Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/axmWYsCY1diVZdfFpXJzpp6q9V8.roa
File:                     axmWYsCY1diVZdfFpXJzpp6q9V8.roa (raw, json)
Hash identifier:          n/OpPsPhnYWsXtWSiYvv/LZWvYXXX0kuYtka0pmIing=
Subject key identifier:   6B:19:96:62:C0:98:D5:D8:95:65:D7:C5:A5:72:73:A6:9E:AA:F5:5F
Certificate issuer:       /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial:       76522F
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/axmWYsCY1diVZdfFpXJzpp6q9V8.roa
Signing time:             Thu 24 Mar 2022 08:03:49 +0000
ROA not before:           Thu 24 Mar 2022 08:03:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41269
IP address blocks:        212.110.158.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7754287 (0x76522f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
        Validity
            Not Before: Mar 24 08:03:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6b199662c098d5d89565d7c5a57273a69eaaf55f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:a3:a4:06:72:5b:48:f9:dc:e9:86:93:c5:c3:
                    00:01:44:0d:f3:00:6f:31:22:79:f6:d3:7e:5a:66:
                    22:e1:78:8b:96:fc:8b:c4:94:d5:b4:e4:50:8e:0b:
                    ba:cb:54:43:8c:cf:dc:31:30:54:88:0c:17:1f:ae:
                    1d:e9:44:dc:e0:66:2c:d3:dc:0a:63:bb:11:24:12:
                    87:83:32:7e:bc:48:2e:2a:b1:cd:be:4b:75:08:bb:
                    fd:99:9c:c0:78:f7:c8:77:ed:61:b0:93:35:f5:95:
                    e5:31:7a:f3:cc:8e:e1:ba:21:6e:1e:58:d5:18:84:
                    63:21:34:d6:26:bc:78:31:73:bc:6d:c2:27:71:ff:
                    69:2d:17:81:8d:e1:09:70:e7:9f:5f:51:59:a0:3f:
                    9d:dd:56:13:23:3b:01:91:77:76:ee:48:2b:f7:b9:
                    32:72:4f:73:3c:cb:f4:be:5f:1f:f8:dd:65:fb:25:
                    a9:92:7a:5c:ab:66:2b:3a:17:4a:04:b7:38:7d:0f:
                    b3:2f:10:43:04:78:75:03:e3:26:05:d6:02:7a:39:
                    a8:6c:6c:b3:0e:b3:4e:93:11:df:e6:4e:1f:2b:07:
                    57:8e:f9:25:18:31:d6:b9:a5:01:72:33:1b:b8:da:
                    69:1e:d6:61:89:30:04:d9:a4:14:9e:37:7b:e9:4d:
                    a9:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:19:96:62:C0:98:D5:D8:95:65:D7:C5:A5:72:73:A6:9E:AA:F5:5F
            X509v3 Authority Key Identifier:
                keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/axmWYsCY1diVZdfFpXJzpp6q9V8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.110.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:61:aa:94:c2:3e:1d:4c:52:e2:4e:60:fd:0a:22:4b:1c:ad:
         96:e2:27:0e:9a:14:03:a3:09:e5:f8:b0:20:d2:78:22:c9:ba:
         06:68:8f:ea:48:88:a7:ac:93:b1:e3:2b:3a:1c:b0:62:34:e3:
         62:e6:87:19:6b:f3:f0:60:f4:a4:d1:7f:ec:84:6c:a4:e0:f6:
         45:65:bb:e6:c0:bf:92:72:21:65:6f:32:84:4c:75:3a:00:f6:
         29:3a:47:69:a8:61:9f:4e:92:47:a3:ca:7d:c4:df:81:b8:73:
         21:b9:d3:d8:d1:40:c0:29:9c:55:3f:18:69:c0:71:f9:6b:1f:
         e9:bf:51:71:d7:34:56:27:3e:62:25:07:26:fb:1f:58:44:6d:
         05:6b:37:ea:f4:4f:a7:f4:d9:e5:ea:97:28:ea:74:70:50:7f:
         d0:95:ff:84:6e:1b:12:c0:98:bf:2e:0a:4d:12:53:23:7e:bd:
         c8:dd:b6:f6:d9:42:ae:c0:bd:6d:f7:6e:20:cf:81:b0:cd:ee:
         72:0b:fa:fe:c7:fc:36:da:81:bb:5c:2a:56:49:ef:cc:d9:b9:
         37:a0:35:49:b4:71:b6:5a:67:34:de:14:01:a9:4f:3b:b5:a0:
         a0:12:0f:3e:13:16:2e:62:6b:3f:3e:d7:29:46:51:5b:20:0d:
         3e:2a:a7:20
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDdlIvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNm
MWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVhZGZhMDAwHhcNMjIwMzI0
MDgwMzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2YjE5OTY2MmMwOThk
NWQ4OTU2NWQ3YzVhNTcyNzNhNjllYWFmNTVmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoKOkBnJbSPnc6YaTxcMAAUQN8wBvMSJ59tN+WmYi4XiLlvyL
xJTVtORQjgu6y1RDjM/cMTBUiAwXH64d6UTc4GYs09wKY7sRJBKHgzJ+vEguKrHN
vkt1CLv9mZzAePfId+1hsJM19ZXlMXrzzI7huiFuHljVGIRjITTWJrx4MXO8bcIn
cf9pLReBjeEJcOefX1FZoD+d3VYTIzsBkXd27kgr97kyck9zPMv0vl8f+N1l+yWp
knpcq2YrOhdKBLc4fQ+zLxBDBHh1A+MmBdYCejmobGyzDrNOkxHf5k4fKwdXjvkl
GDHWuaUBcjMbuNppHtZhiTAE2aQUnjd76U2p5QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFGsZlmLAmNXYlWXXxaVyc6aeqvVfMB8GA1UdIwQYMBaAFM8d9mZ9o45XolsZ
RfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
engzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJjLzEv
YXhtV1lzQ1kxZGlWWmRmRnBYSnpwcDZxOVY4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
NTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJjLzEvengzMlpuMmpqbGVp
V3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1G6eMA0GCSqGSIb3DQEBCwUAA4IB
AQCwYaqUwj4dTFLiTmD9CiJLHK2W4icOmhQDownl+LAg0ngiyboGaI/qSIinrJOx
4ys6HLBiNONi5ocZa/PwYPSk0X/shGyk4PZFZbvmwL+SciFlbzKETHU6APYpOkdp
qGGfTpJHo8p9xN+BuHMhudPY0UDAKZxVPxhpwHH5ax/pv1Fx1zRWJz5iJQcm+x9Y
RG0Fazfq9E+n9Nnl6pco6nRwUH/Qlf+EbhsSwJi/LgpNElMjfr3I3bb22UKuwL1t
924gz4Gwze5yC/r+x/w22oG7XCpWSe/M2bk3oDVJtHG2Wmc03hQBqU87taCgEg8+
ExYuYms/PtcpRlFbIA0+Kqcg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org