Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/aaEfDfUiI--gAS-MtddwWoplxYk.roa
File:                     aaEfDfUiI--gAS-MtddwWoplxYk.roa (raw, json)
Hash identifier:          WG8/CDwRo/mdQ7pnJoDQjpItkThDE7oqHY/evBYrz8s=
Subject key identifier:   69:A1:1F:0D:F5:22:23:EF:A0:01:2F:8C:B5:D7:70:5A:8A:65:C5:89
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       05F5E1B7
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/aaEfDfUiI--gAS-MtddwWoplxYk.roa
Signing time:             Thu 24 Mar 2022 15:32:22 +0000
ROA not before:           Thu 24 Mar 2022 15:32:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        188.214.232.0/23 maxlen: 24
                          188.214.234.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 100000183 (0x5f5e1b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Mar 24 15:32:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=69a11f0df52223efa0012f8cb5d7705a8a65c589
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1c:76:61:51:05:ab:c5:1b:41:1c:88:94:d3:
                    10:b5:e8:63:d7:9f:18:95:ae:4b:02:43:94:86:67:
                    19:c0:bf:e5:5e:66:72:1d:78:f7:2a:a6:c3:02:1d:
                    c7:c1:cf:0a:19:34:ee:09:c7:66:10:65:cf:7a:59:
                    c3:14:78:9f:00:5a:ec:25:21:d3:89:06:f4:42:1f:
                    f4:f9:ab:86:17:9c:65:07:dd:14:87:df:54:2e:9a:
                    c4:0b:d4:d2:a6:7e:b8:2e:1d:6e:ac:03:09:50:38:
                    04:8f:44:de:23:c7:00:06:db:50:32:1d:98:eb:1c:
                    84:ae:58:47:62:03:e3:35:73:cf:b6:fc:b2:c5:bf:
                    83:58:de:e6:f4:be:27:e1:46:84:a0:bd:41:09:06:
                    fa:a6:78:3c:40:f6:bb:a8:c9:48:97:5d:ea:a0:4c:
                    28:e8:3a:35:2e:d3:85:ff:9d:e6:c9:da:0f:fe:ae:
                    bd:97:0c:99:f8:01:e9:65:02:1d:4e:ee:bf:ee:3d:
                    00:69:67:90:5c:fd:be:2a:ff:59:c0:23:e0:7c:7c:
                    0d:b8:5c:17:7c:88:01:40:12:c9:87:64:e5:34:c0:
                    c9:f7:a1:7a:54:3f:14:9b:52:73:0b:23:5c:62:23:
                    3b:b5:e9:87:e5:6d:59:7d:ef:cb:d2:9f:33:ad:03:
                    e3:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:A1:1F:0D:F5:22:23:EF:A0:01:2F:8C:B5:D7:70:5A:8A:65:C5:89
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/aaEfDfUiI--gAS-MtddwWoplxYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.214.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4d:4f:5b:a2:83:d3:61:2d:2e:71:62:18:9d:72:df:af:96:9d:
         4d:29:db:b3:05:3f:04:85:02:14:9b:08:8d:5e:a5:8d:f7:f7:
         c2:0f:df:de:fe:a7:d1:dc:6f:2b:60:6d:bc:73:fc:2e:18:1e:
         ef:02:f5:74:aa:f5:94:99:65:05:64:34:86:96:02:c5:d7:6e:
         b2:e2:14:4f:6e:cb:f4:ed:98:23:0d:5b:ff:90:38:d2:64:c5:
         46:33:9f:84:71:91:a3:cc:0b:85:04:73:82:4b:3f:22:38:2c:
         aa:ce:cf:68:f6:0c:8b:d8:88:6b:93:f4:79:1a:3c:60:04:2b:
         51:04:21:08:17:b2:eb:cb:6b:f7:7f:7c:fb:8f:d1:d4:73:2d:
         94:b5:b5:bd:31:b0:ba:e0:d0:60:ee:29:4a:f4:97:7a:0d:4d:
         8a:da:99:58:b6:be:b9:00:a2:4b:f0:8c:c0:6e:8f:b0:70:01:
         18:c0:96:60:62:00:3f:30:5f:6c:b8:a5:d8:16:13:60:10:42:
         dd:f6:c7:1c:74:bc:55:a0:1e:d6:ca:84:b7:7b:ad:a9:0e:06:
         36:ff:d0:78:40:4f:84:f2:2f:af:9e:fb:49:55:d5:a3:1e:26:
         cf:31:42:b8:de:4d:d4:ed:2d:82:c3:79:5b:00:65:28:f8:b1:
         15:a3:2a:2b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBfXhtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjJmMmU4NmRkN2NjOTEwMTY1OGZmOGQ1YTUyNDE0NDVmY2QxZDZhMB4XDTIyMDMy
NDE1MzIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlhMTFmMGRmNTIy
MjNlZmEwMDEyZjhjYjVkNzcwNWE4YTY1YzU4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUcdmFRBavFG0EciJTTELXoY9efGJWuSwJDlIZnGcC/5V5m
ch149yqmwwIdx8HPChk07gnHZhBlz3pZwxR4nwBa7CUh04kG9EIf9PmrhhecZQfd
FIffVC6axAvU0qZ+uC4dbqwDCVA4BI9E3iPHAAbbUDIdmOschK5YR2ID4zVzz7b8
ssW/g1je5vS+J+FGhKC9QQkG+qZ4PED2u6jJSJdd6qBMKOg6NS7Thf+d5snaD/6u
vZcMmfgB6WUCHU7uv+49AGlnkFz9vir/WcAj4Hx8DbhcF3yIAUASyYdk5TTAyfeh
elQ/FJtScwsjXGIjO7Xph+VtWX3vy9KfM60D45MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRpoR8N9SIj76ABL4y113BaimXFiTAfBgNVHSMEGDAWgBSvLy6G3XzJEBZY
/41aUkFEX80dajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J5OHVodDE4eVJBV1dQLU5XbEpCUkZfTkhXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvZTA4YjhlLWJmMjItNDM1Yy04YjFmLTQ2YmI3YWVjMWYzMC8x
L2FhRWZEZlVpSS0tZ0FTLU10ZGR3V29wbHhZay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
ZTA4YjhlLWJmMjItNDM1Yy04YjFmLTQ2YmI3YWVjMWYzMC8xL3J5OHVodDE4eVJB
V1dQLU5XbEpCUkZfTkhXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArzW6DANBgkqhkiG9w0BAQsFAAOC
AQEATU9booPTYS0ucWIYnXLfr5adTSnbswU/BIUCFJsIjV6ljff3wg/f3v6n0dxv
K2BtvHP8Lhge7wL1dKr1lJllBWQ0hpYCxddusuIUT27L9O2YIw1b/5A40mTFRjOf
hHGRo8wLhQRzgks/Ijgsqs7PaPYMi9iIa5P0eRo8YAQrUQQhCBey68tr9398+4/R
1HMtlLW1vTGwuuDQYO4pSvSXeg1NitqZWLa+uQCiS/CMwG6PsHABGMCWYGIAPzBf
bLil2BYTYBBC3fbHHHS8VaAe1sqEt3utqQ4GNv/QeEBPhPIvr577SVXVox4mzzFC
uN5N1O0tgsN5WwBlKPixFaMqKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org