Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/53ad2b-359b-436a-a2eb-afe84e18d56f/1/xZoI_1qBBfYy9i4-0cz2JmKW_88.roa
File:                     xZoI_1qBBfYy9i4-0cz2JmKW_88.roa (raw, json)
Hash identifier:          cAMbQdOKByG0ULD8YB31lXk7Awux5HR/HAwtf9EtFoE=
Subject key identifier:   C5:9A:08:FF:5A:81:05:F6:32:F6:2E:3E:D1:CC:F6:26:62:96:FF:CF
Certificate issuer:       /CN=59a9e9f8ea47486d80c9d6dcfd568f654d4f07ee
Certificate serial:       4DAA52
Authority key identifier: 59:A9:E9:F8:EA:47:48:6D:80:C9:D6:DC:FD:56:8F:65:4D:4F:07:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Wanp-OpHSG2Aydbc_VaPZU1PB-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/53ad2b-359b-436a-a2eb-afe84e18d56f/1/xZoI_1qBBfYy9i4-0cz2JmKW_88.roa
Signing time:             Fri 18 Mar 2022 21:04:33 +0000
ROA not before:           Fri 18 Mar 2022 21:04:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51539
IP address blocks:        46.30.226.0/23 maxlen: 23
                          46.30.224.0/21 maxlen: 21
                          46.30.228.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5089874 (0x4daa52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=59a9e9f8ea47486d80c9d6dcfd568f654d4f07ee
        Validity
            Not Before: Mar 18 21:04:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c59a08ff5a8105f632f62e3ed1ccf6266296ffcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:36:cb:bb:62:e3:7e:f7:b0:19:8a:e0:da:7e:
                    a8:27:41:64:c1:df:c8:67:0a:73:34:2c:49:ab:b2:
                    5e:14:e0:aa:a2:38:18:e3:fa:ca:2b:c1:5e:1c:a7:
                    bd:d4:6b:c9:31:63:22:e0:28:7e:fb:22:bb:d1:6b:
                    f8:a8:78:ea:7f:05:ee:db:ce:b0:f5:3a:e4:12:b6:
                    18:8a:c1:22:f0:37:05:1e:33:86:de:d7:17:36:56:
                    5e:26:fe:cf:80:bd:23:7a:62:a3:20:53:7d:5a:8c:
                    52:c4:34:44:3a:91:a8:21:8d:c7:08:93:b9:2e:4f:
                    33:b3:39:1a:b2:1e:67:03:48:bc:0e:d1:42:27:f7:
                    35:a1:74:5d:25:39:e5:be:b2:aa:bd:59:80:e4:86:
                    31:5e:73:99:9a:15:55:1b:92:46:ed:0e:77:cc:5f:
                    45:cf:fa:25:8e:3e:99:d3:1e:3f:b5:70:2d:95:c7:
                    c5:34:fb:dd:5f:11:7a:bf:2e:51:5f:b0:12:7e:ef:
                    e4:a7:db:dd:85:3b:70:22:39:b5:74:d2:ab:4e:c8:
                    e7:67:21:f7:c4:15:87:69:ee:2b:45:13:9e:cc:47:
                    7b:35:ef:0f:a8:e9:f4:90:0e:86:a7:d0:cc:e2:f7:
                    74:5d:bc:1c:9f:1d:1f:96:76:67:b8:ed:cd:1f:b2:
                    cb:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:9A:08:FF:5A:81:05:F6:32:F6:2E:3E:D1:CC:F6:26:62:96:FF:CF
            X509v3 Authority Key Identifier:
