Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ceb681-05c1-4b17-b778-242e39609fe3/1/L5BYrIJIhXKr72bU43HI6QRLudo.roa
File:                     L5BYrIJIhXKr72bU43HI6QRLudo.roa (raw, json)
Hash identifier:          xWZbhsKkikfaVPZCTXnxuAkALLr550nNVGF5Y8H5/bA=
Subject key identifier:   2F:90:58:AC:82:48:85:72:AB:EF:66:D4:E3:71:C8:E9:04:4B:B9:DA
Certificate issuer:       /CN=24f410a4a0e72143884da8443be8296a81a29908
Certificate serial:       01F76E2B
Authority key identifier: 24:F4:10:A4:A0:E7:21:43:88:4D:A8:44:3B:E8:29:6A:81:A2:99:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JPQQpKDnIUOITahEO-gpaoGimQg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/ceb681-05c1-4b17-b778-242e39609fe3/1/L5BYrIJIhXKr72bU43HI6QRLudo.roa
Signing time:             Sat 01 Jan 2022 08:01:34 +0000
ROA not before:           Sat 01 Jan 2022 08:01:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48402
IP address blocks:        5.181.53.0/24 maxlen: 24
                          2a05:5f80::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32992811 (0x1f76e2b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24f410a4a0e72143884da8443be8296a81a29908
        Validity
            Not Before: Jan  1 08:01:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2f9058ac82488572abef66d4e371c8e9044bb9da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:4e:ad:56:64:fe:77:af:38:4d:63:1c:95:70:
                    b9:7d:bf:e1:5b:ef:ac:35:05:89:50:19:93:f8:8a:
                    19:17:4e:d6:94:5b:72:7f:64:ef:cf:aa:b1:63:9c:
                    66:ad:ff:f7:93:be:db:92:11:b4:af:2f:ee:d9:c6:
                    9d:1b:5c:22:b4:89:e1:b3:57:16:ab:82:35:bf:da:
                    25:ff:c6:10:dd:e1:90:06:20:47:8a:3d:38:31:74:
                    9d:88:76:ee:4c:c6:33:ce:83:19:33:28:11:42:71:
                    12:77:fc:ec:38:ba:01:ab:86:01:16:30:56:3b:c7:
                    67:4f:df:c8:e2:51:73:58:69:73:30:3e:e8:52:c1:
                    ba:2b:84:f3:e7:91:04:9e:31:59:30:2a:06:21:6e:
                    7a:88:14:ed:a3:3b:c9:7b:d4:53:7a:f1:a0:02:7f:
                    35:45:1e:2c:54:47:3d:0a:e8:57:53:95:f7:ed:78:
                    19:95:28:5f:6c:f3:53:76:6b:5c:44:e6:41:c4:ab:
                    89:26:09:d6:45:b9:77:9b:a8:31:26:db:c3:ab:0d:
                    51:06:58:27:87:79:a0:5a:a1:d9:5f:ce:93:b1:02:
                    b9:66:15:f7:fe:40:ca:e1:53:cf:db:6d:e1:ef:32:
                    55:bc:40:c1:dd:77:34:6d:e2:b4:bb:f9:54:cc:79:
                    bf:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:90:58:AC:82:48:85:72:AB:EF:66:D4:E3:71:C8:E9:04:4B:B9:DA
            X509v3 Authority Key Identifier:
                keyid:24:F4:10:A4:A0:E7:21:43:88:4D:A8:44:3B:E8:29:6A:81:A2:99:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JPQQpKDnIUOITahEO-gpaoGimQg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ceb681-05c1-4b17-b778-242e39609fe3/1/L5BYrIJIhXKr72bU43HI6QRLudo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ceb681-05c1-4b17-b778-242e39609fe3/1/JPQQpKDnIUOITahEO-gpaoGimQg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.53.0/24
