Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/vVBYV8qDMSydqaesbXvBRCh7ma8.roa
File:                     vVBYV8qDMSydqaesbXvBRCh7ma8.roa (raw, json)
Hash identifier:          bygreCSEF5rz4k2zL+ivlorpurQc+2YPROy8/NVsYZc=
Subject key identifier:   BD:50:58:57:CA:83:31:2C:9D:A9:A7:AC:6D:7B:C1:44:28:7B:99:AF
Certificate issuer:       /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial:       01831C8A85D312125C957FB62AD5FB8D1257
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/vVBYV8qDMSydqaesbXvBRCh7ma8.roa
Signing time:             Thu 08 Sep 2022 09:59:43 +0000
ROA not before:           Thu 08 Sep 2022 09:59:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     136744
IP address blocks:        103.35.56.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:1c:8a:85:d3:12:12:5c:95:7f:b6:2a:d5:fb:8d:12:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
        Validity
            Not Before: Sep  8 09:59:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bd505857ca83312c9da9a7ac6d7bc144287b99af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:89:23:5b:be:2e:ff:25:30:3a:7c:0c:15:ff:
                    1c:a8:39:3f:d2:a7:0d:77:fa:50:30:80:be:7b:9c:
                    eb:7a:99:1b:3f:09:37:89:5a:88:84:65:c8:43:4f:
                    ae:9e:22:bc:24:a3:c5:aa:5a:e9:6e:ba:0a:e6:65:
                    71:2a:4a:82:ad:ce:2d:5a:15:aa:8f:c9:df:41:9b:
                    1a:5e:da:b5:c9:00:6c:97:22:4e:24:7a:8e:65:ff:
                    c7:84:f2:5b:b8:2e:bb:9c:00:eb:06:cb:75:b5:27:
                    c0:64:a3:f8:26:63:e0:84:79:97:12:7a:e9:bd:16:
                    80:03:3c:a8:8b:c6:b7:96:66:be:b5:78:e8:2c:de:
                    a2:9d:1e:03:2c:ad:ff:64:52:2c:54:39:07:e4:8d:
                    21:f1:28:e3:2a:ec:3b:5e:50:47:e8:c5:85:e2:5e:
                    bc:c3:a0:5e:cb:f0:5c:ca:69:29:84:91:b7:95:37:
                    4e:47:6c:70:23:e1:f5:6c:92:fd:c8:34:db:cc:aa:
                    a9:b8:10:77:23:5f:31:5b:27:0d:d9:6c:ac:ac:c8:
                    27:29:36:f7:94:e1:83:24:d5:b9:03:99:e2:3e:b3:
                    d2:49:21:a1:e7:18:53:d1:4a:90:00:af:39:6e:1c:
                    ae:a0:25:66:8a:2d:4c:a4:0b:00:1f:a5:bf:84:48:
                    29:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:50:58:57:CA:83:31:2C:9D:A9:A7:AC:6D:7B:C1:44:28:7B:99:AF
            X509v3 Authority Key Identifier:
                keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/vVBYV8qDMSydqaesbXvBRCh7ma8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.35.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:2b:ef:c6:89:86:cf:2c:95:14:25:52:57:37:fb:f6:64:d3:
         ba:03:7b:91:a2:e7:88:a5:69:74:bb:37:d3:96:bb:51:11:bb:
         e9:38:8a:85:68:98:fd:f1:22:1d:3c:79:b0:47:75:74:f5:3f:
         a1:e1:9a:6e:b1:77:df:1a:b5:c1:b6:cf:11:04:0a:9b:79:1a:
         a5:50:87:98:d1:88:73:28:e2:82:b4:f9:9b:a1:0e:1c:28:dc:
         1c:4e:d6:81:52:b4:23:5e:8a:ce:bd:0e:d1:9e:0b:b6:ac:f9:
         be:f2:1a:ff:95:21:5b:46:dd:cd:49:46:d8:44:3a:01:74:40:
         52:68:54:79:5a:0a:91:71:4e:09:97:a3:84:85:f9:ae:19:93:
         3e:44:6e:81:14:c9:51:13:24:85:56:4f:e6:21:10:ef:eb:d6:
         59:70:e5:41:de:a7:72:a9:8a:5d:4a:f3:23:d7:2a:c8:08:27:
         ab:af:79:a9:b3:49:b8:06:ee:e5:3c:b6:1e:c6:63:22:9c:0a:
         bf:68:1a:7a:b3:c7:90:e2:07:05:a2:a5:15:7c:38:97:93:f3:
         58:cb:6b:b8:b2:ef:60:2b:2a:28:d7:be:cb:7d:97:3d:13:db:
         d8:d3:c9:93:4f:a0:0a:aa:eb:7f:23:f6:58:bb:ff:60:2d:d3:
         66:93:4b:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMcioXTEhJclX+2KtX7jRJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjIwOTA4MDk1OTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDUwNTg1N2NhODMzMTJjOWRhOWE3YWM2ZDdiYzE0NDI4N2I5OWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYkjW74u/yUwOnwMFf8cqDk/0qcN
d/pQMIC+e5zrepkbPwk3iVqIhGXIQ0+uniK8JKPFqlrpbroK5mVxKkqCrc4tWhWq
j8nfQZsaXtq1yQBslyJOJHqOZf/HhPJbuC67nADrBst1tSfAZKP4JmPghHmXEnrp
vRaAAzyoi8a3lma+tXjoLN6inR4DLK3/ZFIsVDkH5I0h8SjjKuw7XlBH6MWF4l68
w6Bey/BcymkphJG3lTdOR2xwI+H1bJL9yDTbzKqpuBB3I18xWycN2WysrMgnKTb3
lOGDJNW5A5niPrPSSSGh5xhT0UqQAK85bhyuoCVmii1MpAsAH6W/hEgpRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1QWFfKgzEsnamnrG17wUQoe5mvMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvdlZCWVY4cURNU3lkcWFlc2JYdkJSQ2g3bWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZyM4MA0G
CSqGSIb3DQEBCwUAA4IBAQBLK+/GiYbPLJUUJVJXN/v2ZNO6A3uRoueIpWl0uzfT
lrtREbvpOIqFaJj98SIdPHmwR3V09T+h4ZpusXffGrXBts8RBAqbeRqlUIeY0Yhz
KOKCtPmboQ4cKNwcTtaBUrQjXorOvQ7Rngu2rPm+8hr/lSFbRt3NSUbYRDoBdEBS
aFR5WgqRcU4Jl6OEhfmuGZM+RG6BFMlREySFVk/mIRDv69ZZcOVB3qdyqYpdSvMj
1yrICCerr3mps0m4Bu7lPLYexmMinAq/aBp6s8eQ4gcFoqUVfDiXk/NYy2u4su9g
Kyoo177LfZc9E9vY08mTT6AKqut/I/ZYu/9gLdNmk0vY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org