                keyid:59:A9:E9:F8:EA:47:48:6D:80:C9:D6:DC:FD:56:8F:65:4D:4F:07:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wanp-OpHSG2Aydbc_VaPZU1PB-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/53ad2b-359b-436a-a2eb-afe84e18d56f/1/xZoI_1qBBfYy9i4-0cz2JmKW_88.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/53ad2b-359b-436a-a2eb-afe84e18d56f/1/Wanp-OpHSG2Aydbc_VaPZU1PB-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.30.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         91:97:4b:bf:2d:fe:e0:a3:18:3f:9c:6f:81:81:06:c5:ec:7c:
         44:11:a2:43:a4:14:39:87:36:be:d8:18:5b:3c:1c:a6:d4:8f:
         a2:96:b9:f5:42:e9:6b:34:46:e9:22:a2:e4:07:2c:08:aa:f2:
         36:b1:0c:c1:3f:55:ff:f5:62:aa:90:f4:ac:6a:c3:55:e5:11:
         42:56:8e:d4:e1:d7:0c:d8:5c:7f:90:c8:a2:eb:55:cd:3e:26:
         e9:5d:0c:63:85:64:62:a2:a2:05:b6:08:72:19:50:b0:84:5f:
         f6:67:8d:bf:30:0a:d2:e5:a0:f2:77:6c:d7:87:da:99:81:af:
         44:19:02:2b:ac:be:ca:58:ff:b7:9c:cd:3d:30:0d:ce:1e:51:
         04:f0:d4:ba:01:47:69:39:f9:72:b7:81:f8:ef:31:06:83:82:
         58:2e:01:fa:1e:e0:cc:d7:f1:84:7f:94:b2:aa:60:8f:14:74:
         5b:fd:5e:70:19:3a:f3:c3:8e:33:5b:7b:f5:72:5d:c3:24:64:
         b2:00:cd:5a:03:25:51:f2:2a:a1:4e:fe:b8:1b:49:45:02:2e:
         a8:2f:3f:d5:f4:6b:63:73:52:b6:2d:92:af:0f:ac:52:17:46:
         6e:d9:60:b0:23:16:c6:9f:be:ef:22:dc:4c:cd:93:44:b2:26:
         8b:ed:dd:50
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDTapSMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU5
YTllOWY4ZWE0NzQ4NmQ4MGM5ZDZkY2ZkNTY4ZjY1NGQ0ZjA3ZWUwHhcNMjIwMzE4
MjEwNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjNTlhMDhmZjVhODEw
NWY2MzJmNjJlM2VkMWNjZjYyNjYyOTZmZmNmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwjbLu2LjfvewGYrg2n6oJ0Fkwd/IZwpzNCxJq7JeFOCqojgY
4/rKK8FeHKe91GvJMWMi4Ch++yK70Wv4qHjqfwXu286w9TrkErYYisEi8DcFHjOG
3tcXNlZeJv7PgL0jemKjIFN9WoxSxDREOpGoIY3HCJO5Lk8zszkash5nA0i8DtFC
J/c1oXRdJTnlvrKqvVmA5IYxXnOZmhVVG5JG7Q53zF9Fz/oljj6Z0x4/tXAtlcfF
NPvdXxF6vy5RX7ASfu/kp9vdhTtwIjm1dNKrTsjnZyH3xBWHae4rRROezEd7Ne8P
qOn0kA6Gp9DM4vd0Xbwcnx0flnZnuO3NH7LLKQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMWaCP9agQX2MvYuPtHM9iZilv/PMB8GA1UdIwQYMBaAFFmp6fjqR0htgMnW
3P1Wj2VNTwfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
V2FucC1PcEhTRzJBeWRiY19WYVBaVTFQQi00LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mYy81M2FkMmItMzU5Yi00MzZhLWEyZWItYWZlODRlMThkNTZmLzEv
eFpvSV8xcUJCZll5OWk0LTBjejJKbUtXXzg4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81
M2FkMmItMzU5Yi00MzZhLWEyZWItYWZlODRlMThkNTZmLzEvV2FucC1PcEhTRzJB
eWRiY19WYVBaVTFQQi00LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLh7gMA0GCSqGSIb3DQEBCwUAA4IB
AQCRl0u/Lf7goxg/nG+BgQbF7HxEEaJDpBQ5hza+2BhbPBym1I+ilrn1QulrNEbp
IqLkBywIqvI2sQzBP1X/9WKqkPSsasNV5RFCVo7U4dcM2Fx/kMii61XNPibpXQxj
hWRioqIFtghyGVCwhF/2Z42/MArS5aDyd2zXh9qZga9EGQIrrL7KWP+3nM09MA3O
HlEE8NS6AUdpOflyt4H47zEGg4JYLgH6HuDM1/GEf5SyqmCPFHRb/V5wGTrzw44z
W3v1cl3DJGSyAM1aAyVR8iqhTv64G0lFAi6oLz/V9Gtjc1K2LZKvD6xSF0Zu2WCw
IxbGn77vItxMzZNEsiaL7d1Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:10 2024 by rpki-client on console-ams.rpki-client.org