Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/cLvQGvSC2k7lWhhBs_QlUFjXqXE.roa
File:                     cLvQGvSC2k7lWhhBs_QlUFjXqXE.roa (raw, json)
Hash identifier:          iUwONhOTlQB2JpfUe3DOxiAuRtxkZMGmJzaJCFUVC7g=
Subject key identifier:   70:BB:D0:1A:F4:82:DA:4E:E5:5A:18:41:B3:F4:25:50:58:D7:A9:71
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       12B77494
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/cLvQGvSC2k7lWhhBs_QlUFjXqXE.roa
Signing time:             Sat 01 Jan 2022 12:59:25 +0000
ROA not before:           Sat 01 Jan 2022 12:59:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19545
IP address blocks:        57.250.192.0/19 maxlen: 24
                          57.250.224.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 314012820 (0x12b77494)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Jan  1 12:59:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=70bbd01af482da4ee55a1841b3f4255058d7a971
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:73:60:80:0d:e6:42:8a:31:00:77:8a:ce:14:
                    6b:00:3f:4d:78:32:0f:84:05:52:60:80:79:26:13:
                    c3:19:be:ff:d7:6f:a3:16:4f:bb:58:7e:0c:e0:65:
                    dc:ef:0d:41:d4:b7:b6:3f:66:e3:c4:55:a8:74:9c:
                    de:ec:c9:27:fb:12:26:83:03:8b:cf:95:f0:89:6e:
                    6d:8a:14:95:6e:f1:43:a8:af:71:1a:cc:de:3d:dd:
                    ab:39:4b:81:42:31:72:95:54:0a:30:85:02:47:d5:
                    f0:92:83:79:a9:f7:e6:5f:cf:68:ec:66:6f:58:92:
                    53:6c:35:31:cf:32:eb:79:78:7e:cf:63:69:b8:e9:
                    85:2a:5c:43:fb:73:a4:8d:50:9c:c1:7e:3e:0b:15:
                    ff:63:73:0d:78:a4:c6:17:22:96:9e:a9:c8:7e:50:
                    c2:f8:38:66:b6:fc:6f:31:f0:24:e0:98:75:2a:81:
                    23:2d:13:ce:c2:8d:2e:6e:be:49:c6:ce:07:1c:91:
                    0c:c1:14:5f:63:79:84:90:f3:c0:93:0c:dd:f4:95:
                    d5:b7:97:1e:79:49:13:07:5b:c3:9f:36:3a:fa:e1:
                    d1:2a:eb:36:07:14:81:e1:aa:7d:6e:e1:91:8a:a9:
                    0b:d3:33:0e:03:a1:2c:46:67:fb:a1:f3:0c:3c:8a:
                    be:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:BB:D0:1A:F4:82:DA:4E:E5:5A:18:41:B3:F4:25:50:58:D7:A9:71
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/cLvQGvSC2k7lWhhBs_QlUFjXqXE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.250.192.0-57.250.224.255

    Signature Algorithm: sha256WithRSAEncryption
         3b:27:98:a6:a8:60:0f:b3:6a:4e:f7:39:72:f2:94:55:69:c3:
         db:84:d4:57:9d:7c:67:da:84:4a:4e:e4:59:68:81:f8:4d:90:
         81:52:df:a8:c9:05:3e:09:a5:98:9a:1f:89:85:c0:fc:e3:9d:
         97:ad:8c:4e:c4:3e:53:f5:73:ae:a1:46:08:35:5d:8a:2f:9c:
         db:fd:a8:06:b4:b0:e4:f5:c7:b7:0f:8e:b8:60:2d:a8:16:11:
         aa:95:7c:3a:a9:e1:df:9a:c0:af:9d:b8:12:a0:db:40:60:88:
         02:8a:59:29:46:47:c1:e7:48:ad:94:e5:18:af:71:cd:22:33:
         14:ad:77:4c:5b:67:73:c1:96:1c:0f:e2:a4:b8:03:bf:5a:2e:
         fe:2b:2d:98:38:17:a2:3a:12:d3:3b:d9:b0:8f:eb:ca:ef:49:
         56:50:e0:f3:90:03:7c:67:9d:2d:b3:ad:7f:ce:60:f1:bc:0f:
         d0:5a:73:ee:e0:d5:db:e1:82:be:d8:09:fe:63:a6:51:8d:99:
         69:ee:ed:1e:9d:8f:bb:ea:68:b8:8a:c2:3d:3b:5a:37:ac:88:
         20:6d:87:f3:d1:7b:00:69:01:b8:4f:f4:ab:cb:7f:71:1d:aa:
         a1:10:a2:0a:06:37:18:0f:a0:28:69:26:f7:c0:14:fa:dc:45:
         5e:76:d7:98
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEErd0lDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2Q1YmEwODE1YzlmNTE5M2Y4MDk4OWVlODkzYWNhY2M0YmE4ODQ5MB4XDTIyMDEw
MTEyNTkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBiYmQwMWFmNDgy
ZGE0ZWU1NWExODQxYjNmNDI1NTA1OGQ3YTk3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpzYIAN5kKKMQB3is4UawA/TXgyD4QFUmCAeSYTwxm+/9dv
oxZPu1h+DOBl3O8NQdS3tj9m48RVqHSc3uzJJ/sSJoMDi8+V8IlubYoUlW7xQ6iv
cRrM3j3dqzlLgUIxcpVUCjCFAkfV8JKDean35l/PaOxmb1iSU2w1Mc8y63l4fs9j
abjphSpcQ/tzpI1QnMF+PgsV/2NzDXikxhcilp6pyH5Qwvg4Zrb8bzHwJOCYdSqB
Iy0TzsKNLm6+ScbOBxyRDMEUX2N5hJDzwJMM3fSV1beXHnlJEwdbw582Ovrh0Srr
NgcUgeGqfW7hkYqpC9MzDgOhLEZn+6HzDDyKvkECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRwu9Aa9ILaTuVaGEGz9CVQWNepcTAfBgNVHSMEGDAWgBRD1boIFcn1GT+A
mJ7ok6ysxLqISTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E5VzZDQlhKOVJrX2dKaWU2Sk9zck1TNmlFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNzI4MmI0LTdmMTEtNGVlMC1hYmVhLWUxM2U1NTc5YzVkYy8x
L2NMdlFHdlNDMms3bFdoaEJzX1FsVUZqWHFYRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NzI4MmI0LTdmMTEtNGVlMC1hYmVhLWUxM2U1NTc5YzVkYy8xL1E5VzZDQlhKOVJr
X2dKaWU2Sk9zck1TNmlFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQGOfrAAwQAOfrgMA0GCSqGSIb3
DQEBCwUAA4IBAQA7J5imqGAPs2pO9zly8pRVacPbhNRXnXxn2oRKTuRZaIH4TZCB
Ut+oyQU+CaWYmh+JhcD8452XrYxOxD5T9XOuoUYINV2KL5zb/agGtLDk9ce3D464
YC2oFhGqlXw6qeHfmsCvnbgSoNtAYIgCilkpRkfB50itlOUYr3HNIjMUrXdMW2dz
wZYcD+KkuAO/Wi7+Ky2YOBeiOhLTO9mwj+vK70lWUODzkAN8Z50ts61/zmDxvA/Q
WnPu4NXb4YK+2An+Y6ZRjZlp7u0enY+76mi4isI9O1o3rIggbYfz0XsAaQG4T/Sr
y39xHaqhEKIKBjcYD6AoaSb3wBT63EVedteY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org