Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/B5X3iOE8oJa5otbJWAPVgpijHnk.roa
File:                     B5X3iOE8oJa5otbJWAPVgpijHnk.roa (raw, json)
Hash identifier:          05Ps2ESxGsZK8akhUKsphyw2F2LpsvWjvK+3lKfq6xQ=
Subject key identifier:   07:95:F7:88:E1:3C:A0:96:B9:A2:D6:C9:58:03:D5:82:98:A3:1E:79
Certificate issuer:       /CN=d5620cec70974d037d7769758c74668305b32cf2
Certificate serial:       038436
Authority key identifier: D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/B5X3iOE8oJa5otbJWAPVgpijHnk.roa
Signing time:             Fri 18 Mar 2022 10:02:19 +0000
ROA not before:           Fri 18 Mar 2022 10:02:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62212
IP address blocks:        87.236.146.0/24 maxlen: 24
                          2a11:3b80::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 230454 (0x38436)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5620cec70974d037d7769758c74668305b32cf2
        Validity
            Not Before: Mar 18 10:02:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0795f788e13ca096b9a2d6c95803d58298a31e79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:5b:2a:50:b0:68:06:39:a9:0b:28:ed:41:77:
                    9f:07:cc:a9:9f:67:90:9d:ff:cc:31:a2:b1:d9:e2:
                    ce:c9:44:d0:d3:9a:56:8b:d4:83:d2:e9:dc:4b:f4:
                    ca:3d:9e:c3:d9:9f:9a:f3:06:73:ac:ad:f3:79:31:
                    90:73:d3:1a:50:6e:8a:20:c0:96:9a:cf:0e:c3:af:
                    c2:3b:03:45:df:c3:72:a2:46:08:70:86:27:de:e9:
                    e7:53:37:ff:01:57:fa:35:a5:b5:9b:79:7c:8d:2a:
                    0b:73:7a:36:7e:61:9d:13:ad:14:e4:96:42:d8:03:
                    c6:fb:7b:5b:1a:c9:2d:df:da:91:af:c1:56:d4:a0:
                    48:80:51:01:6a:31:04:ca:dc:a3:b4:85:05:2a:d7:
                    90:64:f5:c0:f7:8c:31:df:6b:76:46:a7:11:2b:e7:
                    28:bf:64:63:6c:27:44:15:26:c6:e4:12:c0:27:05:
                    1f:78:ea:7e:e2:11:43:37:de:98:e5:1a:76:8c:15:
                    04:57:00:14:05:e5:72:3c:5e:66:ed:14:97:6c:7f:
                    0f:fc:e1:4c:1c:6b:0e:4f:8e:e9:33:59:8a:8b:44:
                    1e:cd:e8:ac:07:e0:49:5d:7c:5a:71:b7:bd:58:3b:
                    0e:59:2e:de:b4:b8:7a:94:56:22:63:92:98:d9:20:
                    6c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:95:F7:88:E1:3C:A0:96:B9:A2:D6:C9:58:03:D5:82:98:A3:1E:79
            X509v3 Authority Key Identifier:
                keyid:D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/B5X3iOE8oJa5otbJWAPVgpijHnk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.146.0/24
                IPv6:
