Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/YTIhoHu0MGrxlLbLspDSyOV6qwQ.roa
File:                     YTIhoHu0MGrxlLbLspDSyOV6qwQ.roa (raw, json)
Hash identifier:          lTWPZRg0PbLVBG8FTAeOW01xyco1gMSwOlghmatW9Rw=
Subject key identifier:   61:32:21:A0:7B:B4:30:6A:F1:94:B6:CB:B2:90:D2:C8:E5:7A:AB:04
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       018205E9BDC3B98C9D64607CF1B28A7F7619
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/YTIhoHu0MGrxlLbLspDSyOV6qwQ.roa
Signing time:             Sat 16 Jul 2022 07:29:40 +0000
ROA not before:           Sat 16 Jul 2022 07:29:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        5.182.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:05:e9:bd:c3:b9:8c:9d:64:60:7c:f1:b2:8a:7f:76:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jul 16 07:29:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=613221a07bb4306af194b6cbb290d2c8e57aab04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:fd:bc:8f:74:a9:64:65:51:65:6d:4f:1a:5c:
                    70:a1:b1:b4:55:ec:4f:5c:19:86:28:51:73:8e:18:
                    08:97:a2:15:2d:37:08:8b:8b:63:a3:70:ba:0e:68:
                    26:47:0e:18:be:68:63:56:c5:56:87:16:5a:0f:46:
                    02:e0:92:1f:f6:fd:6b:6d:26:c0:61:49:44:c3:1d:
                    2c:3f:61:91:54:87:d3:70:95:7f:82:12:51:35:ac:
                    20:83:8f:76:5e:7b:fb:55:b3:d0:df:9d:9f:bf:00:
                    73:cb:7d:db:02:b8:18:17:1a:08:95:39:1e:35:e8:
                    ea:37:e8:3a:9f:c8:b5:ce:d1:bb:36:65:b5:12:4d:
                    82:f6:cd:6d:12:51:60:fb:8e:aa:9c:fd:44:a3:b6:
                    af:b2:29:9b:f2:3d:84:ef:dc:c9:0e:ab:90:0c:89:
                    bf:f5:f2:be:d3:9c:44:0d:5e:8e:40:85:9a:8f:8d:
                    d0:5e:59:17:9f:ca:49:4f:cf:7a:a3:ee:ad:be:12:
                    08:3c:7a:fb:d6:5b:78:b0:28:fe:a3:89:e6:55:59:
                    b1:18:3b:82:13:c2:9c:b9:92:f2:35:cf:2a:0c:63:
                    39:56:86:70:e7:73:48:ac:74:e2:9f:b7:7e:a9:66:
                    fa:76:5c:82:16:43:67:a2:70:34:df:8b:8a:26:01:
                    b6:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:32:21:A0:7B:B4:30:6A:F1:94:B6:CB:B2:90:D2:C8:E5:7A:AB:04
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/YTIhoHu0MGrxlLbLspDSyOV6qwQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:e9:70:25:b6:26:16:3f:9f:a7:70:5d:55:c7:ac:df:ed:35:
         32:17:56:ef:c1:d6:e0:8b:35:58:6d:a2:0a:02:20:67:5c:00:
         8e:88:93:47:8a:df:51:61:6f:55:01:e5:8b:f9:35:04:ef:72:
         02:7a:d9:98:20:06:e1:03:fc:9c:9c:a1:95:67:a5:73:b9:e7:
         0c:8b:ce:f1:85:8b:ca:aa:f9:95:bf:cb:a0:ee:8e:c7:81:d8:
         8f:4b:ca:aa:22:5f:a1:27:a7:8f:e1:63:1f:8a:14:2c:65:8e:
         27:b6:a5:db:ea:2c:97:f8:13:4f:b4:97:c9:b8:56:db:b9:28:
         a9:44:29:05:c1:5e:05:6b:15:bf:84:d4:a3:df:6a:2f:12:19:
         28:fb:f1:f4:8e:84:e6:d8:1e:b0:78:3b:47:88:98:fd:a8:f8:
         fe:1c:3f:dc:85:3b:c8:13:d1:1c:00:e4:4d:13:ff:bd:a3:c8:
         0d:75:3e:82:ab:cb:ed:ef:c3:24:e9:32:33:1a:99:7a:3d:92:
         8f:d4:c3:51:c8:41:8c:58:e0:6b:92:e7:15:ba:13:38:32:01:
         72:cc:8e:3c:19:e2:74:a5:4e:19:81:3c:a8:c1:64:50:30:0a:
         41:89:17:98:d4:af:80:87:17:d3:63:75:ab:70:07:fc:0f:f1:
         72:28:88:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIF6b3DuYydZGB88bKKf3YZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzE2MDcyOTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTMyMjFhMDdiYjQzMDZhZjE5NGI2Y2JiMjkwZDJjOGU1N2FhYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv28j3SpZGVRZW1PGlxwobG0VexP
XBmGKFFzjhgIl6IVLTcIi4tjo3C6DmgmRw4YvmhjVsVWhxZaD0YC4JIf9v1rbSbA
YUlEwx0sP2GRVIfTcJV/ghJRNawgg492Xnv7VbPQ352fvwBzy33bArgYFxoIlTke
NejqN+g6n8i1ztG7NmW1Ek2C9s1tElFg+46qnP1Eo7avsimb8j2E79zJDquQDIm/
9fK+05xEDV6OQIWaj43QXlkXn8pJT896o+6tvhIIPHr71lt4sCj+o4nmVVmxGDuC
E8KcuZLyNc8qDGM5VoZw53NIrHTin7d+qWb6dlyCFkNnonA034uKJgG27QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGEyIaB7tDBq8ZS2y7KQ0sjleqsEMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvWVRJaG9IdTBNR3J4bExiTHNwRFN5T1Y2cXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbZxMA0G
CSqGSIb3DQEBCwUAA4IBAQAp6XAltiYWP5+ncF1Vx6zf7TUyF1bvwdbgizVYbaIK
AiBnXACOiJNHit9RYW9VAeWL+TUE73ICetmYIAbhA/ycnKGVZ6VzuecMi87xhYvK
qvmVv8ug7o7HgdiPS8qqIl+hJ6eP4WMfihQsZY4ntqXb6iyX+BNPtJfJuFbbuSip
RCkFwV4FaxW/hNSj32ovEhko+/H0joTm2B6weDtHiJj9qPj+HD/chTvIE9EcAORN
E/+9o8gNdT6Cq8vt78Mk6TIzGpl6PZKP1MNRyEGMWOBrkucVuhM4MgFyzI48GeJ0
pU4ZgTyowWRQMApBiReY1K+AhxfTY3WrcAf8D/FyKIi9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org