Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/WvI9meQyDUWn7VzmQ6liVBdrRnM.roa
File:                     WvI9meQyDUWn7VzmQ6liVBdrRnM.roa (raw, json)
Hash identifier:          c22mQ7ibHon4yKvWWNXSD7/NGh12j8rAA7gXauuRxgg=
Subject key identifier:   5A:F2:3D:99:E4:32:0D:45:A7:ED:5C:E6:43:A9:62:54:17:6B:46:73
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       12B8BE55
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/WvI9meQyDUWn7VzmQ6liVBdrRnM.roa
Signing time:             Sat 01 Jan 2022 12:59:26 +0000
ROA not before:           Sat 01 Jan 2022 12:59:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25186
IP address blocks:        57.250.254.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 314097237 (0x12b8be55)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Jan  1 12:59:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5af23d99e4320d45a7ed5ce643a96254176b4673
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:49:e4:57:dc:1e:a2:69:01:64:06:6c:96:2f:
                    06:2d:f4:bb:24:fe:e0:18:b6:f2:e5:ab:7c:9d:8f:
                    5b:16:d2:a3:f8:41:cc:0c:54:83:1e:88:b5:b9:1a:
                    1c:8f:95:c7:e7:48:32:c2:eb:cd:ea:37:1a:78:6d:
                    97:ce:6c:ed:aa:90:9e:5e:85:58:20:e5:81:ec:6a:
                    b9:96:d1:a7:07:f6:64:f6:2f:1f:9e:8a:5e:4d:20:
                    c3:88:55:cf:13:af:d6:9d:3c:58:51:f3:53:91:26:
                    fc:a1:6c:cd:a6:a5:7e:ae:24:30:ea:db:db:3b:ad:
                    78:a3:68:0e:8e:6e:47:b5:6f:9d:5c:19:51:64:06:
                    64:39:2c:42:91:12:d7:90:ff:ed:cf:98:f0:94:5b:
                    65:33:17:d1:94:9b:0f:4a:83:e9:35:a1:45:c3:b5:
                    71:47:23:91:65:8e:ed:2c:3c:f0:e9:bf:dd:b5:30:
                    61:f9:37:f5:b8:65:dd:3f:77:16:71:f5:ab:4f:b4:
                    98:5b:a1:23:70:46:e3:62:11:e0:db:17:ca:eb:b9:
                    a5:3f:ed:17:3d:20:48:53:17:13:9e:06:09:bd:bf:
                    a7:82:26:75:01:25:16:11:80:e1:0f:ff:dc:b4:a2:
                    e2:8a:e0:d5:38:80:0a:fb:1e:91:55:ff:a2:8e:d2:
                    84:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:F2:3D:99:E4:32:0D:45:A7:ED:5C:E6:43:A9:62:54:17:6B:46:73
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/WvI9meQyDUWn7VzmQ6liVBdrRnM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.250.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:70:17:1f:d6:04:40:80:75:d9:0b:8c:98:b8:7b:e4:f2:ab:
         89:9f:92:4e:92:b4:ee:8c:86:14:79:c4:4d:62:9d:d8:f7:74:
         e5:3b:d6:96:81:1f:a1:fa:40:c2:4d:f4:93:f7:5d:1b:64:8f:
         dd:4a:93:ad:1e:44:1e:4b:9a:da:39:07:f5:61:d5:17:fc:07:
         95:90:01:38:b4:d9:04:e2:c2:95:b3:03:b2:0c:e4:04:45:c2:
         a4:f0:07:74:f8:a4:f3:f3:11:72:7e:44:1f:74:98:96:22:23:
         86:39:49:c7:04:96:a9:b5:81:4b:ce:99:10:4d:e8:11:b7:c0:
         42:46:f2:8b:8a:ee:a8:76:e8:de:2f:58:11:8e:a4:7e:55:60:
         f2:19:7f:8f:8c:04:6d:dd:22:ac:93:4d:a4:fd:e2:3d:86:8a:
         d0:30:4c:a8:62:b3:33:7c:fc:33:ea:ff:24:b0:8c:42:48:9d:
         db:ec:57:4f:b7:fa:a2:ca:44:66:c0:ba:9f:a2:66:6b:23:ee:
         e0:51:7c:ec:40:44:49:87:d9:2d:af:f4:67:f7:98:8b:8b:d2:
         2c:9d:b9:49:e2:14:c7:e7:50:1d:a3:fc:60:03:06:9a:94:61:
         b4:f8:2a:c9:3d:38:14:0e:13:24:b2:04:aa:cd:0d:06:72:01:
         e7:bc:26:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEri+VTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2Q1YmEwODE1YzlmNTE5M2Y4MDk4OWVlODkzYWNhY2M0YmE4ODQ5MB4XDTIyMDEw
MTEyNTkyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWFmMjNkOTllNDMy
MGQ0NWE3ZWQ1Y2U2NDNhOTYyNTQxNzZiNDY3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxJ5FfcHqJpAWQGbJYvBi30uyT+4Bi28uWrfJ2PWxbSo/hB
zAxUgx6ItbkaHI+Vx+dIMsLrzeo3Gnhtl85s7aqQnl6FWCDlgexquZbRpwf2ZPYv
H56KXk0gw4hVzxOv1p08WFHzU5Em/KFszaalfq4kMOrb2zuteKNoDo5uR7VvnVwZ
UWQGZDksQpES15D/7c+Y8JRbZTMX0ZSbD0qD6TWhRcO1cUcjkWWO7Sw88Om/3bUw
Yfk39bhl3T93FnH1q0+0mFuhI3BG42IR4NsXyuu5pT/tFz0gSFMXE54GCb2/p4Im
dQElFhGA4Q//3LSi4org1TiACvsekVX/oo7ShH0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRa8j2Z5DINRaftXOZDqWJUF2tGczAfBgNVHSMEGDAWgBRD1boIFcn1GT+A
mJ7ok6ysxLqISTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E5VzZDQlhKOVJrX2dKaWU2Sk9zck1TNmlFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNzI4MmI0LTdmMTEtNGVlMC1hYmVhLWUxM2U1NTc5YzVkYy8x
L1d2STltZVF5RFVXbjdWem1RNmxpVkJkclJuTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NzI4MmI0LTdmMTEtNGVlMC1hYmVhLWUxM2U1NTc5YzVkYy8xL1E5VzZDQlhKOVJr
X2dKaWU2Sk9zck1TNmlFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADn6/jANBgkqhkiG9w0BAQsFAAOC
AQEAdHAXH9YEQIB12QuMmLh75PKriZ+STpK07oyGFHnETWKd2Pd05TvWloEfofpA
wk30k/ddG2SP3UqTrR5EHkua2jkH9WHVF/wHlZABOLTZBOLClbMDsgzkBEXCpPAH
dPik8/MRcn5EH3SYliIjhjlJxwSWqbWBS86ZEE3oEbfAQkbyi4ruqHbo3i9YEY6k
flVg8hl/j4wEbd0irJNNpP3iPYaK0DBMqGKzM3z8M+r/JLCMQkid2+xXT7f6ospE
ZsC6n6JmayPu4FF87EBESYfZLa/0Z/eYi4vSLJ25SeIUx+dQHaP8YAMGmpRhtPgq
yT04FA4TJLIEqs0NBnIB57wmuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:48 2024 by rpki-client on console-ams.rpki-client.org