Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/9n0ZyG32K3I_Ef4P_MxlJFIgOU8.roa
File:                     9n0ZyG32K3I_Ef4P_MxlJFIgOU8.roa (raw, json)
Hash identifier:          bZyfoq6bk1jcr8FBth/hVeDr/THHW6UDGk8grYq/eog=
Subject key identifier:   F6:7D:19:C8:6D:F6:2B:72:3F:11:FE:0F:FC:CC:65:24:52:20:39:4F
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       01837A108DC43928DD7055E331D5573C488D
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/9n0ZyG32K3I_Ef4P_MxlJFIgOU8.roa
Signing time:             Mon 26 Sep 2022 13:50:48 +0000
ROA not before:           Mon 26 Sep 2022 13:50:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206127
IP address blocks:        45.150.168.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:7a:10:8d:c4:39:28:dd:70:55:e3:31:d5:57:3c:48:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Sep 26 13:50:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f67d19c86df62b723f11fe0ffccc65245220394f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:14:7f:73:da:21:81:85:16:00:00:68:6c:9a:
                    a8:71:39:a7:7b:b0:05:50:01:9f:20:ef:45:c6:61:
                    b0:83:a0:24:e3:f1:ae:22:16:85:f2:9e:41:ed:dd:
                    d0:ea:ad:99:3d:f3:a2:be:af:ab:2d:81:09:51:d9:
                    86:67:d6:cc:12:91:8b:a1:7b:c3:b7:44:0e:52:e7:
                    23:c9:d6:83:fe:0c:32:a1:a5:9e:a8:79:53:51:fe:
                    a8:d2:cc:07:b6:ee:28:3b:79:b2:35:ab:cc:37:eb:
                    47:fb:6d:3b:01:7b:30:25:11:36:c7:b2:d2:04:3a:
                    a0:d3:1f:60:53:ef:2b:fc:76:7b:90:0d:7f:76:1a:
                    ba:c8:49:b2:49:d9:64:c9:d3:1c:05:0b:c0:76:a4:
                    c3:55:f6:0f:e0:0c:87:e5:33:82:f2:bc:02:56:04:
                    a2:2a:11:ac:8c:41:7d:34:15:45:27:e5:12:37:dd:
                    f9:20:52:d3:f9:47:05:76:d6:0c:5a:4d:71:69:18:
                    09:3d:98:67:b8:d0:2f:83:46:cf:37:91:bd:43:94:
                    16:73:5b:89:f4:0b:04:3a:34:86:7a:db:5e:3c:80:
                    69:04:c5:8d:24:fd:db:84:8d:41:d9:df:7e:21:f5:
                    d9:5e:f3:85:81:3f:ed:fe:5d:99:79:1c:46:18:b2:
                    32:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:7D:19:C8:6D:F6:2B:72:3F:11:FE:0F:FC:CC:65:24:52:20:39:4F
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/9n0ZyG32K3I_Ef4P_MxlJFIgOU8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:b0:d3:05:f2:56:52:e2:7d:56:3f:4a:9d:2a:e3:af:a2:da:
         33:44:a9:ca:80:4d:fb:0a:fd:59:8b:b5:51:6b:d9:02:4d:98:
         5f:d9:a1:74:bf:48:7f:2b:3c:5c:e4:40:0a:4c:a1:68:52:8a:
         40:d6:04:10:64:8c:af:67:b0:bf:7e:bd:1c:af:fd:4f:86:7c:
         45:0e:30:38:4a:21:95:5a:5f:50:11:64:c7:29:54:08:49:86:
         88:65:c8:bd:7c:29:d8:4f:4f:3f:36:c1:d9:a5:70:60:33:d2:
         c9:12:75:53:05:ad:c4:b5:66:de:85:eb:37:3b:48:89:9c:d0:
         94:05:40:7f:df:d7:b2:47:ed:c7:71:d7:c5:84:f3:7b:73:d8:
         4d:c6:1b:e1:f5:60:45:e0:c1:bd:0c:e8:f1:94:c3:c8:ed:f1:
         21:19:8e:c5:aa:09:72:ed:85:7e:3a:49:15:1a:9e:83:31:2c:
         9e:83:a0:2e:4d:cb:3a:04:16:37:8e:14:a1:95:83:87:d2:79:
         ef:bf:08:a8:e5:03:4e:0a:5b:f3:e9:aa:a6:fa:5c:9c:ab:a9:
         87:5b:c8:c8:83:b3:5a:b7:21:44:7c:4b:e7:d6:bf:8f:39:af:
         07:8b:d9:d2:00:f2:29:c0:87:5b:e2:d1:a7:4b:72:6e:0b:be:
         6b:62:1f:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN6EI3EOSjdcFXjMdVXPEiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTI2MTM1MDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjdkMTljODZkZjYyYjcyM2YxMWZlMGZmY2NjNjUyNDUyMjAzOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRR/c9ohgYUWAABobJqocTmne7AF
UAGfIO9FxmGwg6Ak4/GuIhaF8p5B7d3Q6q2ZPfOivq+rLYEJUdmGZ9bMEpGLoXvD
t0QOUucjydaD/gwyoaWeqHlTUf6o0swHtu4oO3myNavMN+tH+207AXswJRE2x7LS
BDqg0x9gU+8r/HZ7kA1/dhq6yEmySdlkydMcBQvAdqTDVfYP4AyH5TOC8rwCVgSi
KhGsjEF9NBVFJ+USN935IFLT+UcFdtYMWk1xaRgJPZhnuNAvg0bPN5G9Q5QWc1uJ
9AsEOjSGettePIBpBMWNJP3bhI1B2d9+IfXZXvOFgT/t/l2ZeRxGGLIyMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZ9Gcht9ityPxH+D/zMZSRSIDlPMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvOW4wWnlHMzJLM0lfRWY0UF9NeGxKRklnT1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZaoMA0G
CSqGSIb3DQEBCwUAA4IBAQB0sNMF8lZS4n1WP0qdKuOvotozRKnKgE37Cv1Zi7VR
a9kCTZhf2aF0v0h/Kzxc5EAKTKFoUopA1gQQZIyvZ7C/fr0cr/1PhnxFDjA4SiGV
Wl9QEWTHKVQISYaIZci9fCnYT08/NsHZpXBgM9LJEnVTBa3EtWbehes3O0iJnNCU
BUB/39eyR+3HcdfFhPN7c9hNxhvh9WBF4MG9DOjxlMPI7fEhGY7Fqgly7YV+OkkV
Gp6DMSyeg6AuTcs6BBY3jhShlYOH0nnvvwio5QNOClvz6aqm+lycq6mHW8jIg7Na
tyFEfEvn1r+POa8Hi9nSAPIpwIdb4tGnS3JuC75rYh9I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org