Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/8EfcO3qaD-tgUQpH2gluat1yCeI.roa
File:                     8EfcO3qaD-tgUQpH2gluat1yCeI.roa (raw, json)
Hash identifier:          g1MdXcHSOg6y+0CftePdX8YLntHfgIYohpgXyMdjtaY=
Subject key identifier:   F0:47:DC:3B:7A:9A:0F:EB:60:51:0A:47:DA:09:6E:6A:DD:72:09:E2
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       48709C00
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/8EfcO3qaD-tgUQpH2gluat1yCeI.roa
Signing time:             Sat 01 Jan 2022 03:00:33 +0000
ROA not before:           Sat 01 Jan 2022 03:00:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58061
IP address blocks:        46.161.44.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1215339520 (0x48709c00)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jan  1 03:00:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f047dc3b7a9a0feb60510a47da096e6add7209e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:63:71:00:4b:7b:53:86:1f:90:6e:fd:f5:47:
                    35:82:a7:5d:6b:95:7d:ea:d2:de:b7:7e:89:f8:5f:
                    1a:10:11:dc:bb:7e:b5:7a:27:13:9b:50:f4:37:5e:
                    b5:5d:73:5b:82:54:bd:80:14:f9:96:be:b3:b0:28:
                    67:bf:86:5a:d7:6a:5f:3b:99:f9:f7:ba:ee:90:e3:
                    4a:5e:7e:e0:15:7f:26:d2:cb:a7:a1:e5:38:40:fe:
                    5b:e5:26:46:eb:a4:b9:c3:da:3a:50:92:47:90:f4:
                    e0:da:fd:22:e5:2f:03:5b:ef:c9:60:27:fa:ee:af:
                    83:cd:24:28:72:51:8d:58:80:43:58:7e:73:99:01:
                    c3:8e:37:a6:80:5d:bc:df:aa:d4:1b:71:5a:f0:6b:
                    8c:28:3d:c8:80:3c:42:29:a7:89:65:9e:78:cf:a1:
                    17:42:e7:40:fb:b7:d9:d5:03:41:63:d0:9f:08:50:
                    9f:7c:b2:98:2a:ce:76:7e:a9:d0:46:52:a1:11:ff:
                    f8:2a:e5:72:82:9c:74:ab:47:35:19:72:4d:da:d2:
                    33:46:c0:05:cd:95:85:4d:80:5c:d4:bf:d1:9e:c0:
                    1e:af:80:4c:94:04:b3:29:91:6f:4c:00:ed:06:65:
                    a6:a7:e2:09:29:d7:63:d3:3d:32:8e:78:18:9d:0b:
                    15:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:47:DC:3B:7A:9A:0F:EB:60:51:0A:47:DA:09:6E:6A:DD:72:09:E2
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/8EfcO3qaD-tgUQpH2gluat1yCeI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.161.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         58:ba:aa:d1:cf:92:f7:dc:90:6d:2a:70:5e:ba:4f:fc:8f:df:
         68:0a:87:ce:3a:fa:4b:6e:87:38:e3:cc:4d:31:39:9e:e7:30:
         f3:e6:b2:a5:c0:a0:27:77:52:82:49:8d:d5:31:90:47:01:bb:
         8b:75:fb:1d:bc:3c:e3:53:8f:8e:1b:f9:72:1f:f3:2b:22:6c:
         9a:21:6d:46:7c:c0:53:ae:79:32:04:09:f1:c6:ec:20:14:ae:
         ef:90:33:b1:c5:57:07:5b:1c:ea:0a:ff:50:98:c5:29:4a:f5:
         9c:d7:85:3b:e4:61:65:a5:26:b7:31:37:ab:93:3a:2f:d4:0a:
         71:22:3c:9b:b9:a2:a0:a5:5d:b6:f6:da:4d:c8:28:9f:b5:f9:
         64:00:1f:0f:2d:57:a7:96:e5:32:b4:11:cb:d9:ae:4d:e9:e6:
         23:85:32:07:9e:34:39:b7:b3:86:f1:ec:3e:a6:c9:1d:7d:d7:
         66:dd:b2:66:1b:53:fa:f2:cf:2b:c2:04:61:f1:a3:56:ac:c0:
         cd:80:14:06:b2:44:b6:20:55:a4:ae:08:ab:b2:a4:cc:70:29:
         f6:d8:80:56:2d:64:77:f6:e4:a8:ec:5e:c7:99:26:66:5a:f3:
         af:81:0b:5c:66:78:ba:c6:46:71:0c:d0:81:06:fc:a8:fc:66:
         d5:19:47:4f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIESHCcADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA0N2RjM2I3YTlh
MGZlYjYwNTEwYTQ3ZGEwOTZlNmFkZDcyMDllMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhjcQBLe1OGH5Bu/fVHNYKnXWuVferS3rd+ifhfGhAR3Lt+
tXonE5tQ9DdetV1zW4JUvYAU+Za+s7AoZ7+GWtdqXzuZ+fe67pDjSl5+4BV/JtLL
p6HlOED+W+UmRuukucPaOlCSR5D04Nr9IuUvA1vvyWAn+u6vg80kKHJRjViAQ1h+
c5kBw443poBdvN+q1BtxWvBrjCg9yIA8QimniWWeeM+hF0LnQPu32dUDQWPQnwhQ
n3yymCrOdn6p0EZSoRH/+CrlcoKcdKtHNRlyTdrSM0bABc2VhU2AXNS/0Z7AHq+A
TJQEsymRb0wA7QZlpqfiCSnXY9M9Mo54GJ0LFZcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTwR9w7epoP62BRCkfaCW5q3XIJ4jAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
LzhFZmNPM3FhRC10Z1VRcEgyZ2x1YXQxeUNlSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6hLDANBgkqhkiG9w0BAQsFAAOC
AQEAWLqq0c+S99yQbSpwXrpP/I/faAqHzjr6S26HOOPMTTE5nucw8+aypcCgJ3dS
gkmN1TGQRwG7i3X7Hbw841OPjhv5ch/zKyJsmiFtRnzAU655MgQJ8cbsIBSu75Az
scVXB1sc6gr/UJjFKUr1nNeFO+RhZaUmtzE3q5M6L9QKcSI8m7mioKVdtvbaTcgo
n7X5ZAAfDy1Xp5blMrQRy9muTenmI4UyB540ObezhvHsPqbJHX3XZt2yZhtT+vLP
K8IEYfGjVqzAzYAUBrJEtiBVpK4Iq7KkzHAp9tiAVi1kd/bkqOxex5kmZlrzr4EL
XGZ4usZGcQzQgQb8qPxm1RlHTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org