Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/5jjVLfIap5-w7Og2ggrVF2xJjLc.roa
File:                     5jjVLfIap5-w7Og2ggrVF2xJjLc.roa (raw, json)
Hash identifier:          7PYZV7MUrw8YoZT1QrxKJYssbOzCB3SL2I7uyD8ETeo=
Subject key identifier:   E6:38:D5:2D:F2:1A:A7:9F:B0:EC:E8:36:82:0A:D5:17:6C:49:8C:B7
Certificate issuer:       /CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Certificate serial:       154BA8
Authority key identifier: 4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/5jjVLfIap5-w7Og2ggrVF2xJjLc.roa
Signing time:             Mon 02 May 2022 18:01:06 +0000
ROA not before:           Mon 02 May 2022 18:01:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35653
IP address blocks:        86.105.164.0/22 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1395624 (0x154ba8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d70af1a99886c9101d135f54bd2bdef358b266e
        Validity
            Not Before: May  2 18:01:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e638d52df21aa79fb0ece836820ad5176c498cb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1c:aa:6e:7b:c7:d4:ff:d1:ef:45:70:e6:ed:
                    13:85:8f:ad:bf:1c:00:49:1b:97:15:85:2e:49:c0:
                    55:13:99:cd:a0:f4:5a:95:e7:e8:f1:d5:95:df:3b:
                    2c:70:1b:04:88:85:63:ef:4a:af:de:ad:89:d6:a2:
                    c8:68:32:06:79:54:d6:ee:66:51:19:30:21:18:6b:
                    26:88:19:2f:8d:93:ca:cf:a8:4f:53:8c:9c:85:51:
                    29:6a:e9:7d:ee:4a:b9:f2:a3:64:d0:37:cf:85:7c:
                    1f:4b:d9:54:94:dc:2f:40:17:69:66:90:93:83:85:
                    39:67:b3:df:71:9a:77:71:6c:a9:7d:fb:59:c2:a2:
                    f3:f5:b8:94:b7:39:67:bd:25:27:57:bb:3d:34:99:
                    6d:6e:15:96:7d:fa:bd:52:f4:d4:91:1c:71:be:10:
                    8b:35:15:80:87:6b:8f:1c:ef:4e:b8:bf:c3:cf:2c:
                    7b:66:3c:4e:4d:5f:8f:11:32:d3:27:35:71:93:35:
                    f9:55:71:7b:c9:37:f7:14:f1:94:0f:1a:a7:18:b4:
                    01:53:83:df:d3:1c:80:f0:a8:28:4d:da:1e:33:a5:
                    1c:8f:07:12:8c:fc:ab:19:1b:4a:35:ed:bd:95:42:
                    af:f5:d3:96:7e:3c:d3:d9:06:92:5e:3f:53:bd:31:
                    3e:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:38:D5:2D:F2:1A:A7:9F:B0:EC:E8:36:82:0A:D5:17:6C:49:8C:B7
            X509v3 Authority Key Identifier:
                keyid:4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/5jjVLfIap5-w7Og2ggrVF2xJjLc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/TXCvGpmIbJEB0TX1S9K97zWLJm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.105.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         86:f0:69:0b:fc:9d:81:11:56:00:bb:7d:d4:99:e6:d5:97:9d:
         d6:ab:64:78:67:f1:02:7e:2a:95:7a:c7:f7:e0:49:ee:80:46:
         05:39:9d:fb:2e:3b:52:4d:c2:40:a3:d8:b1:1f:a9:28:e0:eb:
         92:d1:f6:b6:94:f8:89:37:ff:1d:4a:3f:a5:96:7a:26:51:e5:
         6b:07:0c:c8:5e:07:8a:87:49:e6:ca:5f:d4:67:0c:ad:a8:9c:
         45:e8:5e:88:3a:fb:7c:14:a5:91:c4:91:86:a9:47:0c:8d:8a:
         56:87:96:93:f3:dd:4a:0b:84:4f:1d:66:6d:86:42:4f:96:a6:
         0d:10:cb:af:bd:bd:ad:38:a3:b1:c2:b1:ff:1c:f1:d3:93:78:
         71:97:08:f7:db:f0:ea:38:87:71:d7:9e:33:ac:76:66:68:33:
         14:d5:49:11:d2:7b:41:96:41:53:24:f5:0c:2d:24:5c:36:dc:
         fc:12:3f:54:52:19:6d:4a:f1:d6:3a:c7:8b:12:f0:bc:80:da:
         7d:d0:ed:11:20:11:95:9e:02:fd:55:52:a7:88:cf:de:8c:27:
         77:da:04:f9:ce:37:10:f4:37:48:b9:47:24:bf:97:1b:57:08:
         d9:73:a0:f3:f7:d3:e5:13:cf:94:5c:71:0a:47:a2:fd:4c:ae:
         c0:09:5d:a9
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDFUuoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRk
NzBhZjFhOTk4ODZjOTEwMWQxMzVmNTRiZDJiZGVmMzU4YjI2NmUwHhcNMjIwNTAy
MTgwMTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlNjM4ZDUyZGYyMWFh
NzlmYjBlY2U4MzY4MjBhZDUxNzZjNDk4Y2I3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArByqbnvH1P/R70Vw5u0ThY+tvxwASRuXFYUuScBVE5nNoPRa
lefo8dWV3zsscBsEiIVj70qv3q2J1qLIaDIGeVTW7mZRGTAhGGsmiBkvjZPKz6hP
U4ychVEpaul97kq58qNk0DfPhXwfS9lUlNwvQBdpZpCTg4U5Z7PfcZp3cWypfftZ
wqLz9biUtzlnvSUnV7s9NJltbhWWffq9UvTUkRxxvhCLNRWAh2uPHO9OuL/Dzyx7
ZjxOTV+PETLTJzVxkzX5VXF7yTf3FPGUDxqnGLQBU4Pf0xyA8KgoTdoeM6UcjwcS
jPyrGRtKNe29lUKv9dOWfjzT2QaSXj9TvTE+FQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFOY41S3yGqefsOzoNoIK1RdsSYy3MB8GA1UdIwQYMBaAFE1wrxqZiGyRAdE1
9UvSve81iyZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEtNDYxYWIwZWNlZTAxLzEv
NWpqVkxmSWFwNS13N09nMmdnclZGMnhKakxjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9h
OThmYzctNzkzNS00ZWFlLTk2MmEtNDYxYWIwZWNlZTAxLzEvVFhDdkdwbUliSkVC
MFRYMVM5Szk3eldMSm00LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVmmkMA0GCSqGSIb3DQEBCwUAA4IB
AQCG8GkL/J2BEVYAu33UmebVl53Wq2R4Z/ECfiqVesf34EnugEYFOZ37LjtSTcJA
o9ixH6ko4OuS0fa2lPiJN/8dSj+llnomUeVrBwzIXgeKh0nmyl/UZwytqJxF6F6I
Ovt8FKWRxJGGqUcMjYpWh5aT891KC4RPHWZthkJPlqYNEMuvvb2tOKOxwrH/HPHT
k3hxlwj32/DqOIdx154zrHZmaDMU1UkR0ntBlkFTJPUMLSRcNtz8Ej9UUhltSvHW
OseLEvC8gNp90O0RIBGVngL9VVKniM/ejCd32gT5zjcQ9DdIuUckv5cbVwjZc6Dz
99PlE8+UXHEKR6L9TK7ACV2p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:12 2024 by rpki-client on console-fra.rpki-client.org