Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/0WFUug2WsExUFKT6_0gRAJQ2oAI.roa
File:                     0WFUug2WsExUFKT6_0gRAJQ2oAI.roa (raw, json)
Hash identifier:          /NApOewc5crblu3dHCfgPFnHdWOT+FWIZHlc72/1Q6Y=
Subject key identifier:   D1:61:54:BA:0D:96:B0:4C:54:14:A4:FA:FF:48:11:00:94:36:A0:02
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       0184EC0873654BB43FA4F02E60263A701E19
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/0WFUug2WsExUFKT6_0gRAJQ2oAI.roa
Signing time:             Wed 07 Dec 2022 10:01:27 +0000
ROA not before:           Wed 07 Dec 2022 10:01:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9989
IP address blocks:        57.250.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ec:08:73:65:4b:b4:3f:a4:f0:2e:60:26:3a:70:1e:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Dec  7 10:01:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d16154ba0d96b04c5414a4faff4811009436a002
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:62:56:f5:b4:62:ac:9c:35:00:90:28:f9:27:
                    f8:55:27:e3:7e:f8:62:b3:b3:b1:7c:7e:83:d3:a8:
                    95:26:4d:5b:10:86:92:55:d8:99:b3:56:49:7a:6a:
                    55:f2:e2:bc:f5:27:50:f9:f0:78:c5:48:1c:69:66:
                    14:70:7e:83:93:c3:5f:50:61:42:ba:50:ac:4f:be:
                    89:57:3d:56:68:40:d8:3c:2f:81:09:18:57:44:f4:
                    a3:e4:3a:c4:25:d0:27:b7:82:af:f4:a0:03:88:57:
                    77:6a:97:58:1c:2e:ec:d8:43:44:b4:c5:68:06:8b:
                    90:d9:3f:3c:67:a8:95:85:d6:50:e5:ad:08:e9:e0:
                    e1:fd:90:02:88:6b:da:e8:a9:58:a5:2a:80:5c:5a:
                    a9:00:24:c1:7b:27:17:33:c1:5c:32:97:a9:c1:9b:
                    8c:35:f4:a8:e0:b8:93:e4:f9:05:2e:e7:4e:db:5d:
                    bf:3f:27:08:27:e0:41:14:5f:53:01:e3:db:66:d3:
                    58:c6:3d:b2:47:14:5a:4d:82:b5:04:2d:59:cb:e8:
                    80:a6:f3:e9:41:21:bd:5b:a4:b5:68:f1:33:f1:a6:
                    1f:09:9a:61:fb:8d:19:f5:e1:e3:d5:d8:b4:1f:50:
                    9d:c1:93:ef:b6:aa:c1:68:41:9c:9a:92:4c:c7:7a:
                    4f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:61:54:BA:0D:96:B0:4C:54:14:A4:FA:FF:48:11:00:94:36:A0:02
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/0WFUug2WsExUFKT6_0gRAJQ2oAI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.250.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:7a:f5:ff:2f:7e:96:7f:1c:0f:40:45:11:4f:2c:98:b9:9c:
         2e:ed:91:fc:1a:04:39:30:94:44:cd:1c:65:40:90:58:a9:60:
         c5:9c:2e:23:df:17:5f:14:07:45:d9:b8:ad:13:d5:16:61:dc:
         6f:9f:0b:51:ae:54:cf:46:b9:d3:c9:0f:a0:af:53:49:4b:6a:
         e6:c5:e5:ac:26:02:da:71:6c:6d:40:05:09:16:84:61:dc:ec:
         a6:73:90:36:92:0f:11:be:09:a3:fe:99:fc:ef:6a:dc:4a:83:
         f8:61:20:0e:18:91:ae:04:16:17:5e:c0:b9:2d:81:0e:cb:d1:
         4f:d3:7f:3f:93:24:61:99:b9:0b:78:bb:a5:56:39:7a:9b:27:
         92:bb:7c:e2:ef:18:04:fc:ae:69:f5:bf:c2:07:c6:ba:57:83:
         9c:6e:15:a5:1a:a2:10:2b:b6:4a:f2:10:08:a0:a4:e2:d4:af:
         2b:d4:d9:aa:f9:0e:ba:17:bf:57:8d:1c:11:3a:71:d6:f6:2f:
         8d:a5:f5:a5:b8:e1:6b:2d:6d:ce:5c:de:0d:fa:14:f0:62:f2:
         78:17:11:e8:3a:07:09:bf:0f:ce:4e:1e:9d:fd:7b:dc:33:f1:
         77:56:3c:e7:a7:25:6a:4e:fa:a5:08:da:09:15:52:8b:30:40:
         2d:40:5c:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTsCHNlS7Q/pPAuYCY6cB4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjIxMjA3MTAwMTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTYxNTRiYTBkOTZiMDRjNTQxNGE0ZmFmZjQ4MTEwMDk0MzZhMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2JW9bRirJw1AJAo+Sf4VSfjfvhi
s7OxfH6D06iVJk1bEIaSVdiZs1ZJempV8uK89SdQ+fB4xUgcaWYUcH6Dk8NfUGFC
ulCsT76JVz1WaEDYPC+BCRhXRPSj5DrEJdAnt4Kv9KADiFd3apdYHC7s2ENEtMVo
BouQ2T88Z6iVhdZQ5a0I6eDh/ZACiGva6KlYpSqAXFqpACTBeycXM8FcMpepwZuM
NfSo4LiT5PkFLudO212/PycIJ+BBFF9TAePbZtNYxj2yRxRaTYK1BC1Zy+iApvPp
QSG9W6S1aPEz8aYfCZph+40Z9eHj1di0H1CdwZPvtqrBaEGcmpJMx3pP8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFhVLoNlrBMVBSk+v9IEQCUNqACMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvMFdGVXVnMldzRXhVRktUNl8wZ1JBSlEyb0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAOfowMA0G
CSqGSIb3DQEBCwUAA4IBAQBlevX/L36WfxwPQEURTyyYuZwu7ZH8GgQ5MJREzRxl
QJBYqWDFnC4j3xdfFAdF2bitE9UWYdxvnwtRrlTPRrnTyQ+gr1NJS2rmxeWsJgLa
cWxtQAUJFoRh3Oymc5A2kg8Rvgmj/pn872rcSoP4YSAOGJGuBBYXXsC5LYEOy9FP
038/kyRhmbkLeLulVjl6myeSu3zi7xgE/K5p9b/CB8a6V4OcbhWlGqIQK7ZK8hAI
oKTi1K8r1Nmq+Q66F79XjRwROnHW9i+NpfWluOFrLW3OXN4N+hTwYvJ4FxHoOgcJ
vw/OTh6d/XvcM/F3VjznpyVqTvqlCNoJFVKLMEAtQFzt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org