Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6K43kiBp9EXjWsWVqNEKXIj8YcA.roa
File:                     6K43kiBp9EXjWsWVqNEKXIj8YcA.roa (raw, json)
Hash identifier:          0KSTJXzfURpVfGnwOzujmg5lrl/QZbPxwPyoNIcZ9Lo=
Subject key identifier:   E8:AE:37:92:20:69:F4:45:E3:5A:C5:95:A8:D1:0A:5C:88:FC:61:C0
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       088F5B8E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6K43kiBp9EXjWsWVqNEKXIj8YcA.roa
Signing time:             Tue 17 May 2022 05:46:30 +0000
ROA not before:           Tue 17 May 2022 05:46:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        45.132.181.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 143612814 (0x88f5b8e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: May 17 05:46:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e8ae37922069f445e35ac595a8d10a5c88fc61c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:53:cb:20:c7:e3:af:a4:96:13:65:b7:41:76:
                    77:9d:53:d9:ed:19:6e:66:7a:32:15:18:7b:65:f0:
                    79:6f:94:01:5b:49:e8:80:65:76:6e:1e:30:56:b4:
                    f3:fe:fb:38:df:12:a8:f0:97:96:52:11:63:5e:b1:
                    eb:c7:2e:a0:6a:69:a3:64:b1:f0:84:63:23:96:33:
                    40:a8:2d:1f:8a:c2:4a:3f:df:5b:2a:d5:2f:d6:85:
                    2a:9c:cc:d4:d7:89:30:aa:b3:09:94:34:d1:0a:4b:
                    dc:13:81:c5:9c:a7:35:39:58:a2:10:5d:bd:1f:be:
                    3c:d3:3d:07:9a:a9:85:1b:73:8e:6d:b4:10:9a:e6:
                    5a:f4:f8:87:98:58:9e:6c:e2:03:d8:36:fd:d8:4f:
                    d7:d4:af:15:a8:aa:2e:29:7a:8c:c8:3b:d8:e1:ac:
                    6f:93:e1:b4:b1:3c:05:46:b1:a5:d8:44:00:8b:86:
                    e9:bf:8f:ad:2f:0b:62:3f:6e:2e:ed:28:d8:18:a4:
                    82:89:be:ef:e2:44:0c:12:35:30:90:7c:fa:82:c2:
                    94:e1:cf:d7:f7:48:87:e8:1b:3d:c0:63:4b:74:7e:
                    2c:de:3a:40:5f:46:bb:92:bf:1c:53:53:58:e1:10:
                    bf:74:c0:03:c5:71:f0:29:c5:ad:2b:b2:8d:af:80:
                    e9:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:AE:37:92:20:69:F4:45:E3:5A:C5:95:A8:D1:0A:5C:88:FC:61:C0
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6K43kiBp9EXjWsWVqNEKXIj8YcA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:cd:38:a7:2f:df:ee:d0:bd:08:6c:38:30:aa:c3:f1:d2:1f:
         eb:e5:48:74:a1:b5:f9:56:5b:bf:b2:a5:2c:a9:60:a4:cc:90:
         92:b2:f0:4d:04:40:5d:0a:a1:94:a2:02:00:bd:59:ac:d6:f4:
         a9:aa:60:a0:5a:9f:59:49:b8:98:1d:21:30:dc:ce:32:73:fa:
         7f:a0:2b:a6:20:b8:3c:f0:4b:6c:51:eb:f6:d5:08:62:67:dd:
         c8:11:3f:58:f6:c7:13:57:2f:db:ef:a7:72:ca:9d:c9:2f:0e:
         6c:2c:59:30:30:5a:ba:c6:74:35:82:a3:78:80:32:33:d3:3c:
         31:28:34:0b:fa:2d:ab:ad:0f:b4:44:29:10:02:48:79:59:b8:
         da:c0:0c:fa:4c:fc:3d:55:b2:38:58:28:ff:2f:eb:22:e2:91:
         78:2a:29:7c:f3:c8:d3:1c:64:f9:08:c1:89:73:de:5a:88:ec:
         9c:ae:64:5a:66:29:28:0d:97:d5:17:5b:7f:8a:61:8a:2e:fe:
         ce:fb:47:4b:d1:f7:d6:b7:b3:f2:ab:9d:e9:81:c5:02:f3:06:
         d9:44:50:27:cc:63:b5:5b:e5:cd:20:c1:7a:81:ef:bf:63:43:
         2c:fd:15:8b:19:a2:11:73:d4:43:06:79:dc:f2:99:e6:7e:ae:
         38:2e:4f:b1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECI9bjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDUx
NzA1NDYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThhZTM3OTIyMDY5
ZjQ0NWUzNWFjNTk1YThkMTBhNWM4OGZjNjFjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVTyyDH46+klhNlt0F2d51T2e0ZbmZ6MhUYe2XweW+UAVtJ
6IBldm4eMFa08/77ON8SqPCXllIRY16x68cuoGppo2Sx8IRjI5YzQKgtH4rCSj/f
WyrVL9aFKpzM1NeJMKqzCZQ00QpL3BOBxZynNTlYohBdvR++PNM9B5qphRtzjm20
EJrmWvT4h5hYnmziA9g2/dhP19SvFaiqLil6jMg72OGsb5PhtLE8BUaxpdhEAIuG
6b+PrS8LYj9uLu0o2Bikgom+7+JEDBI1MJB8+oLClOHP1/dIh+gbPcBjS3R+LN46
QF9Gu5K/HFNTWOEQv3TAA8Vx8CnFrSuyja+A6YUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTorjeSIGn0ReNaxZWo0QpciPxhwDAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
LzZLNDNraUJwOUVYaldzV1ZxTkVLWElqOFljQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2EtTANBgkqhkiG9w0BAQsFAAOC
AQEAJM04py/f7tC9CGw4MKrD8dIf6+VIdKG1+VZbv7KlLKlgpMyQkrLwTQRAXQqh
lKICAL1ZrNb0qapgoFqfWUm4mB0hMNzOMnP6f6ArpiC4PPBLbFHr9tUIYmfdyBE/
WPbHE1cv2++ncsqdyS8ObCxZMDBausZ0NYKjeIAyM9M8MSg0C/otq60PtEQpEAJI
eVm42sAM+kz8PVWyOFgo/y/rIuKReCopfPPI0xxk+QjBiXPeWojsnK5kWmYpKA2X
1Rdbf4phii7+zvtHS9H31rez8qud6YHFAvMG2URQJ8xjtVvlzSDBeoHvv2NDLP0V
ixmiEXPUQwZ53PKZ5n6uOC5PsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org