Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Xca90bUdOMUAC6bqkI7UHWCEcR8.roa
File:                     Xca90bUdOMUAC6bqkI7UHWCEcR8.roa (raw, json)
Hash identifier:          B9lUJMrZ5ktzkDMrQmIhPL8l30NhybY6MiyN7sfKuJE=
Subject key identifier:   5D:C6:BD:D1:B5:1D:38:C5:00:0B:A6:EA:90:8E:D4:1D:60:84:71:1F
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       0184EC08748022D36D8B53B3BA276D16FD0F
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Xca90bUdOMUAC6bqkI7UHWCEcR8.roa
Signing time:             Wed 07 Dec 2022 10:01:27 +0000
ROA not before:           Wed 07 Dec 2022 10:01:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15830
IP address blocks:        57.250.40.0/24 maxlen: 24
                          57.250.42.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ec:08:74:80:22:d3:6d:8b:53:b3:ba:27:6d:16:fd:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Dec  7 10:01:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5dc6bdd1b51d38c5000ba6ea908ed41d6084711f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:93:4d:b8:49:aa:56:4f:5a:b3:47:e5:bf:8a:
                    e8:dc:63:e5:02:b2:4a:d5:ec:9b:aa:87:48:60:67:
                    f1:b1:32:22:ba:46:6d:00:97:c5:43:aa:58:48:96:
                    9a:5c:4d:09:b4:14:26:8a:32:ab:89:43:3a:17:ca:
                    51:f2:07:bd:d6:8b:6d:3c:6e:19:e3:ff:46:2b:3e:
                    c7:10:0d:cf:a3:95:0d:3b:a7:bf:90:fd:12:78:5e:
                    03:2e:01:0f:6d:fc:dd:5a:04:5d:24:b3:ed:4d:a8:
                    6d:5c:72:41:8b:8a:e8:23:65:d1:d9:de:c8:38:98:
                    59:39:ec:61:4d:df:39:a3:b0:31:13:6c:c5:91:c3:
                    3a:a1:b2:11:32:ad:28:50:3b:b9:50:34:c9:2b:f2:
                    f2:d1:ae:ed:af:bf:14:25:f2:2a:e1:e3:0b:af:8d:
                    d4:52:17:86:13:d6:5d:4f:49:1b:76:00:05:66:79:
                    45:e9:d6:a9:56:3d:b7:2a:70:cf:bb:c4:3c:b4:e0:
                    2d:9f:d5:30:8c:83:fb:a3:a4:18:d9:ab:58:42:e3:
                    0d:eb:22:e4:c2:2a:8e:de:d4:cc:d1:e2:49:2b:b6:
                    57:32:97:ae:66:be:e5:73:9c:64:03:41:41:3c:01:
                    2c:13:5e:38:5a:36:be:6e:15:54:ed:0d:0d:ab:6f:
                    04:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:C6:BD:D1:B5:1D:38:C5:00:0B:A6:EA:90:8E:D4:1D:60:84:71:1F
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Xca90bUdOMUAC6bqkI7UHWCEcR8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.250.40.0/24
                  57.250.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:56:77:d0:9a:4a:eb:aa:cc:2c:b1:de:64:3f:17:1d:38:65:
         c9:5e:70:a3:46:bf:c8:c7:7f:62:a1:5c:00:fe:66:8f:49:96:
         1b:41:8b:3a:00:2b:27:fb:82:13:53:f4:6f:54:7e:60:c8:0a:
         e2:ce:51:d0:91:cc:07:ac:0e:1a:f9:e6:53:e9:57:06:7e:55:
         a4:ca:d9:f9:93:9a:ac:60:59:bc:3b:9d:73:ca:7f:b8:9d:99:
         ee:45:ee:0f:cc:44:b5:b2:a5:42:0c:f5:a8:db:d1:b0:18:d1:
         b1:0f:41:82:ce:8e:41:10:87:45:10:e7:f5:ff:de:df:95:7b:
         f5:ab:4d:13:d3:64:c7:1c:b5:8a:4f:53:fe:87:15:80:c2:23:
         5e:71:81:57:ab:dc:70:db:2b:d4:cd:7d:f4:46:38:33:77:90:
         aa:02:46:0c:e2:b9:3d:80:c9:2c:c7:da:72:0a:cd:20:04:5e:
         5c:7a:d7:53:41:45:0b:db:45:bb:8f:a6:75:9b:ae:31:ca:8a:
         4c:fc:53:92:00:ad:f3:1c:67:ee:ce:75:34:ad:26:11:de:96:
         af:5d:04:1d:c2:2e:d7:f1:ac:47:7b:59:bf:d2:2e:4f:87:5a:
         9d:fe:be:5f:c5:b6:5c:02:ca:8c:c7:49:ec:24:32:97:21:ab:
         f3:da:ed:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTsCHSAItNti1OzuidtFv0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjIxMjA3MTAwMTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGM2YmRkMWI1MWQzOGM1MDAwYmE2ZWE5MDhlZDQxZDYwODQ3MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpNNuEmqVk9as0flv4ro3GPlArJK
1eybqodIYGfxsTIiukZtAJfFQ6pYSJaaXE0JtBQmijKriUM6F8pR8ge91ottPG4Z
4/9GKz7HEA3Po5UNO6e/kP0SeF4DLgEPbfzdWgRdJLPtTahtXHJBi4roI2XR2d7I
OJhZOexhTd85o7AxE2zFkcM6obIRMq0oUDu5UDTJK/Ly0a7tr78UJfIq4eMLr43U
UheGE9ZdT0kbdgAFZnlF6dapVj23KnDPu8Q8tOAtn9UwjIP7o6QY2atYQuMN6yLk
wiqO3tTM0eJJK7ZXMpeuZr7lc5xkA0FBPAEsE144Wja+bhVU7Q0Nq28EGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF3GvdG1HTjFAAum6pCO1B1ghHEfMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvWGNhOTBiVWRPTVVBQzZicWtJN1VIV0NFY1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAOfooAwQA
OfoqMA0GCSqGSIb3DQEBCwUAA4IBAQBHVnfQmkrrqswssd5kPxcdOGXJXnCjRr/I
x39ioVwA/maPSZYbQYs6ACsn+4ITU/RvVH5gyArizlHQkcwHrA4a+eZT6VcGflWk
ytn5k5qsYFm8O51zyn+4nZnuRe4PzES1sqVCDPWo29GwGNGxD0GCzo5BEIdFEOf1
/97flXv1q00T02THHLWKT1P+hxWAwiNecYFXq9xw2yvUzX30Rjgzd5CqAkYM4rk9
gMksx9pyCs0gBF5cetdTQUUL20W7j6Z1m64xyopM/FOSAK3zHGfuznU0rSYR3pav
XQQdwi7X8axHe1m/0i5Ph1qd/r5fxbZcAsqMx0nsJDKXIavz2u3o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org