Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xj1tvudl4mE0-fhWzpz7-bCiiaw.roa
File:                     xj1tvudl4mE0-fhWzpz7-bCiiaw.roa (raw, json)
Hash identifier:          5SZaO58tLTYL5aFbsCZGsYn7aS8zq0d1y2sx/S7JPnU=
Subject key identifier:   C6:3D:6D:BE:E7:65:E2:61:34:F9:F8:56:CE:9C:FB:F9:B0:A2:89:AC
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       154531C3
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xj1tvudl4mE0-fhWzpz7-bCiiaw.roa
Signing time:             Sat 04 Jun 2022 10:28:22 +0000
ROA not before:           Sat 04 Jun 2022 10:28:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204872
IP address blocks:        45.150.180.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 356856259 (0x154531c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jun  4 10:28:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c63d6dbee765e26134f9f856ce9cfbf9b0a289ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:18:1f:a1:a0:19:86:38:c1:f7:bb:66:da:4b:
                    5c:ec:0a:a5:c5:5e:59:db:07:24:6a:1e:b9:50:c0:
                    c5:2c:c3:79:e2:56:e0:4d:5b:c4:eb:46:17:59:fa:
                    3e:52:fb:b1:64:b1:c3:15:b0:ef:8a:46:93:90:2d:
                    63:2e:00:4f:b5:ca:82:cc:e8:77:01:b6:cf:89:e9:
                    40:b8:f1:51:db:eb:da:94:2f:0f:7d:9e:9e:46:de:
                    eb:fe:46:6f:89:f4:2a:e4:4f:5b:5a:b7:bb:62:56:
                    94:a2:4d:c3:ea:cf:a0:8f:66:c0:48:56:8a:80:16:
                    62:2b:16:1c:1f:a4:ee:f9:02:1d:42:d6:3b:9b:2a:
                    71:a6:05:1b:7a:ca:2c:ea:87:47:dc:52:26:c0:8b:
                    fd:0f:af:32:a2:e4:04:16:ac:aa:30:3c:cc:2e:d3:
                    0f:59:a4:49:aa:62:c2:9f:81:ab:28:d1:a3:a2:a1:
                    72:ad:f1:dc:ab:2f:0c:7a:49:e7:21:47:43:53:f9:
                    cf:29:9f:cf:1c:c0:08:3e:f9:21:f1:cd:4e:58:68:
                    6a:e8:95:1c:65:c5:5f:4b:d5:9e:1f:63:a1:6b:a9:
                    d1:e0:a6:1f:39:af:8d:09:83:f5:1d:2c:37:ed:58:
                    44:b4:7b:af:c8:02:d3:81:d3:ea:9e:d6:8e:98:30:
                    60:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:3D:6D:BE:E7:65:E2:61:34:F9:F8:56:CE:9C:FB:F9:B0:A2:89:AC
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xj1tvudl4mE0-fhWzpz7-bCiiaw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:30:4d:8c:d8:66:40:39:d5:5e:37:cf:d8:06:51:33:11:6a:
         95:0c:36:6c:92:85:cd:12:e7:b1:98:d5:a5:76:db:33:d0:1b:
         3f:a5:3a:1b:bd:e2:56:06:f8:1f:57:ca:9f:c2:2b:dd:3a:09:
         09:9a:51:e6:20:24:20:e5:59:6a:b8:43:46:16:29:7e:ab:35:
         59:62:0a:55:68:96:02:d8:4b:1c:54:2f:66:a5:27:bc:cc:5b:
         0c:31:07:8b:6e:d1:fe:0e:63:46:09:bc:03:38:9a:6f:3a:88:
         48:e8:26:6f:9c:26:47:a3:0c:eb:b6:45:f9:a7:5e:cb:2b:fb:
         cc:4c:90:54:88:4d:46:96:92:a2:0b:34:79:39:e4:54:f7:ea:
         7c:0a:68:8e:04:10:35:6d:60:7a:6d:ed:3d:5c:5c:ab:ed:29:
         d1:ce:41:5a:d4:cd:2b:66:c6:0c:3d:2b:25:fc:21:07:11:1c:
         cc:52:32:91:cc:8b:3e:1b:f1:e2:7a:ce:bb:cc:82:c4:61:3c:
         85:1d:75:88:b3:68:f6:e3:a1:70:14:84:62:8f:36:f0:b7:51:
         49:2e:db:c0:d1:bf:1e:c3:e8:6f:6b:a3:57:c0:78:61:c4:2a:
         70:fe:87:86:44:5a:1b:6c:21:9b:d4:eb:84:72:a8:f7:e4:a7:
         f7:b4:8a:a3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFUUxwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDYw
NDEwMjgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYzZDZkYmVlNzY1
ZTI2MTM0ZjlmODU2Y2U5Y2ZiZjliMGEyODlhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOEYH6GgGYY4wfe7ZtpLXOwKpcVeWdsHJGoeuVDAxSzDeeJW
4E1bxOtGF1n6PlL7sWSxwxWw74pGk5AtYy4AT7XKgszodwG2z4npQLjxUdvr2pQv
D32enkbe6/5Gb4n0KuRPW1q3u2JWlKJNw+rPoI9mwEhWioAWYisWHB+k7vkCHULW
O5sqcaYFG3rKLOqHR9xSJsCL/Q+vMqLkBBasqjA8zC7TD1mkSapiwp+BqyjRo6Kh
cq3x3KsvDHpJ5yFHQ1P5zymfzxzACD75IfHNTlhoauiVHGXFX0vVnh9joWup0eCm
HzmvjQmD9R0sN+1YRLR7r8gC04HT6p7WjpgwYH0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTGPW2+52XiYTT5+FbOnPv5sKKJrDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L3hqMXR2dWRsNG1FMC1maFd6cHo3LWJDaWlhdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2WtDANBgkqhkiG9w0BAQsFAAOC
AQEAhzBNjNhmQDnVXjfP2AZRMxFqlQw2bJKFzRLnsZjVpXbbM9AbP6U6G73iVgb4
H1fKn8Ir3ToJCZpR5iAkIOVZarhDRhYpfqs1WWIKVWiWAthLHFQvZqUnvMxbDDEH
i27R/g5jRgm8AziabzqISOgmb5wmR6MM67ZF+adeyyv7zEyQVIhNRpaSogs0eTnk
VPfqfApojgQQNW1gem3tPVxcq+0p0c5BWtTNK2bGDD0rJfwhBxEczFIykcyLPhvx
4nrOu8yCxGE8hR11iLNo9uOhcBSEYo828LdRSS7bwNG/HsPob2ujV8B4YcQqcP6H
hkRaG2whm9TrhHKo9+Sn97SKow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org