Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/5UE5IGQ0cCW7Z3uozMkBzlYrSRQ.roa
File:                     5UE5IGQ0cCW7Z3uozMkBzlYrSRQ.roa (raw, json)
Hash identifier:          p4kxQpcJ2G5wVCNnAe4CL9LwMVpTs+yDcI6idn93fc0=
Subject key identifier:   E5:41:39:20:64:34:70:25:BB:67:7B:A8:CC:C9:01:CE:56:2B:49:14
Certificate issuer:       /CN=9d0a749ae25c1cbb65871d416a79ab4a884ac468
Certificate serial:       37783080
Authority key identifier: 9D:0A:74:9A:E2:5C:1C:BB:65:87:1D:41:6A:79:AB:4A:88:4A:C4:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/5UE5IGQ0cCW7Z3uozMkBzlYrSRQ.roa
Signing time:             Sat 01 Jan 2022 14:08:23 +0000
ROA not before:           Sat 01 Jan 2022 14:08:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35266
IP address blocks:        185.81.188.0/22 maxlen: 24
                          46.30.8.0/21 maxlen: 24
                          2a01:b000::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 930623616 (0x37783080)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d0a749ae25c1cbb65871d416a79ab4a884ac468
        Validity
            Not Before: Jan  1 14:08:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e541392064347025bb677ba8ccc901ce562b4914
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:d9:89:0d:70:40:dc:96:52:07:93:b3:20:73:
                    05:68:05:fa:ae:83:1f:5d:48:3a:55:f7:a5:f2:76:
                    6b:a9:69:11:4d:4a:7c:1a:0e:10:73:e8:0a:2e:98:
                    1f:e9:3f:d6:20:03:f1:97:f2:e8:8f:e0:60:3e:98:
                    8a:e3:a2:60:c2:88:f3:10:26:07:81:6d:43:9b:80:
                    1e:77:01:ed:b1:f7:29:bf:44:1c:34:0d:de:9c:c0:
                    0e:b5:9e:23:1c:37:5f:d2:ba:4b:1b:a6:12:3b:fa:
                    82:43:4b:90:27:98:fe:a4:10:01:e6:2a:c4:03:50:
                    f0:7d:25:bd:e9:ab:4b:c4:87:60:e2:53:f1:0a:49:
                    9e:c7:68:4b:bc:d0:b9:29:35:01:7f:b2:dd:7c:0f:
                    ff:0c:a6:c3:81:f6:3d:63:af:df:e1:48:d6:3b:69:
                    71:80:a3:42:e6:9b:26:ca:f3:80:77:75:8b:42:6d:
                    7a:21:62:52:ca:65:1d:cd:7d:5a:25:60:57:a7:75:
                    47:13:75:d3:63:87:d9:ff:6f:30:35:d9:66:8a:38:
                    c2:e2:92:b9:02:4a:9b:4d:1b:e9:f8:e4:cc:6f:46:
                    fb:36:07:57:75:96:47:33:82:a3:51:f2:11:21:c6:
                    2b:a6:c3:79:e7:0e:bb:f2:f7:78:bb:e1:fd:4d:4f:
                    af:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:41:39:20:64:34:70:25:BB:67:7B:A8:CC:C9:01:CE:56:2B:49:14
            X509v3 Authority Key Identifier:
                keyid:9D:0A:74:9A:E2:5C:1C:BB:65:87:1D:41:6A:79:AB:4A:88:4A:C4:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/5UE5IGQ0cCW7Z3uozMkBzlYrSRQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/nQp0muJcHLtlhx1BanmrSohKxGg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.30.8.0/21
