Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/up0a5kb-vvDB57lEewXBfmYSCP0.roa
File:                     up0a5kb-vvDB57lEewXBfmYSCP0.roa (raw, json)
Hash identifier:          gJTSkbOiRO1mUPIDCg2utFUKvZRBQ9/rk1H2yiXuRmg=
Subject key identifier:   BA:9D:1A:E6:46:FE:BE:F0:C1:E7:B9:44:7B:05:C1:7E:66:12:08:FD
Certificate issuer:       /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial:       0181CE10A40D7BC6DF1A3749315C91A2F9C1
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/up0a5kb-vvDB57lEewXBfmYSCP0.roa
Signing time:             Tue 05 Jul 2022 11:13:25 +0000
ROA not before:           Tue 05 Jul 2022 11:13:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        31.43.164.0/24 maxlen: 24
                          185.255.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:ce:10:a4:0d:7b:c6:df:1a:37:49:31:5c:91:a2:f9:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
        Validity
            Not Before: Jul  5 11:13:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ba9d1ae646febef0c1e7b9447b05c17e661208fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a9:a2:dd:6d:ab:6e:7a:af:17:a2:6a:6c:9a:
                    81:a3:26:67:3f:a3:b5:94:56:fc:8a:42:b4:93:49:
                    94:2b:c9:e5:77:e1:fd:01:32:f2:d0:e7:6d:cb:b8:
                    d6:69:95:72:69:20:01:45:36:c6:2a:4c:df:44:59:
                    09:87:44:63:25:4c:31:de:4c:b4:f6:a0:e2:b3:d3:
                    c7:55:49:ff:a5:8c:85:32:58:66:fa:17:2a:be:cb:
                    27:62:9e:4f:20:a7:2d:7d:69:a8:09:fa:38:24:fe:
                    3c:93:d7:4d:c1:24:90:1b:5d:24:4a:16:05:24:27:
                    b2:22:a5:ab:86:25:dd:48:f8:27:6a:cc:d5:3a:15:
                    c4:07:b8:d0:3f:f3:e1:f5:98:89:41:d5:17:3f:96:
                    a1:39:a6:2f:1a:49:4d:29:b0:c3:3c:ae:3f:e0:8d:
                    02:c8:1b:56:11:99:1d:30:75:29:44:87:54:52:f6:
                    76:1d:42:20:c8:af:8b:25:da:a8:f8:20:0d:d5:f9:
                    f5:e9:1e:ee:52:7f:80:af:19:98:31:2a:9f:8f:b0:
                    f4:9f:8c:cf:7e:05:ff:af:cb:93:ca:62:2f:d3:7a:
                    0c:89:c8:66:2b:e2:e5:e7:51:8f:51:a8:2f:2a:f9:
                    25:e8:62:29:a6:58:76:9a:12:1a:7f:8c:63:8e:d1:
                    2c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:9D:1A:E6:46:FE:BE:F0:C1:E7:B9:44:7B:05:C1:7E:66:12:08:FD
            X509v3 Authority Key Identifier:
                keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/up0a5kb-vvDB57lEewXBfmYSCP0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.43.164.0/24
                  185.255.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:f1:d1:06:83:98:82:08:38:2a:25:e6:22:b3:21:3c:83:90:
         a8:99:34:b7:77:65:b1:3f:9f:f9:18:13:69:4a:be:05:a2:d1:
         51:23:3b:6e:05:9b:cf:6e:20:00:42:f8:66:3f:d1:48:38:fe:
         9c:3a:e7:ab:86:17:89:d9:bf:fd:11:5e:d4:66:58:b7:63:00:
         61:e9:0d:bf:1e:6e:af:cc:9f:37:f3:41:97:66:61:1c:a2:06:
         cd:ea:a8:16:a7:e6:e4:f6:dc:ba:94:80:05:2d:96:41:fc:66:
         d0:39:d9:d1:da:0e:fc:cb:e0:5a:66:7f:1c:74:65:d6:2c:eb:
         26:4e:81:6c:a8:1f:08:63:5d:55:7f:c9:c2:db:54:38:8f:ae:
         2b:c4:4b:e4:0d:43:15:5a:f3:61:55:51:32:fd:80:bd:1e:3e:
         a0:4d:0c:cf:89:51:b5:22:f6:62:97:84:2c:a2:1d:2d:18:03:
         5c:69:5a:7e:fe:cc:59:74:ef:b6:90:15:28:10:ef:39:08:a0:
         da:b1:16:a4:8c:25:f8:37:31:8c:59:47:f9:51:96:01:f5:30:
         44:30:78:d0:86:77:51:bb:21:9f:90:c4:aa:81:eb:ba:d3:a1:
         a2:e1:82:7c:15:18:87:c0:37:97:9a:1b:3e:f4:99:06:fd:13:
         dd:53:96:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHOEKQNe8bfGjdJMVyRovnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjIwNzA1MTExMzI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTlkMWFlNjQ2ZmViZWYwYzFlN2I5NDQ3YjA1YzE3ZTY2MTIwOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqmi3W2rbnqvF6JqbJqBoyZnP6O1
lFb8ikK0k0mUK8nld+H9ATLy0Odty7jWaZVyaSABRTbGKkzfRFkJh0RjJUwx3ky0
9qDis9PHVUn/pYyFMlhm+hcqvssnYp5PIKctfWmoCfo4JP48k9dNwSSQG10kShYF
JCeyIqWrhiXdSPgnaszVOhXEB7jQP/Ph9ZiJQdUXP5ahOaYvGklNKbDDPK4/4I0C
yBtWEZkdMHUpRIdUUvZ2HUIgyK+LJdqo+CAN1fn16R7uUn+ArxmYMSqfj7D0n4zP
fgX/r8uTymIv03oMichmK+Ll51GPUagvKvkl6GIpplh2mhIaf4xjjtEsSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLqdGuZG/r7wwee5RHsFwX5mEgj9MB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvdXAwYTVrYi12dkRCNTdsRWV3WEJmbVlTQ1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHyukAwQA
uf8GMA0GCSqGSIb3DQEBCwUAA4IBAQBp8dEGg5iCCDgqJeYisyE8g5ComTS3d2Wx
P5/5GBNpSr4FotFRIztuBZvPbiAAQvhmP9FIOP6cOuerhheJ2b/9EV7UZli3YwBh
6Q2/Hm6vzJ8380GXZmEcogbN6qgWp+bk9ty6lIAFLZZB/GbQOdnR2g78y+BaZn8c
dGXWLOsmToFsqB8IY11Vf8nC21Q4j64rxEvkDUMVWvNhVVEy/YC9Hj6gTQzPiVG1
IvZil4Qsoh0tGANcaVp+/sxZdO+2kBUoEO85CKDasRakjCX4NzGMWUf5UZYB9TBE
MHjQhndRuyGfkMSqgeu606Gi4YJ8FRiHwDeXmhs+9JkG/RPdU5Yr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org