Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/Mr745WuhyZHgyN3LAkj8OQGV4oo.roa
File:                     Mr745WuhyZHgyN3LAkj8OQGV4oo.roa (raw, json)
Hash identifier:          05P3CLX3aaR2f8glIAewn4nRyEAcPjM0D8Lf4eEV34A=
Subject key identifier:   32:BE:F8:E5:6B:A1:C9:91:E0:C8:DD:CB:02:48:FC:39:01:95:E2:8A
Certificate issuer:       /CN=a939cc1621ee3010ae98e127bd254a7833fd2827
Certificate serial:       A4D1F9
Authority key identifier: A9:39:CC:16:21:EE:30:10:AE:98:E1:27:BD:25:4A:78:33:FD:28:27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/Mr745WuhyZHgyN3LAkj8OQGV4oo.roa
Signing time:             Sat 01 Jan 2022 05:06:25 +0000
ROA not before:           Sat 01 Jan 2022 05:06:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56623
IP address blocks:        31.133.112.0/24 maxlen: 24
                          31.133.114.0/24 maxlen: 24
                          31.133.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10801657 (0xa4d1f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a939cc1621ee3010ae98e127bd254a7833fd2827
        Validity
            Not Before: Jan  1 05:06:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=32bef8e56ba1c991e0c8ddcb0248fc390195e28a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:2c:7a:a2:a7:7e:c7:cf:be:2f:dc:37:2e:66:
                    68:f7:20:22:76:1c:a4:63:49:3f:89:2a:51:14:93:
                    07:e2:30:9a:7b:2b:d2:48:1a:13:98:be:98:f7:3d:
                    0a:3c:15:93:3e:76:b9:47:e0:d7:57:db:33:0d:d5:
                    c3:27:00:2d:3a:51:53:51:0f:a1:52:5a:be:6e:a0:
                    87:d1:bd:09:de:80:ff:4a:99:a7:68:61:74:89:6f:
                    e7:ef:b6:ad:b6:77:c6:ee:25:07:af:5b:91:70:df:
                    b3:e6:9f:9d:af:8b:63:e8:4b:63:bf:ac:05:ee:f7:
                    4a:ae:74:a1:2f:cd:ed:5d:03:09:20:51:81:7b:cc:
                    09:5a:ea:80:65:ba:43:bf:9a:24:d2:35:1c:07:56:
                    1f:20:dc:81:fb:09:d0:b5:fd:57:85:57:56:8d:bc:
                    90:8f:4a:14:ef:87:ea:24:ac:b7:89:5a:be:5e:db:
                    e9:7d:f9:15:f2:2d:35:9e:53:f7:e2:02:aa:f2:ba:
                    83:96:2b:e8:f1:88:12:fd:ad:ce:06:24:d8:14:43:
                    6a:b6:7e:e6:b7:6c:ad:29:c4:a7:ea:bb:86:5e:e3:
                    ce:ec:ac:50:80:2e:be:25:af:82:e0:00:1d:0a:b3:
                    b3:17:70:82:45:e6:e2:48:ec:db:7e:35:4d:68:a1:
                    79:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:BE:F8:E5:6B:A1:C9:91:E0:C8:DD:CB:02:48:FC:39:01:95:E2:8A
            X509v3 Authority Key Identifier:
                keyid:A9:39:CC:16:21:EE:30:10:AE:98:E1:27:BD:25:4A:78:33:FD:28:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/Mr745WuhyZHgyN3LAkj8OQGV4oo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/qTnMFiHuMBCumOEnvSVKeDP9KCc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.133.112.0-31.133.114.255