                  185.81.188.0/22
                IPv6:
                  2a01:b000::/32

    Signature Algorithm: sha256WithRSAEncryption
         b0:ab:82:fe:87:6e:8a:82:f4:d1:19:3f:03:9a:d6:f1:86:b7:
         a8:e4:47:1c:80:e7:4c:93:c6:48:1e:d4:38:71:bf:33:5b:2e:
         05:f2:5b:04:98:03:05:37:e9:d5:29:9e:c8:b8:b1:85:2c:f2:
         42:13:9b:51:2d:f0:12:09:e1:87:f5:8c:39:ee:02:3f:27:b4:
         b4:af:b2:4f:83:dd:1c:6a:c5:5c:d5:ac:9d:8b:de:2d:0f:e6:
         91:7f:38:78:86:6c:40:70:cc:ff:23:53:2d:73:1c:22:d8:47:
         df:eb:d9:46:a0:1d:21:df:7a:f3:a6:e5:e9:87:30:c8:19:17:
         90:eb:66:8d:14:84:5f:e1:ab:20:13:50:79:61:a4:4e:7a:20:
         40:57:9a:35:69:0c:eb:0a:4f:44:91:81:29:2b:fb:1f:87:84:
         f0:ed:2f:c7:13:35:01:43:c9:22:7b:37:f1:39:ff:61:7d:a5:
         e6:34:8c:e6:a0:70:e2:8d:16:fb:2b:7c:9d:0e:c9:6c:1f:0f:
         f4:0a:5e:15:d7:97:fe:fc:6f:0e:a4:7c:10:92:e0:82:85:45:
         28:78:7b:87:46:39:bb:86:6a:cc:9f:91:fd:89:7d:47:dd:f6:
         11:4d:90:08:33:19:38:0c:2f:27:33:0c:74:09:45:57:a6:24:
         43:10:66:6a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEN3gwgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDBhNzQ5YWUyNWMxY2JiNjU4NzFkNDE2YTc5YWI0YTg4NGFjNDY4MB4XDTIyMDEw
MTE0MDgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU0MTM5MjA2NDM0
NzAyNWJiNjc3YmE4Y2NjOTAxY2U1NjJiNDkxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOvZiQ1wQNyWUgeTsyBzBWgF+q6DH11IOlX3pfJ2a6lpEU1K
fBoOEHPoCi6YH+k/1iAD8Zfy6I/gYD6YiuOiYMKI8xAmB4FtQ5uAHncB7bH3Kb9E
HDQN3pzADrWeIxw3X9K6SxumEjv6gkNLkCeY/qQQAeYqxANQ8H0lvemrS8SHYOJT
8QpJnsdoS7zQuSk1AX+y3XwP/wymw4H2PWOv3+FI1jtpcYCjQuabJsrzgHd1i0Jt
eiFiUsplHc19WiVgV6d1RxN102OH2f9vMDXZZoo4wuKSuQJKm00b6fjkzG9G+zYH
V3WWRzOCo1HyESHGK6bDeecOu/L3eLvh/U1Pr1sCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTlQTkgZDRwJbtne6jMyQHOVitJFDAfBgNVHSMEGDAWgBSdCnSa4lwcu2WH
HUFqeatKiErEaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25RcDBtdUpjSEx0bGh4MUJhbm1yU29oS3hHZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvODVkMGE3LWQ4MDItNDFjNC04MWFmLTFhNmQzYzk5ZGM0OC8x
LzVVRTVJR1EwY0NXN1ozdW96TWtCemxZclNSUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ODVkMGE3LWQ4MDItNDFjNC04MWFmLTFhNmQzYzk5ZGM0OC8xL25RcDBtdUpjSEx0
bGh4MUJhbm1yU29oS3hHZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAy4eCAMEArlRvDANBAIAAjAHAwUA
KgGwADANBgkqhkiG9w0BAQsFAAOCAQEAsKuC/oduioL00Rk/A5rW8Ya3qORHHIDn
TJPGSB7UOHG/M1suBfJbBJgDBTfp1SmeyLixhSzyQhObUS3wEgnhh/WMOe4CPye0
tK+yT4PdHGrFXNWsnYveLQ/mkX84eIZsQHDM/yNTLXMcIthH3+vZRqAdId9686bl
6YcwyBkXkOtmjRSEX+GrIBNQeWGkTnogQFeaNWkM6wpPRJGBKSv7H4eE8O0vxxM1
AUPJIns38Tn/YX2l5jSM5qBw4o0W+yt8nQ7JbB8P9ApeFdeX/vxvDqR8EJLggoVF
KHh7h0Y5u4ZqzJ+R/Yl9R932EU2QCDMZOAwvJzMMdAlFV6YkQxBmag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:27 2024 by rpki-client on console-fra.rpki-client.org