Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LDxEdaVbu6TT_h0VhXbvLiYh2gE.roa
File:                     LDxEdaVbu6TT_h0VhXbvLiYh2gE.roa (raw, json)
Hash identifier:          dM757o6YU1yOFY5OAecwk7j2AQA9ETlJQzZLpZnr1t4=
Subject key identifier:   2C:3C:44:75:A5:5B:BB:A4:D3:FE:1D:15:85:76:EF:2E:26:21:DA:01
Certificate issuer:       /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial:       128C9F89
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LDxEdaVbu6TT_h0VhXbvLiYh2gE.roa
Signing time:             Sat 01 Jan 2022 10:05:50 +0000
ROA not before:           Sat 01 Jan 2022 10:05:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200370
IP address blocks:        5.202.224.0/24 maxlen: 24
                          5.202.225.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 311205769 (0x128c9f89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
        Validity
            Not Before: Jan  1 10:05:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2c3c4475a55bbba4d3fe1d158576ef2e2621da01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:3d:f7:ce:72:ca:ac:76:52:77:76:d2:8f:92:
                    5a:95:fc:85:10:2d:49:7c:db:86:e8:2d:37:0d:a7:
                    dd:37:5e:bc:25:e6:39:a6:eb:33:cf:88:db:63:a1:
                    44:29:6d:97:eb:d8:95:12:a8:8b:2a:62:4a:b8:b2:
                    fa:2e:62:e0:ff:2d:c2:6f:58:9a:60:2c:92:bd:10:
                    47:42:30:0f:2b:a5:54:7c:03:1f:f6:f0:26:b2:72:
                    13:ea:0a:ae:00:ad:1f:bd:e2:4b:be:a8:6b:88:fa:
                    6d:4a:14:69:50:c1:64:cb:ab:21:d8:03:64:cf:31:
                    44:44:60:5a:ad:eb:9d:b7:93:9a:89:0a:b0:0f:e0:
                    4c:89:57:f2:09:fa:7d:3d:0b:db:f9:05:d7:39:e0:
                    94:87:ec:3c:27:0d:07:f3:ad:09:3f:94:11:81:64:
                    3a:6d:75:91:36:1c:82:86:c8:66:cb:bc:93:f7:a5:
                    77:75:df:da:fa:3a:68:2f:2d:d4:fc:28:00:40:68:
                    4e:46:07:0b:5a:65:14:03:31:91:1c:39:8c:9e:af:
                    db:65:e6:1f:01:ee:7f:b3:71:0c:85:67:68:37:4b:
                    e7:f2:ee:23:06:e5:f3:e8:8c:08:35:be:0c:ff:5c:
                    c8:b4:98:47:3b:04:ca:8c:b3:0d:46:47:57:60:a3:
                    20:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:3C:44:75:A5:5B:BB:A4:D3:FE:1D:15:85:76:EF:2E:26:21:DA:01
            X509v3 Authority Key Identifier:
                keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LDxEdaVbu6TT_h0VhXbvLiYh2gE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.202.224.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:7c:8d:d4:f8:4a:98:30:fa:ca:91:bd:f4:24:62:64:4f:83:
         02:c3:88:1b:79:a4:4e:a2:51:53:4d:5a:91:9c:b8:d6:c3:b1:
         e1:5d:11:59:6a:fc:f2:e5:9a:c2:d9:8a:2c:b4:05:37:38:d0:
         1b:71:59:fd:30:2a:41:82:7f:0f:fb:67:9b:d5:46:26:a3:7a:
         b1:48:08:17:0a:96:08:26:73:85:b7:82:b7:16:b9:34:72:b1:
         93:68:de:f2:23:a1:c5:f5:d5:03:0e:08:1b:9e:2f:83:fb:09:
         1d:a7:65:11:96:e2:f0:ec:38:44:db:bc:31:73:30:02:be:f3:
         7d:30:46:64:55:4f:e0:3d:51:7c:c5:57:47:a8:c1:64:fd:45:
         66:fb:a8:ba:53:b6:d0:e2:ae:a6:f0:4a:8c:f1:9e:a7:98:0e:
         27:85:7e:55:04:73:0b:7d:e4:bb:f4:55:4c:0c:38:3a:6d:7f:
         43:5f:81:b3:05:76:de:a4:e4:f9:5f:73:bc:a0:00:9c:83:2d:
         d5:63:b0:2b:8d:ab:3a:87:28:40:60:7b:3f:56:f0:aa:98:93:
         b0:85:17:11:d6:cc:71:bf:c4:0d:95:78:2a:63:36:56:fd:ab:
         ce:23:e6:eb:8c:e6:cc:f2:df:67:c2:ae:7c:ad:3b:c9:67:10:
         98:76:2d:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEoyfiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTFlNjkzNjhhYmQzNDUzOGZlNzdkZGFhYmNkYzgzNWFmNTk1ZWJhMB4XDTIyMDEw
MTEwMDU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmMzYzQ0NzVhNTVi
YmJhNGQzZmUxZDE1ODU3NmVmMmUyNjIxZGEwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL49985yyqx2Und20o+SWpX8hRAtSXzbhugtNw2n3TdevCXm
OabrM8+I22OhRCltl+vYlRKoiypiSriy+i5i4P8twm9YmmAskr0QR0IwDyulVHwD
H/bwJrJyE+oKrgCtH73iS76oa4j6bUoUaVDBZMurIdgDZM8xRERgWq3rnbeTmokK
sA/gTIlX8gn6fT0L2/kF1znglIfsPCcNB/OtCT+UEYFkOm11kTYcgobIZsu8k/el
d3Xf2vo6aC8t1PwoAEBoTkYHC1plFAMxkRw5jJ6v22XmHwHuf7NxDIVnaDdL5/Lu
Iwbl8+iMCDW+DP9cyLSYRzsEyoyzDUZHV2CjIOMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQsPER1pVu7pNP+HRWFdu8uJiHaATAfBgNVHSMEGDAWgBSaHmk2ir00U4/n
fdqrzcg1r1leujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21oNXBOb3E5TkZPUDUzM2FxODNJTmE5Wlhyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8x
L0xEeEVkYVZidTZUVF9oMFZoWGJ2TGlZaDJnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
Nzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8xL21oNXBOb3E5TkZP
UDUzM2FxODNJTmE5Wlhyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQXK4DANBgkqhkiG9w0BAQsFAAOC
AQEAO3yN1PhKmDD6ypG99CRiZE+DAsOIG3mkTqJRU01akZy41sOx4V0RWWr88uWa
wtmKLLQFNzjQG3FZ/TAqQYJ/D/tnm9VGJqN6sUgIFwqWCCZzhbeCtxa5NHKxk2je
8iOhxfXVAw4IG54vg/sJHadlEZbi8Ow4RNu8MXMwAr7zfTBGZFVP4D1RfMVXR6jB
ZP1FZvuoulO20OKupvBKjPGep5gOJ4V+VQRzC33ku/RVTAw4Om1/Q1+BswV23qTk
+V9zvKAAnIMt1WOwK42rOocoQGB7P1bwqpiTsIUXEdbMcb/EDZV4KmM2Vv2rziPm
64zmzPLfZ8KufK07yWcQmHYtAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org