    Signature Algorithm: sha256WithRSAEncryption
         ac:06:eb:30:ca:00:41:b0:8b:cb:65:d1:bb:d1:db:b0:06:1c:
         ef:ce:38:e6:73:72:a9:bb:d3:93:d3:38:ef:5b:4e:8a:df:7b:
         e9:70:85:81:58:e3:f7:06:0b:e5:fb:44:be:e0:cc:53:50:2a:
         ac:03:69:cc:8d:1d:29:d7:08:ab:0c:54:66:2c:d7:10:67:81:
         ac:c8:f9:c8:4a:55:45:d8:4c:a1:5a:7b:46:7e:a7:3d:c9:e0:
         bd:9f:85:c7:64:93:fc:fe:be:7b:60:b7:73:cb:27:84:a3:04:
         72:65:28:fa:6b:76:5a:0e:da:1b:a6:33:4a:c0:c2:30:33:e6:
         cf:c6:55:25:2c:df:8e:d2:39:d8:32:cc:11:36:2e:0b:6a:58:
         70:4e:98:44:dd:76:88:48:6a:ff:5d:49:63:d8:18:79:4b:34:
         b7:35:7e:ee:1d:11:21:79:5a:aa:8a:0b:e3:6c:ab:8c:5b:df:
         c6:76:69:e6:17:e2:9f:47:84:df:37:1f:71:a8:a6:3b:86:00:
         c2:5d:7b:e4:90:54:41:93:22:02:b1:97:be:0f:70:29:41:f0:
         82:0a:0c:71:72:dc:a8:a6:6e:69:45:89:9f:11:b5:a4:90:6c:
         ac:30:14:68:ec:e4:65:1a:5c:77:d8:80:c9:bf:d8:30:a1:15:
         2d:ac:27:e7
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAKTR+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OTM5Y2MxNjIxZWUzMDEwYWU5OGUxMjdiZDI1NGE3ODMzZmQyODI3MB4XDTIyMDEw
MTA1MDYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJiZWY4ZTU2YmEx
Yzk5MWUwYzhkZGNiMDI0OGZjMzkwMTk1ZTI4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOcseqKnfsfPvi/cNy5maPcgInYcpGNJP4kqURSTB+Iwmnsr
0kgaE5i+mPc9CjwVkz52uUfg11fbMw3VwycALTpRU1EPoVJavm6gh9G9Cd6A/0qZ
p2hhdIlv5++2rbZ3xu4lB69bkXDfs+afna+LY+hLY7+sBe73Sq50oS/N7V0DCSBR
gXvMCVrqgGW6Q7+aJNI1HAdWHyDcgfsJ0LX9V4VXVo28kI9KFO+H6iSst4lavl7b
6X35FfItNZ5T9+ICqvK6g5Yr6PGIEv2tzgYk2BRDarZ+5rdsrSnEp+q7hl7jzuys
UIAuviWvguAAHQqzsxdwgkXm4kjs2341TWiheUMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQyvvjla6HJkeDI3csCSPw5AZXiijAfBgNVHSMEGDAWgBSpOcwWIe4wEK6Y
4Se9JUp4M/0oJzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FUbk1GaUh1TUJDdW1PRW52U1ZLZURQOUtDYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvZDViZjcyLTMxMTUtNGM3MS1hMWJmLWIwNjE5NGQxM2M2Yi8x
L01yNzQ1V3VoeVpIZ3lOM0xBa2o4T1FHVjRvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
ZDViZjcyLTMxMTUtNGM3MS1hMWJmLWIwNjE5NGQxM2M2Yi8xL3FUbk1GaUh1TUJD
dW1PRW52U1ZLZURQOUtDYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQEH4VwAwQAH4VyMA0GCSqGSIb3
DQEBCwUAA4IBAQCsBuswygBBsIvLZdG70duwBhzvzjjmc3Kpu9OT0zjvW06K33vp
cIWBWOP3Bgvl+0S+4MxTUCqsA2nMjR0p1wirDFRmLNcQZ4GsyPnISlVF2EyhWntG
fqc9yeC9n4XHZJP8/r57YLdzyyeEowRyZSj6a3ZaDtobpjNKwMIwM+bPxlUlLN+O
0jnYMswRNi4LalhwTphE3XaISGr/XUlj2Bh5SzS3NX7uHREheVqqigvjbKuMW9/G
dmnmF+KfR4TfNx9xqKY7hgDCXXvkkFRBkyICsZe+D3ApQfCCCgxxctyopm5pRYmf
EbWkkGysMBRo7ORlGlx32IDJv9gwoRUtrCfn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:50 2024 by rpki-client on console-ams.rpki-client.org