Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/NpnulQoxOiIBv3mzdc54ALcagpU.roa
File:                     NpnulQoxOiIBv3mzdc54ALcagpU.roa (raw, json)
Hash identifier:          GH7yX3Zn2US+JMNLvSEtigj762sJ7aR+YVicCYr/RHs=
Subject key identifier:   36:99:EE:95:0A:31:3A:22:01:BF:79:B3:75:CE:78:00:B7:1A:82:95
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       12B54C0A
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/NpnulQoxOiIBv3mzdc54ALcagpU.roa
Signing time:             Sat 01 Jan 2022 12:59:25 +0000
ROA not before:           Sat 01 Jan 2022 12:59:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     11868
IP address blocks:        57.191.128.0/22 maxlen: 24
                          57.250.220.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 313871370 (0x12b54c0a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Jan  1 12:59:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3699ee950a313a2201bf79b375ce7800b71a8295
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d8:c1:d1:b5:4b:c7:a2:30:91:cf:da:65:17:
                    fd:d7:95:35:7e:19:6d:53:0a:2c:8e:78:38:ac:9b:
                    9f:11:61:4d:b8:6b:de:da:9c:85:71:81:d0:ed:dc:
                    56:38:7d:3d:04:7b:dc:38:cd:14:65:12:22:cc:c9:
                    22:79:89:b7:5b:8d:de:37:26:67:6e:4f:60:76:ea:
                    81:90:82:7f:1b:e7:c8:ad:0f:17:21:df:66:7f:94:
                    34:a8:ae:4b:c5:65:a9:82:fa:6c:1e:22:cf:73:5d:
                    af:09:51:33:f3:01:c0:ea:d8:8c:85:ad:a0:4e:78:
                    81:fb:5f:59:ce:dc:ed:a9:43:10:90:49:20:6a:79:
                    e0:8c:fb:bb:9b:77:6d:f2:95:78:53:9b:8d:c2:8d:
                    a3:a6:54:08:0f:40:76:36:88:bb:27:9b:bc:f2:58:
                    15:e8:da:1e:41:ba:a3:a7:37:18:19:cc:9b:5a:bc:
                    6f:7b:15:39:f5:06:c0:30:fb:b8:b9:41:ed:77:24:
                    ac:e7:f7:b9:41:88:d1:a6:e6:33:bb:aa:98:ee:1d:
                    ed:57:5d:81:14:be:15:6f:6d:46:81:d9:f0:57:51:
                    50:5b:1e:92:3e:5c:78:b7:44:83:52:98:a0:90:cf:
                    97:a7:90:66:c7:f0:f6:3e:68:ee:82:e0:cf:c5:7d:
                    21:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:99:EE:95:0A:31:3A:22:01:BF:79:B3:75:CE:78:00:B7:1A:82:95
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/NpnulQoxOiIBv3mzdc54ALcagpU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.191.128.0/22
                  57.250.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:7d:e3:a5:99:bc:0a:e8:fb:6e:de:a4:b9:e8:39:85:e3:be:
         09:81:a6:c6:a6:43:95:fd:bb:62:9a:cd:32:1b:7f:29:35:d9:
         af:cf:64:4b:63:73:f9:19:1e:86:ba:86:8f:c7:5b:cf:73:26:
         da:0b:b8:86:28:70:91:c8:e5:fd:50:75:ec:a5:02:5f:68:b2:
         2b:7a:f7:32:97:54:12:db:49:ac:5d:44:f3:07:1e:ee:f9:ca:
         dd:0c:f9:ac:e8:f9:ad:37:f3:2f:33:dc:fa:1f:c7:78:8b:e4:
         36:79:8a:3f:30:76:15:e6:27:06:ba:6b:e3:44:fd:59:d3:46:
         6a:5d:fd:cd:c1:7e:fb:30:a4:6b:a5:15:b2:db:55:68:81:73:
         b0:66:60:b8:2b:be:06:f7:46:6a:1b:80:08:c3:26:96:c8:91:
         01:a6:57:c8:54:5c:06:0f:cb:c5:6a:85:aa:e3:a2:96:5d:17:
         5d:8a:58:bb:ce:58:95:7e:20:a3:39:b5:ac:3a:4e:fc:61:a8:
         3d:a6:70:33:0f:cc:16:0c:05:50:56:2b:c6:43:e5:0a:83:10:
         40:ed:1e:7f:bc:47:20:f1:5d:cd:72:b5:90:79:a5:77:f5:59:
         72:e7:68:59:1b:8e:6c:98:05:e4:eb:3c:17:02:e9:72:ec:26:
         e8:80:75:78
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEErVMCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2Q1YmEwODE1YzlmNTE5M2Y4MDk4OWVlODkzYWNhY2M0YmE4ODQ5MB4XDTIyMDEw
MTEyNTkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY5OWVlOTUwYTMx
M2EyMjAxYmY3OWIzNzVjZTc4MDBiNzFhODI5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnYwdG1S8eiMJHP2mUX/deVNX4ZbVMKLI54OKybnxFhTbhr
3tqchXGB0O3cVjh9PQR73DjNFGUSIszJInmJt1uN3jcmZ25PYHbqgZCCfxvnyK0P
FyHfZn+UNKiuS8VlqYL6bB4iz3NdrwlRM/MBwOrYjIWtoE54gftfWc7c7alDEJBJ
IGp54Iz7u5t3bfKVeFObjcKNo6ZUCA9AdjaIuyebvPJYFejaHkG6o6c3GBnMm1q8
b3sVOfUGwDD7uLlB7XckrOf3uUGI0abmM7uqmO4d7VddgRS+FW9tRoHZ8FdRUFse
kj5ceLdEg1KYoJDPl6eQZsfw9j5o7oLgz8V9IcMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ2me6VCjE6IgG/ebN1zngAtxqClTAfBgNVHSMEGDAWgBRD1boIFcn1GT+A
mJ7ok6ysxLqISTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E5VzZDQlhKOVJrX2dKaWU2Sk9zck1TNmlFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNzI4MmI0LTdmMTEtNGVlMC1hYmVhLWUxM2U1NTc5YzVkYy8x
L05wbnVsUW94T2lJQnYzbXpkYzU0QUxjYWdwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NzI4MmI0LTdmMTEtNGVlMC1hYmVhLWUxM2U1NTc5YzVkYy8xL1E5VzZDQlhKOVJr
X2dKaWU2Sk9zck1TNmlFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAjm/gAMEADn63DANBgkqhkiG9w0B
AQsFAAOCAQEAKn3jpZm8Cuj7bt6kueg5heO+CYGmxqZDlf27YprNMht/KTXZr89k
S2Nz+RkehrqGj8dbz3Mm2gu4hihwkcjl/VB17KUCX2iyK3r3MpdUEttJrF1E8wce
7vnK3Qz5rOj5rTfzLzPc+h/HeIvkNnmKPzB2FeYnBrpr40T9WdNGal39zcF++zCk
a6UVsttVaIFzsGZguCu+BvdGahuACMMmlsiRAaZXyFRcBg/LxWqFquOill0XXYpY
u85YlX4gozm1rDpO/GGoPaZwMw/MFgwFUFYrxkPlCoMQQO0ef7xHIPFdzXK1kHml
d/VZcudoWRuObJgF5Os8FwLpcuwm6IB1eA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org