Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ceb681-05c1-4b17-b778-242e39609fe3/1/atObNE1jHi102JYq8JlDI4LzyQM.roa
File:                     atObNE1jHi102JYq8JlDI4LzyQM.roa (raw, json)
Hash identifier:          Nl/PVC1oeM0ZRht0nE3n1xzb9vMTDMfxfh0pUCTNIWo=
Subject key identifier:   6A:D3:9B:34:4D:63:1E:2D:74:D8:96:2A:F0:99:43:23:82:F3:C9:03
Certificate issuer:       /CN=24f410a4a0e72143884da8443be8296a81a29908
Certificate serial:       02425EB7
Authority key identifier: 24:F4:10:A4:A0:E7:21:43:88:4D:A8:44:3B:E8:29:6A:81:A2:99:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JPQQpKDnIUOITahEO-gpaoGimQg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/ceb681-05c1-4b17-b778-242e39609fe3/1/atObNE1jHi102JYq8JlDI4LzyQM.roa
Signing time:             Wed 02 Feb 2022 15:57:25 +0000
ROA not before:           Wed 02 Feb 2022 15:57:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210855
IP address blocks:        5.181.53.0/24 maxlen: 24
                          2a05:5f80::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 37904055 (0x2425eb7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24f410a4a0e72143884da8443be8296a81a29908
        Validity
            Not Before: Feb  2 15:57:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6ad39b344d631e2d74d8962af099432382f3c903
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:c2:16:eb:b0:c4:11:67:c6:ae:e8:d0:4f:bc:
                    58:60:42:18:f6:b1:66:60:2a:ba:da:45:bb:03:a5:
                    18:d5:1d:49:90:e2:b6:ce:67:70:d0:eb:e1:22:e5:
                    33:82:54:28:c5:a4:8d:ad:60:54:7c:d1:3a:1b:65:
                    d1:d3:e2:3b:7d:7a:bb:e9:9a:15:4f:c1:f3:ec:17:
                    b8:0a:75:77:90:b7:0d:e6:c0:95:ed:e7:dd:e0:4c:
                    5f:85:7a:e9:ea:e4:23:71:c4:af:79:ff:ce:24:3a:
                    95:cd:38:fe:0b:44:bd:1d:ee:39:ef:ab:79:20:da:
                    8c:6c:49:c8:17:b5:67:2c:91:5f:d1:71:1f:4d:28:
                    77:a6:9a:70:62:f5:d8:da:a4:11:a9:8a:99:57:46:
                    e2:30:3e:30:19:d2:aa:30:ec:d2:69:e4:87:d0:fb:
                    5c:95:a2:6c:ab:ba:d5:ee:5b:1c:0e:55:cd:d0:2f:
                    cf:a6:5c:d8:20:e1:93:b3:96:d8:7b:2c:0c:6c:12:
                    3a:d7:dc:80:32:e5:8a:55:0e:88:2e:90:00:1c:33:
                    b2:6e:b6:6e:15:9d:c1:dd:9d:2b:e3:b9:5c:94:78:
                    ce:db:83:db:b3:b4:42:30:2f:24:d6:f8:2d:5a:c7:
                    90:8e:38:02:7a:2b:63:17:a4:c4:2b:b5:b6:31:49:
                    f9:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:D3:9B:34:4D:63:1E:2D:74:D8:96:2A:F0:99:43:23:82:F3:C9:03
            X509v3 Authority Key Identifier:
                keyid:24:F4:10:A4:A0:E7:21:43:88:4D:A8:44:3B:E8:29:6A:81:A2:99:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JPQQpKDnIUOITahEO-gpaoGimQg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ceb681-05c1-4b17-b778-242e39609fe3/1/atObNE1jHi102JYq8JlDI4LzyQM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ceb681-05c1-4b17-b778-242e39609fe3/1/JPQQpKDnIUOITahEO-gpaoGimQg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.53.0/24
