Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4c9fbe-1725-4116-9ef3-0af2c5c4cc0f/1/bJUmDkZHuTHZR5HRXoEkJTr_ZbA.roa
File:                     bJUmDkZHuTHZR5HRXoEkJTr_ZbA.roa (raw, json)
Hash identifier:          l7Pk7rJrUv4OEHzM2HR4bSyZwq4IZXmnL7vDCI6lsJ8=
Subject key identifier:   6C:95:26:0E:46:47:B9:31:D9:47:91:D1:5E:81:24:25:3A:FF:65:B0
Certificate issuer:       /CN=a3de4c3b6daa5a698bf307cc391282ab2987d617
Certificate serial:       01833796308C9887CC97E73F43A2C0F0F14C
Authority key identifier: A3:DE:4C:3B:6D:AA:5A:69:8B:F3:07:CC:39:12:82:AB:29:87:D6:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o95MO22qWmmL8wfMORKCqymH1hc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/4c9fbe-1725-4116-9ef3-0af2c5c4cc0f/1/bJUmDkZHuTHZR5HRXoEkJTr_ZbA.roa
Signing time:             Tue 13 Sep 2022 16:02:13 +0000
ROA not before:           Tue 13 Sep 2022 16:02:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57711
IP address blocks:        171.25.248.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:37:96:30:8c:98:87:cc:97:e7:3f:43:a2:c0:f0:f1:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3de4c3b6daa5a698bf307cc391282ab2987d617
        Validity
            Not Before: Sep 13 16:02:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c95260e4647b931d94791d15e8124253aff65b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:2f:d0:12:ee:74:e3:e7:19:96:74:ed:82:54:
                    0d:bf:2a:27:3b:ab:7b:86:dd:d3:e1:f2:44:c1:e4:
                    be:53:f9:c7:09:24:11:c7:ef:a9:4a:20:b6:29:38:
                    52:07:24:44:25:54:e9:9b:e2:d3:b2:3c:d6:1c:23:
                    76:4a:99:44:08:8f:60:d2:77:cd:cc:5e:e0:d4:42:
                    c3:36:c2:a1:27:47:7b:ba:a6:ac:9d:6b:69:a0:4f:
                    dd:01:57:38:ac:f8:a5:35:19:9b:2c:18:b1:8a:01:
                    3b:3a:77:20:8d:0d:c7:81:ae:d8:d4:f7:a9:de:03:
                    80:c0:1f:28:60:cb:3d:ce:ec:b8:b4:2b:3b:f9:91:
                    84:88:b9:f9:5f:ac:da:fb:04:5d:5d:36:77:7f:01:
                    81:d8:f4:5c:b8:de:3a:cb:64:4b:c3:f5:73:b0:cc:
                    3c:97:6e:3c:72:23:18:6b:15:fc:d4:3f:da:6e:92:
                    6a:b2:1a:4e:05:26:a9:b8:86:3f:17:1a:6e:2b:21:
                    1c:ab:86:49:11:31:85:d6:f2:0d:33:45:38:a1:7a:
                    d1:c5:13:7d:09:4f:6a:23:77:51:2d:20:cb:63:97:
                    42:a6:9e:50:16:e8:f2:57:01:de:64:3c:9f:1e:05:
                    83:21:b8:5d:73:63:d1:dc:70:64:a8:e5:8e:3d:09:
                    98:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:95:26:0E:46:47:B9:31:D9:47:91:D1:5E:81:24:25:3A:FF:65:B0
            X509v3 Authority Key Identifier:
