Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faff5-629a-4d2f-b102-a48752b804c7/1/DkqxwAE5pB1Eql5ABQPhRGyFCCI.roa
File:                     DkqxwAE5pB1Eql5ABQPhRGyFCCI.roa (raw, json)
Hash identifier:          RXhaq9pdOKEeUrc9G7hF5vgBeedblUIbqed98gnCz7A=
Subject key identifier:   0E:4A:B1:C0:01:39:A4:1D:44:AA:5E:40:05:03:E1:44:6C:85:08:22
Certificate issuer:       /CN=41274f2c5beb9999b8673c760743c7e7d31cd673
Certificate serial:       740C86
Authority key identifier: 41:27:4F:2C:5B:EB:99:99:B8:67:3C:76:07:43:C7:E7:D3:1C:D6:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QSdPLFvrmZm4Zzx2B0PH59Mc1nM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/5faff5-629a-4d2f-b102-a48752b804c7/1/DkqxwAE5pB1Eql5ABQPhRGyFCCI.roa
Signing time:             Sat 01 Jan 2022 00:53:21 +0000
ROA not before:           Sat 01 Jan 2022 00:53:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210520
IP address blocks:        62.3.16.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7605382 (0x740c86)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41274f2c5beb9999b8673c760743c7e7d31cd673
        Validity
            Not Before: Jan  1 00:53:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0e4ab1c00139a41d44aa5e400503e1446c850822
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:87:25:8e:9b:ce:03:14:cf:b6:d4:7b:99:a6:
                    33:d0:1d:b4:14:0d:16:f4:a5:8d:42:c0:93:72:44:
                    fc:de:bb:e1:16:96:a3:e0:1b:e3:be:03:d1:6e:d4:
                    f3:61:cd:6a:87:af:53:22:a0:77:fc:3b:2e:97:c9:
                    d7:e5:a0:ee:ea:7b:8e:64:b8:35:04:73:5d:8d:f0:
                    be:d0:00:9b:b8:eb:21:ff:fc:a3:b4:8d:50:14:3f:
                    f8:6d:56:8c:4d:9f:ae:ad:f6:7d:d9:35:10:01:d8:
                    ce:2e:60:3c:71:a7:47:75:f2:ca:53:1e:ac:9d:df:
                    00:06:22:84:54:d9:e7:84:f4:d0:19:9a:0a:ba:48:
                    3d:20:9d:a6:48:99:02:77:89:5c:3c:cf:6a:cc:f4:
                    75:33:f1:df:5e:a2:8d:89:d1:c6:1b:db:73:e9:db:
                    74:0f:d1:54:fe:ee:7b:7d:43:3e:28:7c:a6:f0:d4:
                    6d:b7:d5:35:a3:a0:7c:9a:99:cc:fe:a3:c2:94:b1:
                    c7:86:9b:94:fa:fb:96:64:c3:5d:06:4c:54:3f:d6:
                    dc:8f:f9:5a:22:ff:aa:40:e0:81:72:8a:ee:10:c2:
                    56:60:6c:2d:e4:87:72:64:5e:5f:4e:e5:25:78:4d:
                    b5:48:9d:ab:3f:91:26:17:fc:49:91:b9:cc:5a:85:
                    3b:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:4A:B1:C0:01:39:A4:1D:44:AA:5E:40:05:03:E1:44:6C:85:08:22
            X509v3 Authority Key Identifier:
