Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/rT_E4HFpMJ28jGekXdQao1_tN4s.roa
File:                     rT_E4HFpMJ28jGekXdQao1_tN4s.roa (raw, json)
Hash identifier:          T/EtIC3Yw3Jiw/y+WwEFDvI9czrwMNdoehbva9F10J0=
Subject key identifier:   AD:3F:C4:E0:71:69:30:9D:BC:8C:67:A4:5D:D4:1A:A3:5F:ED:37:8B
Certificate issuer:       /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial:       018484F2EEDB8D87F4856553E844A62342F0
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/rT_E4HFpMJ28jGekXdQao1_tN4s.roa
Signing time:             Thu 17 Nov 2022 09:37:04 +0000
ROA not before:           Thu 17 Nov 2022 09:37:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48716
IP address blocks:        217.151.230.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:84:f2:ee:db:8d:87:f4:85:65:53:e8:44:a6:23:42:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
        Validity
            Not Before: Nov 17 09:37:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ad3fc4e07169309dbc8c67a45dd41aa35fed378b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e1:84:ae:bf:42:2e:4e:ff:5f:92:c5:4d:7d:
                    87:10:46:cf:ee:9d:e9:62:c0:a6:6c:c5:07:92:a4:
                    4f:da:2b:8e:5d:19:38:b9:76:b5:f2:39:e3:f3:69:
                    dc:18:cc:a7:33:fc:69:87:b6:ed:68:29:84:47:9e:
                    90:13:8d:10:42:71:a7:55:08:d4:b3:93:86:3f:b1:
                    b0:33:91:41:19:b6:9c:2d:49:b9:30:a8:33:27:c7:
                    3f:6d:b5:9c:6f:5a:93:30:ce:ec:50:e9:0b:d1:d6:
                    6a:f4:5e:8a:d9:95:d0:61:0d:56:63:e9:f0:1f:a3:
                    e8:1b:95:78:0e:9f:5b:d7:ef:dc:dd:dc:c1:e5:95:
                    38:92:3c:87:82:d5:bc:61:41:21:c0:d1:4a:2a:3a:
                    8e:2d:e8:e5:20:72:3a:62:13:7e:d6:59:cd:83:2b:
                    15:39:e2:8f:ff:df:45:14:6c:6f:85:8d:1e:ac:c2:
                    3f:88:44:45:6f:99:b0:e2:13:a0:b6:31:4d:c7:f5:
                    21:55:41:da:d0:db:ec:ae:44:d9:b7:cf:f3:84:e6:
                    53:8e:34:7e:f1:f6:21:5e:9e:17:28:06:70:0f:3b:
                    22:e6:81:03:a4:27:a3:73:97:93:19:39:f5:bf:b8:
                    99:02:0c:cc:fc:59:16:08:6d:bd:11:29:39:d9:92:
                    79:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:3F:C4:E0:71:69:30:9D:BC:8C:67:A4:5D:D4:1A:A3:5F:ED:37:8B
            X509v3 Authority Key Identifier:
                keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/rT_E4HFpMJ28jGekXdQao1_tN4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.151.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:f1:5e:e7:a6:67:5c:34:d2:aa:40:44:eb:dd:78:07:d7:69:
         0b:a4:d4:a9:66:d3:01:fc:a7:5c:11:c1:d6:5a:26:4d:d9:00:
         85:a3:37:98:66:7d:4f:a2:eb:fe:df:d4:cf:0f:d4:cd:7a:d1:
         85:51:cb:f4:29:d9:8b:2d:43:97:60:14:9e:c3:b6:5d:f9:8b:
         b7:d6:da:8b:6c:fd:c4:1a:93:d5:54:87:b2:f3:45:7c:74:8e:
         8a:cd:54:a4:13:3d:52:d7:8d:fb:d3:23:7f:66:b7:c6:6c:a4:
         65:5c:c4:62:aa:7f:a0:6d:30:84:2d:c1:92:bf:ab:17:16:95:
         a1:d0:29:9c:26:af:b7:6e:6e:16:51:b1:f6:0b:e3:8e:f8:04:
         62:6f:39:26:6d:5b:91:46:c8:7d:2e:b1:c7:c5:5f:fc:bb:de:
         df:79:d4:a1:b5:4f:ba:00:1c:72:27:2b:da:49:5a:3d:c0:1f:
         53:c6:22:25:2a:2b:44:ab:19:56:32:a6:aa:0e:98:5d:87:a1:
         8e:71:a2:c8:0f:05:bb:1e:c8:78:0e:51:26:7f:c1:78:37:e9:
         f8:8e:69:ed:49:e6:5d:ee:0a:5b:c3:a7:f5:1a:1f:30:fc:e0:
         3f:f3:d2:b0:f2:13:fe:05:23:52:88:67:7c:e6:62:bb:69:4c:
         d6:bc:09:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSE8u7bjYf0hWVT6ESmI0LwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjIxMTE3MDkzNzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDNmYzRlMDcxNjkzMDlkYmM4YzY3YTQ1ZGQ0MWFhMzVmZWQzNzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+GErr9CLk7/X5LFTX2HEEbP7p3p
YsCmbMUHkqRP2iuOXRk4uXa18jnj82ncGMynM/xph7btaCmER56QE40QQnGnVQjU
s5OGP7GwM5FBGbacLUm5MKgzJ8c/bbWcb1qTMM7sUOkL0dZq9F6K2ZXQYQ1WY+nw
H6PoG5V4Dp9b1+/c3dzB5ZU4kjyHgtW8YUEhwNFKKjqOLejlIHI6YhN+1lnNgysV
OeKP/99FFGxvhY0erMI/iERFb5mw4hOgtjFNx/UhVUHa0NvsrkTZt8/zhOZTjjR+
8fYhXp4XKAZwDzsi5oEDpCejc5eTGTn1v7iZAgzM/FkWCG29ESk52ZJ5xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0/xOBxaTCdvIxnpF3UGqNf7TeLMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvclRfRTRIRnBNSjI4akdla1hkUWFvMV90TjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZfmMA0G
CSqGSIb3DQEBCwUAA4IBAQBY8V7npmdcNNKqQETr3XgH12kLpNSpZtMB/KdcEcHW
WiZN2QCFozeYZn1Pouv+39TPD9TNetGFUcv0KdmLLUOXYBSew7Zd+Yu31tqLbP3E
GpPVVIey80V8dI6KzVSkEz1S14370yN/ZrfGbKRlXMRiqn+gbTCELcGSv6sXFpWh
0CmcJq+3bm4WUbH2C+OO+ARibzkmbVuRRsh9LrHHxV/8u97fedShtU+6ABxyJyva
SVo9wB9TxiIlKitEqxlWMqaqDphdh6GOcaLIDwW7Hsh4DlEmf8F4N+n4jmntSeZd
7gpbw6f1Gh8w/OA/89Kw8hP+BSNSiGd85mK7aUzWvAlt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:03 2024 by rpki-client on console-ams.rpki-client.org