                IPv6:
                  2a05:5f80::/29

    Signature Algorithm: sha256WithRSAEncryption
         90:78:11:4b:cd:4d:ef:4a:66:6b:8b:7c:24:b1:b1:28:79:61:
         44:14:85:af:57:4e:d5:6c:e4:2d:34:01:71:19:4a:cc:19:3c:
         b4:39:6b:14:0a:93:e2:e9:d3:00:af:f1:7f:df:07:7b:30:b0:
         8c:af:ce:d1:12:60:6e:59:36:04:99:2d:1f:a8:8f:18:b5:61:
         72:68:55:f8:43:36:46:fa:80:af:30:99:d1:6e:59:6f:70:45:
         86:30:27:a7:b2:3d:e9:9b:4b:63:cf:4b:69:ac:58:91:ac:57:
         5a:0e:5e:11:98:75:73:d1:7e:82:48:35:a6:39:08:40:81:46:
         61:94:4e:0d:31:f9:de:5a:53:8b:19:59:98:b6:fb:6d:8e:e4:
         2d:62:ff:95:32:53:b7:e1:bb:b0:09:fd:db:39:e4:25:a4:8e:
         00:e3:b4:2d:cc:95:98:6e:aa:c6:71:32:c3:7b:37:d0:77:69:
         45:1a:20:96:12:4b:14:14:a4:a7:bb:79:b6:07:79:ac:7e:e9:
         87:98:b4:d2:60:de:8d:df:d4:c3:bd:f9:9a:e5:8c:7e:5e:5e:
         12:f5:43:4e:11:48:2d:74:07:e4:b2:0f:44:d3:e5:b5:5f:11:
         ff:a7:d0:11:5c:83:03:73:7f:e9:40:a9:0a:60:e9:0e:00:3a:
         6e:1d:1b:26
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAkJetzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGY0MTBhNGEwZTcyMTQzODg0ZGE4NDQzYmU4Mjk2YTgxYTI5OTA4MB4XDTIyMDIw
MjE1NTcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmFkMzliMzQ0ZDYz
MWUyZDc0ZDg5NjJhZjA5OTQzMjM4MmYzYzkwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOrCFuuwxBFnxq7o0E+8WGBCGPaxZmAqutpFuwOlGNUdSZDi
ts5ncNDr4SLlM4JUKMWkja1gVHzROhtl0dPiO316u+maFU/B8+wXuAp1d5C3DebA
le3n3eBMX4V66erkI3HEr3n/ziQ6lc04/gtEvR3uOe+reSDajGxJyBe1ZyyRX9Fx
H00od6aacGL12NqkEamKmVdG4jA+MBnSqjDs0mnkh9D7XJWibKu61e5bHA5VzdAv
z6Zc2CDhk7OW2HssDGwSOtfcgDLlilUOiC6QABwzsm62bhWdwd2dK+O5XJR4ztuD
27O0QjAvJNb4LVrHkI44AnorYxekxCu1tjFJ+XkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRq05s0TWMeLXTYlirwmUMjgvPJAzAfBgNVHSMEGDAWgBQk9BCkoOchQ4hN
qEQ76ClqgaKZCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pQUVFwS0RuSVVPSVRhaEVPLWdwYW9HaW1RZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvY2ViNjgxLTA1YzEtNGIxNy1iNzc4LTI0MmUzOTYwOWZlMy8x
L2F0T2JORTFqSGkxMDJKWXE4SmxESTRMenlRTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
Y2ViNjgxLTA1YzEtNGIxNy1iNzc4LTI0MmUzOTYwOWZlMy8xL0pQUVFwS0RuSVVP
SVRhaEVPLWdwYW9HaW1RZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAAW1NTANBAIAAjAHAwUDKgVfgDAN
BgkqhkiG9w0BAQsFAAOCAQEAkHgRS81N70pma4t8JLGxKHlhRBSFr1dO1WzkLTQB
cRlKzBk8tDlrFAqT4unTAK/xf98HezCwjK/O0RJgblk2BJktH6iPGLVhcmhV+EM2
RvqArzCZ0W5Zb3BFhjAnp7I96ZtLY89LaaxYkaxXWg5eEZh1c9F+gkg1pjkIQIFG
YZRODTH53lpTixlZmLb7bY7kLWL/lTJTt+G7sAn92znkJaSOAOO0LcyVmG6qxnEy
w3s30HdpRRoglhJLFBSkp7t5tgd5rH7ph5i00mDejd/Uw735muWMfl5eEvVDThFI
LXQH5LIPRNPltV8R/6fQEVyDA3N/6UCpCmDpDgA6bh0bJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:26 2024 by rpki-client on console-ams.rpki-client.org