                keyid:41:27:4F:2C:5B:EB:99:99:B8:67:3C:76:07:43:C7:E7:D3:1C:D6:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSdPLFvrmZm4Zzx2B0PH59Mc1nM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faff5-629a-4d2f-b102-a48752b804c7/1/DkqxwAE5pB1Eql5ABQPhRGyFCCI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faff5-629a-4d2f-b102-a48752b804c7/1/QSdPLFvrmZm4Zzx2B0PH59Mc1nM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.3.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:a2:91:f5:d2:5f:64:6d:20:db:8b:55:89:a4:d5:d7:8a:1f:
         e9:54:91:5b:0a:a4:f9:08:61:37:ec:dd:de:aa:5c:82:cc:a0:
         d1:37:0e:31:31:05:e2:da:54:4f:91:b3:57:04:ed:b6:37:58:
         18:e8:d0:f0:cf:75:b8:0f:a7:3f:69:64:a9:a0:06:e1:97:66:
         8a:1e:13:2a:1e:e8:8b:02:7a:d1:f9:39:8b:dc:01:d0:5b:68:
         79:01:d9:d4:d4:6b:7d:ef:bf:2d:a9:c8:35:6e:63:7a:18:8e:
         b9:ad:9c:4f:03:60:37:91:a0:a0:2a:f7:d6:57:3f:58:b7:81:
         c0:6e:da:73:9e:a7:7d:31:3e:db:6c:d7:98:3d:1a:4a:1a:b6:
         bb:c6:d6:97:fc:03:a4:bd:d3:02:e4:c4:08:b3:7b:dd:01:b2:
         c4:1a:33:b5:a4:79:64:5d:88:8e:27:06:79:f5:b5:bb:5c:4b:
         09:07:42:7f:86:33:94:c9:56:15:c8:19:e1:c9:44:62:0d:33:
         a7:63:e5:0d:2c:63:9f:9f:91:96:f1:1e:1b:41:3b:1b:a1:a4:
         a2:0e:31:ae:4e:97:69:8e:9a:64:3d:e1:e4:10:54:18:c6:a6:
         8b:3a:34:17:ad:00:0d:4b:68:52:bf:98:b6:4e:6a:42:39:a0:
         79:04:ab:18
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDdAyGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQx
Mjc0ZjJjNWJlYjk5OTliODY3M2M3NjA3NDNjN2U3ZDMxY2Q2NzMwHhcNMjIwMTAx
MDA1MzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwZTRhYjFjMDAxMzlh
NDFkNDRhYTVlNDAwNTAzZTE0NDZjODUwODIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAz4cljpvOAxTPttR7maYz0B20FA0W9KWNQsCTckT83rvhFpaj
4BvjvgPRbtTzYc1qh69TIqB3/Dsul8nX5aDu6nuOZLg1BHNdjfC+0ACbuOsh//yj
tI1QFD/4bVaMTZ+urfZ92TUQAdjOLmA8cadHdfLKUx6snd8ABiKEVNnnhPTQGZoK
ukg9IJ2mSJkCd4lcPM9qzPR1M/HfXqKNidHGG9tz6dt0D9FU/u57fUM+KHym8NRt
t9U1o6B8mpnM/qPClLHHhpuU+vuWZMNdBkxUP9bcj/laIv+qQOCBcoruEMJWYGwt
5IdyZF5fTuUleE21SJ2rP5EmF/xJkbnMWoU7mQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFA5KscABOaQdRKpeQAUD4URshQgiMB8GA1UdIwQYMBaAFEEnTyxb65mZuGc8
dgdDx+fTHNZzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UVNkUExGdnJtWm00Wnp4MkIwUEg1OU1jMW5NLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kOS81ZmFmZjUtNjI5YS00ZDJmLWIxMDItYTQ4NzUyYjgwNGM3LzEv
RGtxeHdBRTVwQjFFcWw1QUJRUGhSR3lGQ0NJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81
ZmFmZjUtNjI5YS00ZDJmLWIxMDItYTQ4NzUyYjgwNGM3LzEvUVNkUExGdnJtWm00
Wnp4MkIwUEg1OU1jMW5NLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgMQMA0GCSqGSIb3DQEBCwUAA4IB
AQB/opH10l9kbSDbi1WJpNXXih/pVJFbCqT5CGE37N3eqlyCzKDRNw4xMQXi2lRP
kbNXBO22N1gY6NDwz3W4D6c/aWSpoAbhl2aKHhMqHuiLAnrR+TmL3AHQW2h5AdnU
1Gt9778tqcg1bmN6GI65rZxPA2A3kaCgKvfWVz9Yt4HAbtpznqd9MT7bbNeYPRpK
Gra7xtaX/AOkvdMC5MQIs3vdAbLEGjO1pHlkXYiOJwZ59bW7XEsJB0J/hjOUyVYV
yBnhyURiDTOnY+UNLGOfn5GW8R4bQTsboaSiDjGuTpdpjppkPeHkEFQYxqaLOjQX
rQANS2hSv5i2TmpCOaB5BKsY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org