Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/oxpQlRraF98okft5V9y7p-k0jWE.roa
File:                     oxpQlRraF98okft5V9y7p-k0jWE.roa (raw, json)
Hash identifier:          myrU0koaUaymxV4Ca2RKe/GPAjQKoBnIbmZlx+iWMzI=
Subject key identifier:   A3:1A:50:95:1A:DA:17:DF:28:91:FB:79:57:DC:BB:A7:E9:34:8D:61
Certificate issuer:       /CN=4142d3f9b31126e0850265715c9fc32174b557a4
Certificate serial:       071FFA1B
Authority key identifier: 41:42:D3:F9:B3:11:26:E0:85:02:65:71:5C:9F:C3:21:74:B5:57:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QULT-bMRJuCFAmVxXJ_DIXS1V6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/oxpQlRraF98okft5V9y7p-k0jWE.roa
Signing time:             Sat 01 Jan 2022 02:01:54 +0000
ROA not before:           Sat 01 Jan 2022 02:01:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207617
IP address blocks:        45.159.31.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119536155 (0x71ffa1b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4142d3f9b31126e0850265715c9fc32174b557a4
        Validity
            Not Before: Jan  1 02:01:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a31a50951ada17df2891fb7957dcbba7e9348d61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:79:ab:82:d2:97:d9:a2:b0:2b:95:57:31:e7:
                    47:9b:ba:e6:69:47:eb:09:b3:4b:e0:79:46:ef:24:
                    d7:0e:69:ec:f8:b5:ba:2c:57:70:37:49:63:b9:1f:
                    f5:55:e9:f5:f6:32:ec:a7:d7:16:f7:ef:3c:f1:6b:
                    2d:ae:7b:54:f8:6c:a7:f4:74:d8:89:91:f5:44:93:
                    3b:25:59:5d:00:cd:5d:51:c3:5a:f6:9d:10:e2:1b:
                    15:8c:1b:61:c4:e9:f3:e7:4c:f6:12:19:46:86:0e:
                    1c:a5:75:4b:12:f6:69:23:e4:ff:d8:c2:2d:98:3f:
                    a0:68:cf:d1:08:a7:c2:dd:36:d6:5b:e5:ef:da:3d:
                    36:d1:9b:0a:ad:ea:da:ea:14:b2:5c:07:fd:80:ef:
                    9f:22:64:58:53:79:23:ab:49:4f:8c:31:3b:c6:a8:
                    9e:b5:58:8d:d6:8f:26:ed:b7:18:7d:f3:66:31:42:
                    3d:97:87:69:d5:e7:8f:8e:b8:75:80:49:ce:9e:b4:
                    b4:8b:79:54:f6:0c:17:10:10:69:bd:db:2f:b3:6c:
                    1f:9b:6c:5b:d4:8a:40:41:bc:a0:6e:a4:a5:b2:81:
                    de:d7:73:dd:e5:d1:34:70:d0:0e:b8:ed:a2:26:ef:
                    3f:ea:a6:ac:2f:f7:10:8b:0b:f4:a7:45:8b:60:bc:
                    cc:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:1A:50:95:1A:DA:17:DF:28:91:FB:79:57:DC:BB:A7:E9:34:8D:61
            X509v3 Authority Key Identifier:
                keyid:41:42:D3:F9:B3:11:26:E0:85:02:65:71:5C:9F:C3:21:74:B5:57:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QULT-bMRJuCFAmVxXJ_DIXS1V6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/oxpQlRraF98okft5V9y7p-k0jWE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/QULT-bMRJuCFAmVxXJ_DIXS1V6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:41:70:78:b3:b4:56:69:9b:6d:bb:41:22:25:ce:43:76:cd:
