Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/4NIqD-LJy1pUfJXk3r5xjZYsRt0.roa
File:                     4NIqD-LJy1pUfJXk3r5xjZYsRt0.roa (raw, json)
Hash identifier:          x/+YI5kuM7LyVHb8UXK0J5CekeLlySJoiyJ3P/ky0W8=
Subject key identifier:   E0:D2:2A:0F:E2:C9:CB:5A:54:7C:95:E4:DE:BE:71:8D:96:2C:46:DD
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       135002B7
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/4NIqD-LJy1pUfJXk3r5xjZYsRt0.roa
Signing time:             Mon 28 Feb 2022 08:27:18 +0000
ROA not before:           Mon 28 Feb 2022 08:27:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206433
IP address blocks:        57.190.0.0/20 maxlen: 20
                          57.190.0.0/19 maxlen: 19
                          57.190.16.0/24 maxlen: 24
                          57.190.17.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 324010679 (0x135002b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Feb 28 08:27:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e0d22a0fe2c9cb5a547c95e4debe718d962c46dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:10:d6:db:32:5b:d3:4a:4d:50:9f:19:e1:b8:
                    c4:59:c2:55:3b:a1:67:0e:62:5d:e4:65:47:d9:1f:
                    a8:73:d1:a7:4e:c1:6a:b0:27:68:38:2d:29:19:d2:
                    e2:71:36:23:ef:6b:56:67:5e:0c:7d:38:65:3f:b3:
                    39:3c:b2:8b:e8:12:37:91:63:95:16:45:cb:20:62:
                    53:c8:34:f2:bf:0e:c8:72:6d:94:ee:53:45:0b:cd:
                    16:27:e2:4c:61:ca:27:d2:3e:31:fb:59:0b:29:00:
                    af:04:2f:f9:ab:22:2b:60:ef:6e:e5:f8:fb:b5:ee:
                    ba:48:13:99:3b:4c:27:ef:ad:a8:40:bc:12:66:7d:
                    2f:e7:19:b2:58:a6:0a:67:67:7e:14:18:00:80:26:
                    6d:61:27:f6:c9:d2:68:74:74:39:3b:b7:57:4a:1e:
                    bb:79:9d:eb:c2:9a:0a:40:b5:6d:d6:fb:c9:dc:a3:
                    5f:cd:82:f3:0f:f6:71:d6:80:27:1f:6d:7e:ab:40:
                    b9:c7:00:b9:2d:02:eb:98:f4:b8:71:6a:3a:a2:76:
                    6f:5e:d2:b1:44:a4:e8:7d:68:ca:d9:5b:98:2a:04:
                    78:e3:86:31:d3:06:06:ec:0b:2a:68:74:38:94:73:
                    bd:4b:1a:99:bb:1c:d1:8d:52:71:62:f0:e4:9d:d4:
                    d8:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:D2:2A:0F:E2:C9:CB:5A:54:7C:95:E4:DE:BE:71:8D:96:2C:46:DD
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/4NIqD-LJy1pUfJXk3r5xjZYsRt0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.190.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         c1:84:9f:7c:9d:2d:8f:65:89:14:de:22:40:37:ca:0d:96:21:
         a0:22:5c:61:94:32:eb:79:9d:76:b3:f2:7b:26:a2:a8:ec:fc:
         37:73:0e:20:89:e9:d4:5d:16:2e:3f:f3:71:90:c9:c4:8b:b2:
         4a:cb:d9:64:d9:e0:60:e7:0d:36:19:4c:0b:64:94:a6:49:ed:
         56:3f:2c:27:cb:e7:c8:3d:c1:eb:da:ab:7c:b1:4a:f0:a6:06:
         1c:02:54:d4:e6:bf:3c:c0:ce:46:ce:e9:6c:a7:73:8e:4b:8e:
         83:58:32:03:77:3f:36:27:c7:7a:f7:73:75:0f:ad:e9:10:a6:
         d3:d3:75:38:38:31:07:cd:e3:93:d0:4d:96:17:cb:cd:6a:a5:
         fc:d7:46:c5:55:2b:36:c7:fb:b3:e5:66:8a:36:8a:db:5e:4c:
         4f:29:91:be:76:0b:47:db:ca:b5:36:a9:ca:f5:05:96:e6:e1:
         48:f9:fd:e1:4d:95:7a:18:bd:ed:73:2e:b2:9d:55:52:46:50:
         4a:99:33:fb:e4:03:7d:e1:fa:4a:83:29:68:3e:3e:62:55:c2:
         f6:c4:ed:7f:32:4f:9f:66:70:9d:6c:3e:d0:74:47:13:81:0f:
         75:10:45:51:49:6a:fc:f3:9d:8e:95:16:8f:64:c6:52:db:a4:
         4b:08:71:a9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE1ACtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2Q1YmEwODE1YzlmNTE5M2Y4MDk4OWVlODkzYWNhY2M0YmE4ODQ5MB4XDTIyMDIy
ODA4MjcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBkMjJhMGZlMmM5
Y2I1YTU0N2M5NWU0ZGViZTcxOGQ5NjJjNDZkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwQ1tsyW9NKTVCfGeG4xFnCVTuhZw5iXeRlR9kfqHPRp07B
arAnaDgtKRnS4nE2I+9rVmdeDH04ZT+zOTyyi+gSN5FjlRZFyyBiU8g08r8OyHJt
lO5TRQvNFifiTGHKJ9I+MftZCykArwQv+asiK2DvbuX4+7XuukgTmTtMJ++tqEC8
EmZ9L+cZslimCmdnfhQYAIAmbWEn9snSaHR0OTu3V0oeu3md68KaCkC1bdb7ydyj
X82C8w/2cdaAJx9tfqtAuccAuS0C65j0uHFqOqJ2b17SsUSk6H1oytlbmCoEeOOG
MdMGBuwLKmh0OJRzvUsambsc0Y1ScWLw5J3U2G8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTg0ioP4snLWlR8leTevnGNlixG3TAfBgNVHSMEGDAWgBRD1boIFcn1GT+A
mJ7ok6ysxLqISTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E5VzZDQlhKOVJrX2dKaWU2Sk9zck1TNmlFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNzI4MmI0LTdmMTEtNGVlMC1hYmVhLWUxM2U1NTc5YzVkYy8x
LzROSXFELUxKeTFwVWZKWGszcjV4alpZc1J0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NzI4MmI0LTdmMTEtNGVlMC1hYmVhLWUxM2U1NTc5YzVkYy8xL1E5VzZDQlhKOVJr
X2dKaWU2Sk9zck1TNmlFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTm+ADANBgkqhkiG9w0BAQsFAAOC
AQEAwYSffJ0tj2WJFN4iQDfKDZYhoCJcYZQy63mddrPyeyaiqOz8N3MOIInp1F0W
Lj/zcZDJxIuySsvZZNngYOcNNhlMC2SUpkntVj8sJ8vnyD3B69qrfLFK8KYGHAJU
1Oa/PMDORs7pbKdzjkuOg1gyA3c/NifHevdzdQ+t6RCm09N1ODgxB83jk9BNlhfL
zWql/NdGxVUrNsf7s+VmijaK215MTymRvnYLR9vKtTapyvUFlubhSPn94U2Vehi9
7XMusp1VUkZQSpkz++QDfeH6SoMpaD4+YlXC9sTtfzJPn2ZwnWw+0HRHE4EPdRBF
UUlq/POdjpUWj2TGUtukSwhxqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org