Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/2uxf-JTJgjAKsqABXdoaqrEIGEY.roa
File:                     2uxf-JTJgjAKsqABXdoaqrEIGEY.roa (raw, json)
Hash identifier:          L3bC9894wZbQsO5LSaYcjDBwKGqRs7QY2NMts5h4WBo=
Subject key identifier:   DA:EC:5F:F8:94:C9:82:30:0A:B2:A0:01:5D:DA:1A:AA:B1:08:18:46
Certificate issuer:       /CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
Certificate serial:       018499E387413B66E5F4B80ECD1F67901A46
Authority key identifier: 6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/2uxf-JTJgjAKsqABXdoaqrEIGEY.roa
Signing time:             Mon 21 Nov 2022 11:12:16 +0000
ROA not before:           Mon 21 Nov 2022 11:12:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211761
IP address blocks:        45.154.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:99:e3:87:41:3b:66:e5:f4:b8:0e:cd:1f:67:90:1a:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
        Validity
            Not Before: Nov 21 11:12:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=daec5ff894c982300ab2a0015dda1aaab1081846
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d3:98:05:9d:d4:f8:14:f1:16:6e:f2:6d:47:
                    01:64:91:0c:36:61:54:6c:79:78:1b:91:17:6f:fd:
                    ba:f1:b8:de:89:95:77:56:0e:eb:c0:1b:f7:99:5b:
                    9c:ae:53:23:41:33:6f:7b:51:55:3b:5f:6a:5c:29:
                    a7:85:c4:d0:a8:87:72:b8:0b:0b:49:89:a6:2f:91:
                    81:75:33:81:24:9b:70:f1:c3:bb:f2:07:6e:ce:4a:
                    c8:67:01:cb:70:d0:31:26:8b:e3:2d:ab:2a:93:8f:
                    41:cb:e6:74:98:5b:6e:b6:f2:e5:b0:82:44:38:6f:
                    9e:1b:c9:02:90:00:08:4b:73:44:58:38:b0:43:17:
                    52:ed:bf:96:ce:71:1d:af:47:5d:17:64:bb:97:be:
                    85:c8:bd:10:77:8a:32:4f:b9:f3:68:7a:b9:7a:10:
                    f0:aa:c2:e8:6b:ad:63:20:c5:4a:d0:7f:7a:77:a4:
                    60:41:5c:d1:aa:14:21:cc:5f:55:54:5c:5f:bd:13:
                    aa:a4:ed:45:f6:68:7f:de:a9:e1:be:47:c2:a0:97:
                    23:a6:76:8d:29:62:d9:0c:06:cf:62:8b:21:9c:1f:
                    49:94:4e:6b:43:66:25:19:2f:18:23:ed:4c:77:97:
                    cd:a2:07:a1:81:8f:9a:02:69:37:37:ce:a6:21:b0:
                    1a:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:EC:5F:F8:94:C9:82:30:0A:B2:A0:01:5D:DA:1A:AA:B1:08:18:46
            X509v3 Authority Key Identifier:
                keyid:6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/2uxf-JTJgjAKsqABXdoaqrEIGEY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/anmPD-T03_3-0sjmLSNUMPSTd80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:46:07:e6:91:29:aa:ce:41:c4:80:d3:d2:72:b4:07:d3:f8:
         d0:01:d9:34:38:67:7a:5e:3c:ed:57:a7:98:bf:93:09:54:f7:
         e2:0c:23:04:8d:02:d6:78:62:b3:35:00:ee:a1:aa:00:a0:f8:
         35:56:a1:2e:e1:3c:6d:f8:64:bc:42:11:7d:27:5a:5b:3e:2b:
         2a:07:df:2a:b3:a3:c2:f0:97:33:db:2d:2c:4f:52:27:2f:14:
         0a:5b:bc:51:fa:a4:fe:62:41:81:9a:c6:2b:35:84:2d:3e:39:
         bb:59:ae:ee:76:12:7f:60:73:a3:cf:3c:66:af:fc:f0:a9:2d:
         7f:50:08:90:c5:87:17:bc:65:cd:38:02:1a:0e:94:7f:3f:2b:
         8f:9d:18:ac:fc:30:f8:59:d6:5a:19:de:6d:55:eb:d4:5b:e0:
         c0:6a:8a:84:cb:10:9f:15:84:6b:8c:b3:80:1a:70:e9:cc:91:
         46:b0:82:db:49:e0:df:71:0b:b2:e9:af:f1:c1:7d:ac:c3:db:
         dc:3d:e6:74:44:0a:ca:8f:eb:7a:9f:ed:60:f5:4a:5d:17:f9:
         dd:e7:c3:14:c9:81:a1:2c:b6:e1:56:db:c1:5a:73:c7:d6:9b:
         3b:f9:f1:cc:cd:75:a0:7c:76:f1:2f:a5:9c:94:87:d4:34:7f:
         05:03:02:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSZ44dBO2bl9LgOzR9nkBpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNzk4ZjBmZTRmNGRmZmRmZWQyYzhlNjJkMjM1NDMwZjQ5
Mzc3Y2QwHhcNMjIxMTIxMTExMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWVjNWZmODk0Yzk4MjMwMGFiMmEwMDE1ZGRhMWFhYWIxMDgxODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltOYBZ3U+BTxFm7ybUcBZJEMNmFU
bHl4G5EXb/268bjeiZV3Vg7rwBv3mVucrlMjQTNve1FVO19qXCmnhcTQqIdyuAsL
SYmmL5GBdTOBJJtw8cO78gduzkrIZwHLcNAxJovjLasqk49By+Z0mFtutvLlsIJE
OG+eG8kCkAAIS3NEWDiwQxdS7b+WznEdr0ddF2S7l76FyL0Qd4oyT7nzaHq5ehDw
qsLoa61jIMVK0H96d6RgQVzRqhQhzF9VVFxfvROqpO1F9mh/3qnhvkfCoJcjpnaN
KWLZDAbPYoshnB9JlE5rQ2YlGS8YI+1Md5fNogehgY+aAmk3N86mIbAaUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrsX/iUyYIwCrKgAV3aGqqxCBhGMB8GA1UdIwQY
MBaAFGp5jw/k9N/9/tLI5i0jVDD0k3fNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMt
NzdjZjgxMDQxMDgzLzEvMnV4Zi1KVEpnakFLc3FBQlhkb2FxckVJR0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMtNzdjZjgxMDQxMDgz
LzEvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZrPMA0G
CSqGSIb3DQEBCwUAA4IBAQCqRgfmkSmqzkHEgNPScrQH0/jQAdk0OGd6XjztV6eY
v5MJVPfiDCMEjQLWeGKzNQDuoaoAoPg1VqEu4Txt+GS8QhF9J1pbPisqB98qs6PC
8Jcz2y0sT1InLxQKW7xR+qT+YkGBmsYrNYQtPjm7Wa7udhJ/YHOjzzxmr/zwqS1/
UAiQxYcXvGXNOAIaDpR/PyuPnRis/DD4WdZaGd5tVevUW+DAaoqEyxCfFYRrjLOA
GnDpzJFGsILbSeDfcQuy6a/xwX2sw9vcPeZ0RArKj+t6n+1g9UpdF/nd58MUyYGh
LLbhVtvBWnPH1ps7+fHMzXWgfHbxL6WclIfUNH8FAwKb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:45 2024 by rpki-client on console-fra.rpki-client.org