Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/0EyX-Bz4hQXjPvmaU6bCgAizaFE.roa
File:                     0EyX-Bz4hQXjPvmaU6bCgAizaFE.roa (raw, json)
Hash identifier:          tJBKspAH+k4PEiUfucO3Bp7TArXtcGrVcxXP9VNBivk=
Subject key identifier:   D0:4C:97:F8:1C:F8:85:05:E3:3E:F9:9A:53:A6:C2:80:08:B3:68:51
Certificate issuer:       /CN=d0ca3c0b196fde0ba74c1487bdcb9c5fa053664b
Certificate serial:       08E7DF38
Authority key identifier: D0:CA:3C:0B:19:6F:DE:0B:A7:4C:14:87:BD:CB:9C:5F:A0:53:66:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Mo8Cxlv3gunTBSHvcucX6BTZks.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/0EyX-Bz4hQXjPvmaU6bCgAizaFE.roa
Signing time:             Sat 01 Jan 2022 00:56:39 +0000
ROA not before:           Sat 01 Jan 2022 00:56:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8637
IP address blocks:        5.180.228.0/22 maxlen: 22
                          5.180.229.0/24 maxlen: 24
                          5.180.228.0/24 maxlen: 24
                          2a0b:c800:1::/48 maxlen: 48
                          2a0b:c800:4::/48 maxlen: 48
                          2a0b:c800:2::/48 maxlen: 48
                          2a0b:c800:3::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 149413688 (0x8e7df38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0ca3c0b196fde0ba74c1487bdcb9c5fa053664b
        Validity
            Not Before: Jan  1 00:56:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d04c97f81cf88505e33ef99a53a6c28008b36851
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:44:59:c5:fd:ad:b3:5b:20:a2:22:f0:2a:8a:
                    a2:43:bb:29:a3:43:e5:69:b1:00:05:df:7d:65:25:
                    e0:27:a3:87:9e:4e:84:a0:f9:11:4d:43:82:19:f4:
                    c5:5a:ea:19:fa:68:e4:6b:53:b6:62:da:7a:1a:a2:
                    ff:df:39:1e:30:29:f9:a9:1f:7e:8b:c3:a6:64:2c:
                    c5:49:d4:fd:ed:84:96:a4:f5:8d:fa:b8:a3:4a:58:
                    d1:6d:82:e1:fa:ea:08:ba:88:d3:f5:52:51:da:42:
                    61:13:a4:40:e9:00:d9:4a:22:dd:37:3a:6a:95:d8:
                    77:3a:4c:47:53:0b:12:66:42:fc:d0:c5:5b:59:41:
                    ad:23:fc:db:90:c7:01:3f:d0:c9:f9:38:30:c8:95:
                    f5:f9:31:a5:d5:c0:ba:34:e7:6a:4c:8e:38:3d:d2:
                    de:ec:93:43:f6:87:05:44:a5:8a:f5:5e:b7:18:7b:
                    74:52:e0:ce:49:a7:7f:c0:8f:20:ab:2d:eb:db:c7:
                    45:38:87:a6:65:25:fa:ab:65:89:4e:e4:61:37:0a:
                    9f:bf:e5:60:ce:f3:0a:ee:b1:c0:fe:c1:bc:f4:2c:
                    b2:fd:d8:9e:30:07:bc:a3:1e:63:4d:c6:45:05:eb:
                    13:c0:1b:aa:b1:27:4c:6b:28:c3:a6:0e:5f:88:dc:
                    95:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:4C:97:F8:1C:F8:85:05:E3:3E:F9:9A:53:A6:C2:80:08:B3:68:51
            X509v3 Authority Key Identifier:
