Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/bOdvrAruH1DJmzKo2Ey3CxwI6YE.roa
File:                     bOdvrAruH1DJmzKo2Ey3CxwI6YE.roa (raw, json)
Hash identifier:          EaAC+3y+GOkFaFe84imnXszeYO5DX6f+n5zzTDjZfTg=
Subject key identifier:   6C:E7:6F:AC:0A:EE:1F:50:C9:9B:32:A8:D8:4C:B7:0B:1C:08:E9:81
Certificate issuer:       /CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Certificate serial:       01654B54
Authority key identifier: 99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/bOdvrAruH1DJmzKo2Ey3CxwI6YE.roa
Signing time:             Mon 03 Jan 2022 16:34:26 +0000
ROA not before:           Mon 03 Jan 2022 16:34:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207992
IP address blocks:        45.158.77.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23415636 (0x1654b54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
        Validity
            Not Before: Jan  3 16:34:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6ce76fac0aee1f50c99b32a8d84cb70b1c08e981
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8e:a7:f7:cc:16:3d:a2:60:ad:42:70:4f:06:
                    c8:a9:a8:35:11:5b:10:3d:ef:72:55:de:d0:64:45:
                    8f:b0:ac:14:3c:05:a9:57:ca:09:32:b0:06:ce:ec:
                    3b:5c:71:e8:e9:4e:e1:c2:ad:51:ea:57:42:69:9b:
                    6b:e3:77:09:26:e9:e5:f1:6c:ca:70:d5:64:06:ea:
                    ea:b4:f1:a8:7d:5b:62:6b:5d:73:93:d2:35:2c:88:
                    f5:34:6a:50:a6:c8:c7:e9:96:16:a6:18:ff:11:ac:
                    7a:09:99:7f:5c:91:48:36:64:7b:36:7b:40:2f:0a:
                    92:ec:5f:c1:78:d1:86:af:09:86:85:6a:30:49:de:
                    53:f5:2c:50:d8:ca:42:01:24:01:43:81:54:92:ca:
                    77:c5:a0:67:2a:53:cb:fd:99:c0:d5:d8:30:ef:e6:
                    9d:6b:4d:d6:0a:c8:ca:ab:6e:31:8e:a0:72:52:ec:
                    a6:8f:e7:79:24:fe:6c:60:b2:45:5f:09:bc:53:8a:
                    5e:6f:e5:86:60:77:8f:b6:ee:b7:6f:06:c9:6c:ac:
                    54:e1:85:04:95:e2:20:f0:fe:39:95:a4:bf:0a:15:
                    59:98:b6:19:2b:6a:71:62:e0:14:57:d4:5d:bf:5d:
                    ce:50:98:18:3f:19:ea:57:7b:ce:59:8b:fa:0e:79:
                    47:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:E7:6F:AC:0A:EE:1F:50:C9:9B:32:A8:D8:4C:B7:0B:1C:08:E9:81
            X509v3 Authority Key Identifier:
                keyid:99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/bOdvrAruH1DJmzKo2Ey3CxwI6YE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:f8:52:2f:15:e3:6f:a0:42:87:43:cb:8c:56:12:04:e0:bd:
         47:7c:e9:a4:08:7e:a7:06:ad:48:b5:48:6c:58:e5:6e:7e:8c:
         3a:2e:51:2d:f3:86:3b:60:46:6c:2a:00:91:9f:6f:51:0b:4f:
         61:d6:fc:07:a0:92:92:4d:b8:c8:c6:29:49:b4:56:7e:a1:e8:
         b0:70:62:8c:43:b9:54:12:bf:04:68:35:92:fa:a8:d4:79:34:
         9e:4f:8b:1d:e5:8c:49:96:30:9c:00:b9:ea:cc:d6:69:68:ac:
         20:c8:ca:13:d4:74:00:f4:02:c1:10:a4:d6:ec:46:7f:de:ea:
         4f:54:a6:80:d6:fc:bf:a8:fd:5f:1c:16:24:15:08:58:f4:20:
         48:d2:a4:13:bd:d3:f9:a3:0d:d1:81:32:cc:77:4b:f9:c4:86:
         80:b6:e0:3d:b0:ed:59:19:56:38:e5:1d:ee:35:11:7b:b2:40:
         ff:a5:ab:f0:2f:a9:40:b5:bb:95:0f:b2:4e:3d:db:ac:b3:53:
         18:44:a3:7f:0f:89:34:4f:ca:c6:6e:b7:e1:89:e7:82:a5:0e:
         4b:31:ff:0f:f4:ba:34:59:5c:ff:46:00:41:f2:29:8d:92:ff:
         27:74:13:c1:23:10:c2:23:fc:80:11:21:f2:8e:c5:73:32:70:
         c6:a8:b3:72
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWVLVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWZlZTdjYmQ4ZTc4ZDFmMTRhNDUzYTA0YjkxNmY3YzE1ODFkMjA0MB4XDTIyMDEw
MzE2MzQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmNlNzZmYWMwYWVl
MWY1MGM5OWIzMmE4ZDg0Y2I3MGIxYzA4ZTk4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJaOp/fMFj2iYK1CcE8GyKmoNRFbED3vclXe0GRFj7CsFDwF
qVfKCTKwBs7sO1xx6OlO4cKtUepXQmmba+N3CSbp5fFsynDVZAbq6rTxqH1bYmtd
c5PSNSyI9TRqUKbIx+mWFqYY/xGsegmZf1yRSDZkezZ7QC8KkuxfwXjRhq8JhoVq
MEneU/UsUNjKQgEkAUOBVJLKd8WgZypTy/2ZwNXYMO/mnWtN1grIyqtuMY6gclLs
po/neST+bGCyRV8JvFOKXm/lhmB3j7but28GyWysVOGFBJXiIPD+OZWkvwoVWZi2
GStqcWLgFFfUXb9dzlCYGD8Z6ld7zlmL+g55R2ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRs52+sCu4fUMmbMqjYTLcLHAjpgTAfBgNVHSMEGDAWgBSZ/ufL2OeNHxSk
U6BLkW98FYHSBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21mN255OWpualI4VXBGT2dTNUZ2ZkJXQjBnUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMGRkNGNiLTFmNzItNDBlZC1hNjU3LTFjMjJlZmY3MjgxOC8x
L2JPZHZyQXJ1SDFESm16S28yRXkzQ3h3STZZRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MGRkNGNiLTFmNzItNDBlZC1hNjU3LTFjMjJlZmY3MjgxOC8xL21mN255OWpualI4
VXBGT2dTNUZ2ZkJXQjBnUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2eTTANBgkqhkiG9w0BAQsFAAOC
AQEAVPhSLxXjb6BCh0PLjFYSBOC9R3zppAh+pwatSLVIbFjlbn6MOi5RLfOGO2BG
bCoAkZ9vUQtPYdb8B6CSkk24yMYpSbRWfqHosHBijEO5VBK/BGg1kvqo1Hk0nk+L
HeWMSZYwnAC56szWaWisIMjKE9R0APQCwRCk1uxGf97qT1SmgNb8v6j9XxwWJBUI
WPQgSNKkE73T+aMN0YEyzHdL+cSGgLbgPbDtWRlWOOUd7jURe7JA/6Wr8C+pQLW7
lQ+yTj3brLNTGESjfw+JNE/Kxm634YnngqUOSzH/D/S6NFlc/0YAQfIpjZL/J3QT
wSMQwiP8gBEh8o7FczJwxqizcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:37 2024 by rpki-client on console-ams.rpki-client.org