f:e4:05:c4:a6:7b:6f:8f:5b:53:bd:
         30:7c:ac:3e:63:73:76:b9:2f:fc:be:f7:f9:43:ed:9c:f4:e9:
         90:54:49:02:4b:5e:bd:3d:d4:07:a3:2f:7d:e0:f3:d2:0c:b4:
         29:21:dd:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM5DEsP0jRRpBExulUB1W9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjIwOTEzMjI1MDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODA4NzM4ZDhiYTRmYmY5MjJjZjI4NzdlZTgwY2E2YTVhMTcyZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtMypQMAew5s1DVdoQqLysk5Pbh+
KcAu21gSnYML7ibeyjs0RnhctnahoCkBuFPS65k/z1iAJATuzTv8ggKdmqOumqy/
phT0PhujzvBu2sXNMOYuFWALWVTcaK0oOf1UOW47HFnCVT8Vxj/75Q+p5HwAHgEw
e99zOXKiAnRHAvi6JwI+3kw2DBFZ4N+YcFzWQQTXQNvEQk8bD/35Bv9E14+hxwVK
WlE7u1FEr5nyaprqpiv4XZT2adYGX36SKqv97A6E0eAlIcK4eRGOhaaeLG2jPpxS
y3ugslfZFJyATH/TaNWWKZLANUs/IKPCeVCSghu2E89DLsWGM3GG09gQaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHgIc42LpPv5Is8od+6AympaFy2SMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvZUFoempZdWstX2tpenloMzdvREthbG9YTFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbXJMA0G
CSqGSIb3DQEBCwUAA4IBAQBImRMEWozuHiYJe7ZuKNV7qtKzs7DsuxXL41DpJOKU
bM2J1F/07DfiALf28b5MTwVNcnUeKxbDJxUqh+MgCdyjBv3UbxQs7VRbM5GONrGG
s1OifcradrGxg4533fCYzwpIPsETHMBR0mFnfocsKvVu3H3kyQS/4eUI6HMgzAX9
poTcXWKRnQfBZjAHPvo21YxQELy8pH2uYGNOvYcXla9ym9buqVnSWJUC6uH61b2/
NdR6rxtEJIv5LPadW4EPTQXJeXewBfn9HSHDWIF2b+QFxKZ7b49bU70wfKw+Y3N2
uS/8vvf5Q+2c9OmQVEkCS169PdQHoy994PPSDLQpId3x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:25 2024 by rpki-client on console-fra.rpki-client.org