                IPv6:
                  2a05:5f80::/29

    Signature Algorithm: sha256WithRSAEncryption
         16:5c:cb:3e:63:c0:b1:2d:ac:86:c0:f7:53:98:cd:e7:4f:8b:
         5b:c1:a6:94:0e:97:d0:b0:39:21:3e:7a:fb:ee:22:59:51:85:
         55:58:ef:cf:d7:71:eb:76:8f:0e:8d:0a:2f:f2:98:fd:27:b8:
         a5:89:dc:3f:ce:37:ff:88:6c:a3:4c:e8:53:af:fd:e9:dd:b7:
         ae:fe:dc:c9:28:df:ee:21:2b:dd:28:5b:b5:b4:42:df:a5:20:
         f4:79:47:48:32:aa:03:58:27:cd:60:8a:85:0b:37:66:ab:e7:
         8f:ca:93:79:eb:a6:34:c6:cb:6e:3c:0e:32:b4:d0:21:de:94:
         7b:1d:f1:3d:d6:06:db:ad:e9:f1:ad:4b:d1:cf:fc:5b:18:ef:
         15:8a:ca:83:59:8a:9d:b6:1b:c2:66:1e:62:d2:68:25:27:e4:
         6b:2c:65:ea:cd:06:cb:08:ba:2f:db:4e:fd:83:57:b4:6f:94:
         80:37:0d:e7:a3:c3:17:a1:ca:17:1e:77:2d:89:15:2f:60:ab:
         fa:55:10:51:f0:61:fe:5c:16:4f:c0:51:5b:f2:c7:24:c4:32:
         2d:8f:29:a3:2c:01:68:0f:dc:e6:4b:6f:f5:a1:52:57:94:03:
         5e:10:5b:04:88:4a:0a:dc:6a:f4:3d:30:65:9c:35:59:d0:8d:
         e6:1d:c3:95
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAfduKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGY0MTBhNGEwZTcyMTQzODg0ZGE4NDQzYmU4Mjk2YTgxYTI5OTA4MB4XDTIyMDEw
MTA4MDEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmY5MDU4YWM4MjQ4
ODU3MmFiZWY2NmQ0ZTM3MWM4ZTkwNDRiYjlkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxOrVZk/nevOE1jHJVwuX2/4VvvrDUFiVAZk/iKGRdO1pRb
cn9k78+qsWOcZq3/95O+25IRtK8v7tnGnRtcIrSJ4bNXFquCNb/aJf/GEN3hkAYg
R4o9ODF0nYh27kzGM86DGTMoEUJxEnf87Di6AauGARYwVjvHZ0/fyOJRc1hpczA+
6FLBuiuE8+eRBJ4xWTAqBiFueogU7aM7yXvUU3rxoAJ/NUUeLFRHPQroV1OV9+14
GZUoX2zzU3ZrXETmQcSriSYJ1kW5d5uoMSbbw6sNUQZYJ4d5oFqh2V/Ok7ECuWYV
9/5AyuFTz9tt4e8yVbxAwd13NG3itLv5VMx5v8cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQvkFisgkiFcqvvZtTjccjpBEu52jAfBgNVHSMEGDAWgBQk9BCkoOchQ4hN
qEQ76ClqgaKZCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pQUVFwS0RuSVVPSVRhaEVPLWdwYW9HaW1RZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvY2ViNjgxLTA1YzEtNGIxNy1iNzc4LTI0MmUzOTYwOWZlMy8x
L0w1QllySUpJaFhLcjcyYlU0M0hJNlFSTHVkby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
Y2ViNjgxLTA1YzEtNGIxNy1iNzc4LTI0MmUzOTYwOWZlMy8xL0pQUVFwS0RuSVVP
SVRhaEVPLWdwYW9HaW1RZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAAW1NTANBAIAAjAHAwUDKgVfgDAN
BgkqhkiG9w0BAQsFAAOCAQEAFlzLPmPAsS2shsD3U5jN50+LW8GmlA6X0LA5IT56
++4iWVGFVVjvz9dx63aPDo0KL/KY/Se4pYncP843/4hso0zoU6/96d23rv7cySjf
7iEr3ShbtbRC36Ug9HlHSDKqA1gnzWCKhQs3Zqvnj8qTeeumNMbLbjwOMrTQId6U
ex3xPdYG263p8a1L0c/8WxjvFYrKg1mKnbYbwmYeYtJoJSfkayxl6s0Gywi6L9tO
/YNXtG+UgDcN56PDF6HKFx53LYkVL2Cr+lUQUfBh/lwWT8BRW/LHJMQyLY8poywB
aA/c5ktv9aFSV5QDXhBbBIhKCtxq9D0wZZw1WdCN5h3DlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org