Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_Q7x5VIKp8K6slG9W_YGUGYizBY.roa
File:                     _Q7x5VIKp8K6slG9W_YGUGYizBY.roa (raw, json)
Hash identifier:          KtQSWjVScwN30ax4cca12/WNF7vbb6mdg2reqLQ1PrY=
Subject key identifier:   FD:0E:F1:E5:52:0A:A7:C2:BA:B2:51:BD:5B:F6:06:50:66:22:CC:16
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       179D0E3F
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_Q7x5VIKp8K6slG9W_YGUGYizBY.roa
Signing time:             Sat 01 Jan 2022 13:03:26 +0000
ROA not before:           Sat 01 Jan 2022 13:03:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205632
IP address blocks:        5.1.71.0/24 maxlen: 32
                          2a07:6fc0:4::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 396168767 (0x179d0e3f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Jan  1 13:03:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fd0ef1e5520aa7c2bab251bd5bf606506622cc16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:fe:5e:89:2f:d2:47:67:9b:24:55:aa:05:a1:
                    b9:e1:45:52:e8:8b:33:3e:d2:55:b1:02:38:7c:61:
                    c1:91:a2:d7:16:20:e4:05:bc:f0:ad:27:2e:32:6f:
                    ef:23:ae:15:f4:bc:4a:43:a5:f0:56:35:2c:d5:00:
                    d8:8b:d5:c0:13:4c:e0:a6:49:f5:61:a2:82:e7:10:
                    d9:ee:0e:6e:07:3c:c2:38:62:5f:51:97:fe:35:1c:
                    39:01:25:68:72:f7:66:27:a2:7d:f6:41:26:33:9c:
                    5b:43:c7:82:73:9e:39:43:83:86:6e:16:1d:3f:53:
                    5b:f8:56:e4:04:8c:86:2e:94:55:11:91:95:fc:d5:
                    72:de:6c:91:b7:3f:58:86:9d:99:59:0b:90:d5:34:
                    6c:60:ec:71:50:79:83:d7:2c:81:30:6d:89:6f:47:
                    bc:4b:7f:c5:bc:9b:1c:7b:cf:ee:aa:f5:fe:d9:2b:
                    da:55:de:bb:82:84:b8:8a:4b:20:90:6a:c0:7d:b5:
                    96:ed:d9:ba:76:e7:91:90:00:3e:25:99:d1:63:bd:
                    20:85:82:9d:0e:bb:2d:0f:83:31:14:d4:aa:a1:44:
                    d1:13:74:82:95:75:f9:9a:7c:ae:7d:8f:e5:67:27:
                    4c:ba:b2:bc:94:9f:b3:62:1a:6d:68:ef:89:b9:dc:
                    86:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:0E:F1:E5:52:0A:A7:C2:BA:B2:51:BD:5B:F6:06:50:66:22:CC:16
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_Q7x5VIKp8K6slG9W_YGUGYizBY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.1.71.0/24
                IPv6:
                  2a07:6fc0:4::/48

    Signature Algorithm: sha256WithRSAEncryption
         93:1a:f5:a2:67:ec:bf:ef:08:c0:d8:6f:3c:08:61:e3:5a:15:
         d4:7c:64:8d:7d:93:df:0e:16:b5:12:19:a6:d8:df:d5:ba:64:
         6a:f7:2c:20:50:c9:5f:40:3a:52:50:dc:3a:76:53:0a:3a:e2:
         23:29:e8:2d:7f:51:3c:6c:92:03:20:11:ce:5b:e9:fa:31:35:
         21:62:a1:25:b4:78:fc:ad:a4:69:97:ea:a0:94:5a:49:f6:30:
         11:12:fc:49:95:20:d0:0d:a1:43:8b:88:ea:ad:e9:68:3f:59:
         38:56:4e:30:29:18:39:2f:7f:1f:22:67:c8:59:0c:96:f5:ee:
         b1:0e:5b:33:65:0d:c3:2c:48:96:3d:c2:bd:ee:cc:f1:f2:41:
         7e:e3:3e:d6:3a:db:51:89:5d:d0:81:e0:9e:64:25:f5:24:6e:
         e9:e1:1d:78:77:d2:3c:04:7f:b2:55:16:6d:ca:2a:7e:8b:cb:
         ec:2c:92:fd:10:b8:89:c6:ac:f3:8c:b9:07:5c:75:3f:8f:f6:
         fc:8b:15:0e:e4:9a:b2:a5:72:75:c6:57:bb:2d:52:63:78:c2:
         a2:09:e2:49:8a:38:d7:d3:cf:1c:00:dd:a7:08:16:2e:f8:22:
         68:8f:f3:0a:f4:e1:e6:47:01:a3:35:d1:a2:72:55:b5:60:9c:
         1c:74:5b:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEF50OPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQwZWYxZTU1MjBh
YTdjMmJhYjI1MWJkNWJmNjA2NTA2NjIyY2MxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMH+Xokv0kdnmyRVqgWhueFFUuiLMz7SVbECOHxhwZGi1xYg
5AW88K0nLjJv7yOuFfS8SkOl8FY1LNUA2IvVwBNM4KZJ9WGigucQ2e4Obgc8wjhi
X1GX/jUcOQElaHL3ZieiffZBJjOcW0PHgnOeOUODhm4WHT9TW/hW5ASMhi6UVRGR
lfzVct5skbc/WIadmVkLkNU0bGDscVB5g9csgTBtiW9HvEt/xbybHHvP7qr1/tkr
2lXeu4KEuIpLIJBqwH21lu3ZunbnkZAAPiWZ0WO9IIWCnQ67LQ+DMRTUqqFE0RN0
gpV1+Zp8rn2P5WcnTLqyvJSfs2IabWjvibnchrcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT9DvHlUgqnwrqyUb1b9gZQZiLMFjAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L19RN3g1VklLcDhLNnNsRzlXX1lHVUdZaXpCWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAAUBRzAPBAIAAjAJAwcAKgdvwAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQCTGvWiZ+y/7wjA2G88CGHjWhXUfGSNfZPfDha1
Ehmm2N/VumRq9ywgUMlfQDpSUNw6dlMKOuIjKegtf1E8bJIDIBHOW+n6MTUhYqEl
tHj8raRpl+qglFpJ9jAREvxJlSDQDaFDi4jqreloP1k4Vk4wKRg5L38fImfIWQyW
9e6xDlszZQ3DLEiWPcK97szx8kF+4z7WOttRiV3QgeCeZCX1JG7p4R14d9I8BH+y
VRZtyip+i8vsLJL9ELiJxqzzjLkHXHU/j/b8ixUO5JqypXJ1xle7LVJjeMKiCeJJ
ijjX088cAN2nCBYu+CJoj/MK9OHmRwGjNdGiclW1YJwcdFvY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:31 2024 by rpki-client on console-ams.rpki-client.org