                  2a11:3b80::/29

    Signature Algorithm: sha256WithRSAEncryption
         03:7c:c2:e6:0c:09:81:ad:73:d0:6e:89:4f:c1:e8:f0:ce:f3:
         b5:22:d2:54:f0:8b:74:ed:93:4c:61:1d:c3:9e:ab:11:bd:c6:
         3c:2c:eb:81:b5:70:b0:01:52:92:d8:3a:d0:f9:5a:ad:d9:2d:
         97:60:97:29:3d:86:ad:04:d2:d2:23:ed:25:c1:9f:a5:19:16:
         73:2f:95:4b:2a:81:0b:c0:9a:f7:4f:f6:b0:1e:ea:4a:5d:6b:
         22:51:6c:ee:8a:89:60:b4:e5:35:7f:03:2a:bc:5b:ac:9f:d6:
         49:13:e5:45:65:00:a5:a1:af:e2:9c:d1:4e:dd:79:3c:50:be:
         a8:b5:83:ad:a5:86:46:7e:10:33:e3:6a:ea:58:b7:37:9f:4d:
         fb:7d:b4:46:97:29:2f:01:50:47:ee:75:62:72:33:33:5a:7c:
         b7:1b:ca:b0:a5:44:7f:ec:35:f8:63:19:ea:92:01:46:2e:f1:
         61:46:9b:4b:0b:e7:7d:c4:20:83:2c:fc:55:e8:0f:ac:a9:51:
         ee:df:61:25:90:5b:49:7b:6d:cf:e2:47:d6:bd:b1:21:8a:de:
         b9:40:8d:77:8d:67:5b:76:35:96:1a:0f:83:47:e9:27:90:40:
         1d:37:0e:40:da:a6:6d:37:7a:3f:22:53:cd:ca:b8:20:b4:8d:
         83:29:11:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDA4Q2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
NjIwY2VjNzA5NzRkMDM3ZDc3Njk3NThjNzQ2NjgzMDViMzJjZjIwHhcNMjIwMzE4
MTAwMjE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNzk1Zjc4OGUxM2Nh
MDk2YjlhMmQ2Yzk1ODAzZDU4Mjk4YTMxZTc5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyVsqULBoBjmpCyjtQXefB8ypn2eQnf/MMaKx2eLOyUTQ05pW
i9SD0uncS/TKPZ7D2Z+a8wZzrK3zeTGQc9MaUG6KIMCWms8Ow6/COwNF38NyokYI
cIYn3unnUzf/AVf6NaW1m3l8jSoLc3o2fmGdE60U5JZC2APG+3tbGskt39qRr8FW
1KBIgFEBajEEytyjtIUFKteQZPXA94wx32t2RqcRK+cov2RjbCdEFSbG5BLAJwUf
eOp+4hFDN96Y5Rp2jBUEVwAUBeVyPF5m7RSXbH8P/OFMHGsOT47pM1mKi0Qezeis
B+BJXXxacbe9WDsOWS7etLh6lFYiY5KY2SBs1QIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFAeV94jhPKCWuaLWyVgD1YKYox55MB8GA1UdIwQYMBaAFNViDOxwl00DfXdp
dYx0ZoMFsyzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTktYmU0MzRjYjlmOGY4LzEv
QjVYM2lPRThvSmE1b3RiSldBUFZncGlqSG5rLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8z
MjNhOTItN2QzOC00OWVjLWJhOTktYmU0MzRjYjlmOGY4LzEvMVdJTTdIQ1hUUU45
ZDJsMWpIUm1nd1d6TFBJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAV+ySMA0EAgACMAcDBQMqETuAMA0G
CSqGSIb3DQEBCwUAA4IBAQADfMLmDAmBrXPQbolPwejwzvO1ItJU8It07ZNMYR3D
nqsRvcY8LOuBtXCwAVKS2DrQ+Vqt2S2XYJcpPYatBNLSI+0lwZ+lGRZzL5VLKoEL
wJr3T/awHupKXWsiUWzuiolgtOU1fwMqvFusn9ZJE+VFZQCloa/inNFO3Xk8UL6o
tYOtpYZGfhAz42rqWLc3n037fbRGlykvAVBH7nVicjMzWny3G8qwpUR/7DX4Yxnq
kgFGLvFhRptLC+d9xCCDLPxV6A+sqVHu32ElkFtJe23P4kfWvbEhit65QI13jWdb
djWWGg+DR+knkEAdNw5A2qZtN3o/IlPNyrggtI2DKRHa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:46 2024 by rpki-client on console-ams.rpki-client.org