                keyid:D0:CA:3C:0B:19:6F:DE:0B:A7:4C:14:87:BD:CB:9C:5F:A0:53:66:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Mo8Cxlv3gunTBSHvcucX6BTZks.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/0EyX-Bz4hQXjPvmaU6bCgAizaFE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/0Mo8Cxlv3gunTBSHvcucX6BTZks.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.228.0/22
                IPv6:
                  2a0b:c800:1::-2a0b:c800:4:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         00:66:15:13:86:ed:11:b1:af:cb:16:64:5d:cf:fb:a8:58:48:
         58:34:42:b5:3d:b8:82:44:1d:8d:08:6e:24:b2:d7:11:70:da:
         10:61:ec:e5:9e:1c:4f:1b:db:17:54:2e:d9:98:7a:d7:88:7a:
         01:14:05:ac:a4:4a:89:f9:9e:b5:1d:e0:51:b1:79:57:86:eb:
         da:d6:b2:29:11:c0:e7:d2:2e:cb:85:e9:54:4a:e5:bd:38:fe:
         c6:b1:4f:65:2c:31:3f:fe:ff:22:dd:de:24:23:66:aa:00:5f:
         63:bb:0b:29:6a:2c:1d:f3:e6:97:fd:fb:8b:cb:da:1d:e2:7e:
         07:bd:c0:b3:01:ae:6a:dc:0d:55:70:8f:72:a6:10:cb:31:0f:
         3e:d1:e6:cf:4c:05:4a:9e:ac:04:05:8c:3a:35:d4:08:eb:7b:
         32:0d:4c:85:4b:e3:ea:10:cf:81:9c:15:70:94:13:d6:85:b5:
         df:0b:89:17:98:c7:d5:59:ef:8c:d3:a8:1a:8f:16:9c:0c:1a:
         c3:4d:2b:30:a7:e6:b6:1c:2e:b1:5f:0b:bb:32:b3:9d:34:d8:
         be:09:d8:bf:ac:ea:cb:e5:8a:be:45:7f:86:36:ae:f3:08:d1:
         86:c5:8a:84:2d:c1:91:9b:6f:35:7d:94:b6:74:11:8a:6d:12:
         46:c6:eb:8a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECOffODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGNhM2MwYjE5NmZkZTBiYTc0YzE0ODdiZGNiOWM1ZmEwNTM2NjRiMB4XDTIyMDEw
MTAwNTYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA0Yzk3ZjgxY2Y4
ODUwNWUzM2VmOTlhNTNhNmMyODAwOGIzNjg1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOREWcX9rbNbIKIi8CqKokO7KaND5WmxAAXffWUl4Cejh55O
hKD5EU1Dghn0xVrqGfpo5GtTtmLaehqi/985HjAp+akffovDpmQsxUnU/e2ElqT1
jfq4o0pY0W2C4frqCLqI0/VSUdpCYROkQOkA2Uoi3Tc6apXYdzpMR1MLEmZC/NDF
W1lBrSP825DHAT/Qyfk4MMiV9fkxpdXAujTnakyOOD3S3uyTQ/aHBUSlivVetxh7
dFLgzkmnf8CPIKst69vHRTiHpmUl+qtliU7kYTcKn7/lYM7zCu6xwP7BvPQssv3Y
njAHvKMeY03GRQXrE8AbqrEnTGsow6YOX4jclcMCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBTQTJf4HPiFBeM++ZpTpsKACLNoUTAfBgNVHSMEGDAWgBTQyjwLGW/eC6dM
FIe9y5xfoFNmSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBNbzhDeGx2M2d1blRCU0h2Y3VjWDZCVFprcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvODEwMjRmLTUxNzEtNDdjNC1iNWNhLTZiNjMzMzFlZmYwMi8x
LzBFeVgtQno0aFFYalB2bWFVNmJDZ0FpemFGRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
ODEwMjRmLTUxNzEtNDdjNC1iNWNhLTZiNjMzMzFlZmYwMi8xLzBNbzhDeGx2M2d1
blRCU0h2Y3VjWDZCVFprcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEAgW05DAaBAIAAjAUMBIDBwAqC8gA
AAEDBwAqC8gAAAQwDQYJKoZIhvcNAQELBQADggEBAABmFROG7RGxr8sWZF3P+6hY
SFg0QrU9uIJEHY0IbiSy1xFw2hBh7OWeHE8b2xdULtmYeteIegEUBaykSon5nrUd
4FGxeVeG69rWsikRwOfSLsuF6VRK5b04/saxT2UsMT/+/yLd3iQjZqoAX2O7Cylq
LB3z5pf9+4vL2h3ifge9wLMBrmrcDVVwj3KmEMsxDz7R5s9MBUqerAQFjDo11Ajr
ezINTIVL4+oQz4GcFXCUE9aFtd8LiReYx9VZ74zTqBqPFpwMGsNNKzCn5rYcLrFf
C7sys5002L4J2L+s6svlir5Ff4Y2rvMI0YbFioQtwZGbbzV9lLZ0EYptEkbG64o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:55 2024 by rpki-client on console-ams.rpki-client.org