Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/39d4b5-b5c9-480a-9405-d9a539b8b7ad/1/E4h7AzQZWAj3pL1vsna70vP0B5I.roa
File:                     E4h7AzQZWAj3pL1vsna70vP0B5I.roa (raw, json)
Hash identifier:          GbU6YwkUkulN6vIv2eQ3HcNvP9i2yG6R5eC2R3jmTj0=
Subject key identifier:   13:88:7B:03:34:19:58:08:F7:A4:BD:6F:B2:76:BB:D2:F3:F4:07:92
Certificate issuer:       /CN=8fd57a75dd7e952bee283935d6df2925d282a070
Certificate serial:       0582AF64
Authority key identifier: 8F:D5:7A:75:DD:7E:95:2B:EE:28:39:35:D6:DF:29:25:D2:82:A0:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j9V6dd1-lSvuKDk11t8pJdKCoHA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/39d4b5-b5c9-480a-9405-d9a539b8b7ad/1/E4h7AzQZWAj3pL1vsna70vP0B5I.roa
Signing time:             Sat 01 Jan 2022 09:01:01 +0000
ROA not before:           Sat 01 Jan 2022 09:01:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8224
IP address blocks:        45.66.80.0/22 maxlen: 24
                          2a09:62c0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 92450660 (0x582af64)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8fd57a75dd7e952bee283935d6df2925d282a070
        Validity
            Not Before: Jan  1 09:01:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=13887b0334195808f7a4bd6fb276bbd2f3f40792
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:6e:dd:6a:01:d4:e4:6f:79:a3:a6:90:f4:e4:
                    d9:66:1f:49:aa:5f:50:f3:d0:91:ea:cb:c8:91:b5:
                    6a:73:c4:10:f4:31:f4:1e:96:a7:19:7a:ae:80:77:
                    b5:29:59:d2:58:be:51:1b:79:f9:09:ef:29:23:22:
                    7f:b2:d3:5e:a2:04:0b:c6:51:d2:5a:e1:ae:60:52:
                    c2:15:09:aa:44:0e:fa:0e:c2:05:4b:05:4b:6b:f0:
                    35:08:a7:3b:0a:dd:c4:63:82:b9:b6:d4:b3:fd:23:
                    71:ea:48:9b:69:9e:43:32:5d:9d:f1:ab:86:c7:60:
                    28:b0:e5:e7:e4:8a:f4:7d:13:7a:6d:fc:9a:1c:bd:
                    8e:b8:a2:6a:76:ed:48:b3:62:09:4d:ec:83:19:e4:
                    3f:61:93:9e:79:a9:ff:2a:2d:3e:72:85:c0:45:5c:
                    6f:25:9e:b0:b2:0c:8d:89:0f:b3:5d:fa:2b:98:48:
                    c3:47:05:e9:86:d5:24:30:7d:9c:e9:57:8e:27:ca:
                    17:6e:5e:df:1b:29:94:2a:e4:62:d1:e9:1b:db:dc:
                    a2:da:e3:dd:17:f1:fb:9b:75:ea:10:e8:c5:5e:fa:
                    23:2c:f9:f4:e4:95:2a:c9:ff:5d:22:0b:74:82:25:
                    06:da:b4:04:5f:f2:cd:9f:02:84:37:db:46:1d:55:
                    00:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:88:7B:03:34:19:58:08:F7:A4:BD:6F:B2:76:BB:D2:F3:F4:07:92
            X509v3 Authority Key Identifier:
                keyid:8F:D5:7A:75:DD:7E:95:2B:EE:28:39:35:D6:DF:29:25:D2:82:A0:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j9V6dd1-lSvuKDk11t8pJdKCoHA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/39d4b5-b5c9-480a-9405-d9a539b8b7ad/1/E4h7AzQZWAj3pL1vsna70vP0B5I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/39d4b5-b5c9-480a-9405-d9a539b8b7ad/1/j9V6dd1-lSvuKDk11t8pJdKCoHA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.66.80.0/22