                keyid:A3:DE:4C:3B:6D:AA:5A:69:8B:F3:07:CC:39:12:82:AB:29:87:D6:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o95MO22qWmmL8wfMORKCqymH1hc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c9fbe-1725-4116-9ef3-0af2c5c4cc0f/1/bJUmDkZHuTHZR5HRXoEkJTr_ZbA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c9fbe-1725-4116-9ef3-0af2c5c4cc0f/1/o95MO22qWmmL8wfMORKCqymH1hc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  171.25.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         34:9c:f6:23:30:b5:a6:eb:26:70:9b:ad:00:7e:31:4e:6d:4b:
         57:55:d1:ee:86:1f:60:69:33:60:88:4b:d1:9c:69:b2:a4:5c:
         d4:e1:cd:2c:40:5f:9b:ab:c3:14:ab:e1:91:01:60:af:49:85:
         12:49:c2:bb:fd:3e:7f:6f:fd:40:c8:10:e3:0f:83:46:8e:11:
         35:80:49:31:cf:f4:56:3b:79:58:29:2e:bc:5a:cc:26:fd:ae:
         88:ce:e7:de:66:a3:f1:a4:5d:0a:e0:9b:00:b1:30:45:97:b0:
         a9:97:41:36:7c:70:ff:f5:34:94:c0:6b:63:d6:da:76:02:bb:
         1d:04:cb:88:ff:ed:2f:1a:f1:ad:8a:08:16:64:44:64:cd:18:
         d2:87:24:ef:b8:0c:83:b0:bd:41:47:39:ce:1f:9a:22:a2:06:
         eb:e4:23:2e:ba:84:c4:e6:c7:a7:b6:57:fe:90:7a:66:2f:02:
         0a:b8:9b:d7:47:3d:e2:33:06:95:c1:e9:56:14:0c:e4:5f:c6:
         2f:d0:e5:67:83:be:78:ec:6b:44:4d:d7:f7:d8:92:c9:0f:cb:
         05:bb:a0:15:68:95:b5:79:20:2f:00:4c:fb:be:eb:fa:2d:02:
         27:7b:61:cd:1d:37:6a:5d:e7:67:d2:ab:a7:28:b3:5a:63:6b:
         56:09:d5:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM3ljCMmIfMl+c/Q6LA8PFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZGU0YzNiNmRhYTVhNjk4YmYzMDdjYzM5MTI4MmFiMjk4
N2Q2MTcwHhcNMjIwOTEzMTYwMjEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzk1MjYwZTQ2NDdiOTMxZDk0NzkxZDE1ZTgxMjQyNTNhZmY2NWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhi/QEu504+cZlnTtglQNvyonO6t7
ht3T4fJEweS+U/nHCSQRx++pSiC2KThSByREJVTpm+LTsjzWHCN2SplECI9g0nfN
zF7g1ELDNsKhJ0d7uqasnWtpoE/dAVc4rPilNRmbLBixigE7OncgjQ3Hga7Y1Pep
3gOAwB8oYMs9zuy4tCs7+ZGEiLn5X6za+wRdXTZ3fwGB2PRcuN46y2RLw/VzsMw8
l248ciMYaxX81D/abpJqshpOBSapuIY/FxpuKyEcq4ZJETGF1vINM0U4oXrRxRN9
CU9qI3dRLSDLY5dCpp5QFujyVwHeZDyfHgWDIbhdc2PR3HBkqOWOPQmY/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyVJg5GR7kx2UeR0V6BJCU6/2WwMB8GA1UdIwQY
MBaAFKPeTDttqlppi/MHzDkSgqsph9YXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzk1TU8yMnFXbW1MOHdmTU9SS0NxeW1IMWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YzlmYmUtMTcyNS00MTE2LTllZjMt
MGFmMmM1YzRjYzBmLzEvYkpVbURrWkh1VEhaUjVIUlhvRWtKVHJfWmJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YzlmYmUtMTcyNS00MTE2LTllZjMtMGFmMmM1YzRjYzBm
LzEvbzk1TU8yMnFXbW1MOHdmTU9SS0NxeW1IMWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqxn4MA0G
CSqGSIb3DQEBCwUAA4IBAQA0nPYjMLWm6yZwm60AfjFObUtXVdHuhh9gaTNgiEvR
nGmypFzU4c0sQF+bq8MUq+GRAWCvSYUSScK7/T5/b/1AyBDjD4NGjhE1gEkxz/RW
O3lYKS68Wswm/a6IzufeZqPxpF0K4JsAsTBFl7Cpl0E2fHD/9TSUwGtj1tp2Arsd
BMuI/+0vGvGtiggWZERkzRjShyTvuAyDsL1BRznOH5oiogbr5CMuuoTE5sentlf+
kHpmLwIKuJvXRz3iMwaVwelWFAzkX8Yv0OVng7547GtETdf32JLJD8sFu6AVaJW1
eSAvAEz7vuv6LQIne2HNHTdqXedn0qunKLNaY2tWCdWg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:07 2024 by rpki-client on console-ams.rpki-client.org