Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/i44tnLaCJUKU_8G5W89o7UKUG1s.roa
File:                     i44tnLaCJUKU_8G5W89o7UKUG1s.roa (raw, json)
Hash identifier:          xh6NwRmauwoFZuEQCwFMs+GiK+iK2rN4UOzAsEZeLLc=
Subject key identifier:   8B:8E:2D:9C:B6:82:25:42:94:FF:C1:B9:5B:CF:68:ED:42:94:1B:5B
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       01821F9D5EC773D95D378291AD7298E25C85
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/i44tnLaCJUKU_8G5W89o7UKUG1s.roa
Signing time:             Thu 21 Jul 2022 07:16:23 +0000
ROA not before:           Thu 21 Jul 2022 07:16:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400536
IP address blocks:        5.182.114.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:1f:9d:5e:c7:73:d9:5d:37:82:91:ad:72:98:e2:5c:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jul 21 07:16:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8b8e2d9cb682254294ffc1b95bcf68ed42941b5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:8c:76:10:d5:74:13:d4:c5:49:1b:90:09:fc:
                    e9:09:ae:6b:7d:94:da:5f:3e:fd:06:6b:57:6c:e0:
                    64:27:25:c5:d0:07:d9:66:d1:06:f9:73:78:83:42:
                    48:21:c1:99:0f:32:e4:d6:78:9c:d4:b7:1f:16:2d:
                    55:be:86:25:b8:96:56:1b:da:71:c6:34:3e:ba:a7:
                    86:78:fb:51:68:bf:ba:ad:cb:f6:e3:d5:01:02:87:
                    41:6c:8b:4c:1f:5f:df:5c:e9:71:47:d8:12:b5:48:
                    35:35:65:70:46:57:3b:cf:84:07:c9:a9:b4:3a:e7:
                    e5:97:29:61:c9:c7:f1:ec:66:f1:4b:b7:f6:ee:0e:
                    55:d7:c7:60:bd:49:38:93:8b:eb:11:65:ec:9d:b4:
                    0e:55:b1:46:08:c9:5a:f1:60:ca:9a:b7:a2:9c:1b:
                    1b:56:f5:80:b5:20:b2:a0:72:b6:ca:44:d6:40:18:
                    43:21:2c:f5:2a:72:01:64:3d:62:9d:99:42:2e:2a:
                    28:39:3b:da:3b:b2:90:21:eb:65:38:dc:96:5b:22:
                    09:70:3f:20:e4:b6:5a:e9:a5:01:a5:27:f6:e3:8d:
                    9e:b6:4d:41:15:87:b6:58:ad:07:5f:6a:f1:5e:67:
                    73:e0:b3:34:14:aa:e0:36:99:3e:78:7d:e5:33:bc:
                    1a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:8E:2D:9C:B6:82:25:42:94:FF:C1:B9:5B:CF:68:ED:42:94:1B:5B
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/i44tnLaCJUKU_8G5W89o7UKUG1s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:ac:92:d5:ae:49:30:47:1f:4f:8d:19:d6:5c:f3:a0:12:6c:
         63:e2:69:4b:da:8c:5a:e7:40:cb:9b:bb:6f:7f:70:62:9e:71:
         f3:45:9f:6f:82:97:84:46:ac:95:96:78:4a:4f:27:85:35:f4:
         04:dc:b4:dd:92:c4:99:d0:b2:c5:0c:17:50:1d:fb:66:a3:ca:
         ab:82:e1:09:29:e3:9d:31:49:45:bc:d8:de:53:9d:c5:05:9c:
         b0:9c:3c:95:ce:ff:f9:d9:39:c6:31:84:0a:42:e4:93:12:73:
         f4:3a:d4:c0:d1:ab:43:a7:05:2d:38:fc:db:20:72:1a:31:61:
         75:9c:d3:77:b3:25:5c:bd:95:04:0d:06:c5:cf:f5:45:1f:8b:
         64:f7:e0:86:02:ed:4d:a8:39:c0:7d:3c:38:de:98:c9:ec:2c:
         52:81:4f:f7:f7:32:04:a9:a9:d5:9e:0b:bf:c4:b0:e2:02:64:
         ec:47:d7:7e:0d:7f:24:30:7e:db:b9:6f:e8:ce:d2:7f:09:f9:
         67:fe:18:9b:00:13:5f:ba:25:2f:9f:0d:be:d5:a2:25:a5:94:
         9c:16:27:51:e0:8c:4c:b5:ab:6b:2d:dc:c3:a3:f1:b2:f4:79:
         d4:b9:73:e0:52:26:a1:4e:77:b7:7a:f1:59:e2:58:92:1e:24:
         a4:74:55:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIfnV7Hc9ldN4KRrXKY4lyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzIxMDcxNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjhlMmQ5Y2I2ODIyNTQyOTRmZmMxYjk1YmNmNjhlZDQyOTQxYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIx2ENV0E9TFSRuQCfzpCa5rfZTa
Xz79BmtXbOBkJyXF0AfZZtEG+XN4g0JIIcGZDzLk1nic1LcfFi1VvoYluJZWG9px
xjQ+uqeGePtRaL+6rcv249UBAodBbItMH1/fXOlxR9gStUg1NWVwRlc7z4QHyam0
Oufllylhycfx7GbxS7f27g5V18dgvUk4k4vrEWXsnbQOVbFGCMla8WDKmreinBsb
VvWAtSCyoHK2ykTWQBhDISz1KnIBZD1inZlCLiooOTvaO7KQIetlONyWWyIJcD8g
5LZa6aUBpSf2442etk1BFYe2WK0HX2rxXmdz4LM0FKrgNpk+eH3lM7wabQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuOLZy2giVClP/BuVvPaO1ClBtbMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaTQ0dG5MYUNKVUtVXzhHNVc4OW83VUtVRzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbZyMA0G
CSqGSIb3DQEBCwUAA4IBAQCurJLVrkkwRx9PjRnWXPOgEmxj4mlL2oxa50DLm7tv
f3BinnHzRZ9vgpeERqyVlnhKTyeFNfQE3LTdksSZ0LLFDBdQHftmo8qrguEJKeOd
MUlFvNjeU53FBZywnDyVzv/52TnGMYQKQuSTEnP0OtTA0atDpwUtOPzbIHIaMWF1
nNN3syVcvZUEDQbFz/VFH4tk9+CGAu1NqDnAfTw43pjJ7CxSgU/39zIEqanVngu/
xLDiAmTsR9d+DX8kMH7buW/oztJ/Cfln/hibABNfuiUvnw2+1aIlpZScFidR4IxM
tatrLdzDo/Gy9HnUuXPgUiahTne3evFZ4liSHiSkdFVK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org