                IPv6:
                  2a09:62c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         43:92:88:c3:7c:9f:cb:7c:c7:b7:35:b8:cc:73:a5:07:da:3a:
         ad:af:32:cc:dc:23:69:2e:8f:91:90:7e:d5:ff:a2:d3:c9:1c:
         73:fd:00:0a:11:39:04:cb:d7:9b:58:14:19:80:91:2b:93:4c:
         e5:ae:20:73:2e:4c:eb:ab:23:9c:d1:11:49:88:ea:bb:75:71:
         97:92:ad:e2:1d:4e:df:da:37:f5:a2:cf:48:df:8d:6e:ca:d6:
         ea:81:46:ef:cd:10:f0:38:c6:5b:94:d2:e2:c9:02:07:3a:b2:
         68:14:8b:e6:9f:f1:ab:98:c2:7d:07:64:12:42:f0:e9:c0:c1:
         c6:81:dd:d8:27:7f:2a:eb:c4:0e:34:db:38:02:91:a1:4a:da:
         47:0b:68:a5:da:99:25:f9:1d:36:de:8d:36:6c:d5:4c:51:2b:
         12:53:e1:03:3f:25:8b:44:ea:93:68:17:c7:c0:51:4e:83:b9:
         33:1e:11:9a:c9:e1:15:77:4f:6d:cd:8c:59:d7:d8:9d:06:e9:
         ea:0e:e9:8f:88:8e:84:ee:47:a8:7f:37:75:a9:82:55:10:1e:
         30:ec:ec:13:b2:16:31:99:45:b2:98:86:dc:19:13:56:61:3b:
         96:37:96:5f:50:a4:07:be:84:89:25:06:80:c8:dc:c5:42:2b:
         59:e8:c5:3c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBYKvZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmQ1N2E3NWRkN2U5NTJiZWUyODM5MzVkNmRmMjkyNWQyODJhMDcwMB4XDTIyMDEw
MTA5MDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTM4ODdiMDMzNDE5
NTgwOGY3YTRiZDZmYjI3NmJiZDJmM2Y0MDc5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJu3WoB1ORveaOmkPTk2WYfSapfUPPQkerLyJG1anPEEPQx
9B6Wpxl6roB3tSlZ0li+URt5+QnvKSMif7LTXqIEC8ZR0lrhrmBSwhUJqkQO+g7C
BUsFS2vwNQinOwrdxGOCubbUs/0jcepIm2meQzJdnfGrhsdgKLDl5+SK9H0Tem38
mhy9jriianbtSLNiCU3sgxnkP2GTnnmp/yotPnKFwEVcbyWesLIMjYkPs136K5hI
w0cF6YbVJDB9nOlXjifKF25e3xsplCrkYtHpG9vcotrj3Rfx+5t16hDoxV76Iyz5
9OSVKsn/XSILdIIlBtq0BF/yzZ8ChDfbRh1VALUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQTiHsDNBlYCPekvW+ydrvS8/QHkjAfBgNVHSMEGDAWgBSP1Xp13X6VK+4o
OTXW3ykl0oKgcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2o5VjZkZDEtbFN2dUtEazExdDhwSmRLQ29IQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMzlkNGI1LWI1YzktNDgwYS05NDA1LWQ5YTUzOWI4YjdhZC8x
L0U0aDdBelFaV0FqM3BMMXZzbmE3MHZQMEI1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MzlkNGI1LWI1YzktNDgwYS05NDA1LWQ5YTUzOWI4YjdhZC8xL2o5VjZkZDEtbFN2
dUtEazExdDhwSmRLQ29IQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1CUDANBAIAAjAHAwUDKgliwDAN
BgkqhkiG9w0BAQsFAAOCAQEAQ5KIw3yfy3zHtzW4zHOlB9o6ra8yzNwjaS6PkZB+
1f+i08kcc/0AChE5BMvXm1gUGYCRK5NM5a4gcy5M66sjnNERSYjqu3Vxl5Kt4h1O
39o39aLPSN+NbsrW6oFG780Q8DjGW5TS4skCBzqyaBSL5p/xq5jCfQdkEkLw6cDB
xoHd2Cd/KuvEDjTbOAKRoUraRwtopdqZJfkdNt6NNmzVTFErElPhAz8li0Tqk2gX
x8BRToO5Mx4RmsnhFXdPbc2MWdfYnQbp6g7pj4iOhO5HqH83damCVRAeMOzsE7IW
MZlFspiG3BkTVmE7ljeWX1CkB76EiSUGgMjcxUIrWejFPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:38 2024 by rpki-client on console-ams.rpki-client.org