         a4:dd:5b:a3:02:ab:78:8f:e1:df:9c:10:89:d7:3b:3f:22:eb:
         32:0b:16:d1:3a:a0:d3:db:45:86:fe:59:6c:d8:b5:17:1e:ab:
         76:dd:f5:eb:d1:94:a6:0a:5f:0c:71:7e:42:d5:e2:37:18:11:
         95:86:c2:61:c5:77:bf:79:85:a7:10:22:2b:b9:a8:31:f1:05:
         1b:56:b6:14:07:5b:56:63:64:0d:0c:7a:f4:34:2f:bb:53:44:
         dd:3c:2a:5e:55:5a:ec:7e:81:ce:7d:2b:eb:d4:fc:08:3e:96:
         19:b6:15:fc:91:86:70:45:9b:53:40:0f:b7:fc:49:39:d0:64:
         ce:27:45:8e:94:18:f6:e8:57:93:16:62:2b:4f:a3:ef:bf:29:
         07:c1:ae:bc:c0:5f:2e:f1:0a:63:f5:50:fd:7e:5c:b5:29:20:
         cd:59:d5:70:58:26:df:99:51:f7:a6:9b:78:e1:a3:62:28:f4:
         f7:cb:35:fe:19:cc:db:d2:f0:53:b7:02:3e:93:38:fd:d6:b4:
         40:b5:64:61:3a:9c:cf:a2:30:2d:58:af:c0:ed:4a:d1:19:6e:
         c5:a2:08:ca:c8:9d:23:d4:1c:cd:1a:42:a5:05:b0:d6:d3:81:
         60:a4:a2:95
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBx/6GzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTQyZDNmOWIzMTEyNmUwODUwMjY1NzE1YzlmYzMyMTc0YjU1N2E0MB4XDTIyMDEw
MTAyMDE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTMxYTUwOTUxYWRh
MTdkZjI4OTFmYjc5NTdkY2JiYTdlOTM0OGQ2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI15q4LSl9misCuVVzHnR5u65mlH6wmzS+B5Ru8k1w5p7Pi1
uixXcDdJY7kf9VXp9fYy7KfXFvfvPPFrLa57VPhsp/R02ImR9USTOyVZXQDNXVHD
WvadEOIbFYwbYcTp8+dM9hIZRoYOHKV1SxL2aSPk/9jCLZg/oGjP0Qinwt021lvl
79o9NtGbCq3q2uoUslwH/YDvnyJkWFN5I6tJT4wxO8aonrVYjdaPJu23GH3zZjFC
PZeHadXnj464dYBJzp60tIt5VPYMFxAQab3bL7NsH5tsW9SKQEG8oG6kpbKB3tdz
3eXRNHDQDrjtoibvP+qmrC/3EIsL9KdFi2C8zH8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSjGlCVGtoX3yiR+3lX3Lun6TSNYTAfBgNVHSMEGDAWgBRBQtP5sxEm4IUC
ZXFcn8MhdLVXpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FVTFQtYk1SSnVDRkFtVnhYSl9ESVhTMVY2US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvYWUxOTUzLWJmYzQtNDJiNS05NTBiLTljOThkMTExOTdiNy8x
L294cFFsUnJhRjk4b2tmdDVWOXk3cC1rMGpXRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
YWUxOTUzLWJmYzQtNDJiNS05NTBiLTljOThkMTExOTdiNy8xL1FVTFQtYk1SSnVD
RkFtVnhYSl9ESVhTMVY2US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2fHzANBgkqhkiG9w0BAQsFAAOC
AQEAOkFweLO0VmmbbbtBIiXOQ3bNpN1bowKreI/h35wQidc7PyLrMgsW0Tqg09tF
hv5ZbNi1Fx6rdt3169GUpgpfDHF+QtXiNxgRlYbCYcV3v3mFpxAiK7moMfEFG1a2
FAdbVmNkDQx69DQvu1NE3TwqXlVa7H6Bzn0r69T8CD6WGbYV/JGGcEWbU0APt/xJ
OdBkzidFjpQY9uhXkxZiK0+j778pB8GuvMBfLvEKY/VQ/X5ctSkgzVnVcFgm35lR
96abeOGjYij098s1/hnM29LwU7cCPpM4/da0QLVkYTqcz6IwLVivwO1K0RluxaII
ysidI9QczRpCpQWw1tOBYKSilQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:46 2024 by rpki-client on console-fra.rpki-client.org