Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/8gVZnSSYInSISCdGzp630dULM1A.roa
File:                     8gVZnSSYInSISCdGzp630dULM1A.roa (raw, json)
Hash identifier:          KeupkCpJC42MCZFVpOgzGGYgcGkgbSXqBqBazZFiNDE=
Subject key identifier:   F2:05:59:9D:24:98:22:74:88:48:27:46:CE:9E:B7:D1:D5:0B:33:50
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0182D912A5590C6C0AC25E445E4398F41D74
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/8gVZnSSYInSISCdGzp630dULM1A.roa
Signing time:             Fri 26 Aug 2022 07:34:14 +0000
ROA not before:           Fri 26 Aug 2022 07:34:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        5.105.24.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d9:12:a5:59:0c:6c:0a:c2:5e:44:5e:43:98:f4:1d:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Aug 26 07:34:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f205599d2498227488482746ce9eb7d1d50b3350
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:0c:51:7d:fd:d9:94:df:59:bc:6a:20:10:c3:
                    4d:34:35:fe:ec:14:e4:37:4d:64:b8:a1:49:b2:37:
                    e5:39:f7:16:c3:ea:e7:ed:38:bd:0f:fc:1c:08:5d:
                    cf:dd:dd:5d:e7:e1:a8:82:f2:37:9f:2d:2d:89:ba:
                    da:ef:15:48:95:73:88:45:19:b7:ea:64:bb:67:33:
                    34:3c:a1:40:be:00:f0:49:a3:b7:e3:d6:9c:97:d4:
                    5c:ca:7a:97:22:eb:aa:8c:7b:67:e9:da:16:53:59:
                    a5:3c:63:a5:3f:45:d3:a2:53:85:05:81:50:f2:07:
                    cf:f8:a6:58:f4:5b:c2:ac:35:3a:1e:8e:35:7f:0f:
                    6c:4a:c6:7b:93:77:06:17:c4:24:07:f3:2b:bf:69:
                    c6:6e:84:1a:5b:66:79:a6:d1:d5:1f:01:1d:28:9b:
                    67:ce:06:a5:49:88:5f:22:e6:b6:19:1b:bc:9e:51:
                    0e:39:9f:40:81:9c:21:17:78:29:fe:44:c4:41:c8:
                    b2:e3:33:2e:cc:cd:66:88:42:95:cf:ad:db:16:e0:
                    b0:b1:e7:1b:44:81:cb:e5:f1:e2:5c:2c:0d:5b:76:
                    38:ca:a9:77:53:a8:bc:4f:29:dd:ab:3a:cb:4b:14:
                    09:79:30:0d:db:53:7e:1b:54:3f:85:3b:a2:4d:85:
                    03:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:05:59:9D:24:98:22:74:88:48:27:46:CE:9E:B7:D1:D5:0B:33:50
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/8gVZnSSYInSISCdGzp630dULM1A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:7f:4d:f4:c1:50:93:4c:55:2d:c4:21:f2:83:da:ba:f6:3f:
         e3:8c:7a:ba:9f:27:c9:54:f9:f0:0e:d6:6e:75:fd:3f:c5:61:
         fd:bb:27:67:6e:fb:da:40:bb:44:36:be:70:d2:6a:69:84:e8:
         44:73:af:63:62:92:6f:12:a9:cf:08:f2:f2:79:d1:9c:9c:65:
         b4:77:18:18:d7:e8:3d:35:e3:57:a4:08:36:34:51:e2:03:0c:
         57:d1:1f:4c:56:d7:52:f8:47:bf:20:76:65:e8:5b:13:6a:47:
         ea:77:62:06:df:65:89:e8:d4:85:b9:6c:c0:5b:33:f8:f3:84:
         bf:58:72:23:6d:b7:bf:3f:56:32:ec:9d:cd:31:b6:f6:cd:d4:
         0c:0f:8d:f7:1c:a4:d1:e8:23:b3:ae:99:76:8a:2b:b2:f8:f3:
         46:82:5f:fe:3c:a5:02:e7:29:95:6f:3f:f2:70:bd:aa:2b:25:
         ec:e0:54:7e:8e:3a:da:f8:48:79:a2:d9:6a:cd:24:cd:bc:37:
         f4:23:18:a6:2b:33:94:db:8d:36:f0:29:69:fe:27:92:9a:77:
         a3:c2:58:f3:42:6b:a2:d7:0e:8b:49:d6:de:4c:66:19:97:52:
         0b:c9:1d:69:ff:a5:37:53:c3:20:45:17:aa:b2:da:86:9b:49:
         8f:28:95:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLZEqVZDGwKwl5EXkOY9B10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIwODI2MDczNDE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjA1NTk5ZDI0OTgyMjc0ODg0ODI3NDZjZTllYjdkMWQ1MGIzMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9gxRff3ZlN9ZvGogEMNNNDX+7BTk
N01kuKFJsjflOfcWw+rn7Ti9D/wcCF3P3d1d5+GogvI3ny0tibra7xVIlXOIRRm3
6mS7ZzM0PKFAvgDwSaO349acl9RcynqXIuuqjHtn6doWU1mlPGOlP0XTolOFBYFQ
8gfP+KZY9FvCrDU6Ho41fw9sSsZ7k3cGF8QkB/Mrv2nGboQaW2Z5ptHVHwEdKJtn
zgalSYhfIua2GRu8nlEOOZ9AgZwhF3gp/kTEQciy4zMuzM1miEKVz63bFuCwsecb
RIHL5fHiXCwNW3Y4yql3U6i8TyndqzrLSxQJeTAN21N+G1Q/hTuiTYUD1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIFWZ0kmCJ0iEgnRs6et9HVCzNQMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvOGdWWm5TU1lJblNJU0NkR3pwNjMwZFVMTTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkYMA0G
CSqGSIb3DQEBCwUAA4IBAQAgf030wVCTTFUtxCHyg9q69j/jjHq6nyfJVPnwDtZu
df0/xWH9uydnbvvaQLtENr5w0mpphOhEc69jYpJvEqnPCPLyedGcnGW0dxgY1+g9
NeNXpAg2NFHiAwxX0R9MVtdS+Ee/IHZl6FsTakfqd2IG32WJ6NSFuWzAWzP484S/
WHIjbbe/P1Yy7J3NMbb2zdQMD433HKTR6COzrpl2iiuy+PNGgl/+PKUC5ymVbz/y
cL2qKyXs4FR+jjra+Eh5otlqzSTNvDf0IximKzOU24028Clp/ieSmnejwljzQmui
1w6LSdbeTGYZl1ILyR1p/6U3U8MgRReqstqGm0mPKJXW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:55 2024 by rpki-client on console-ams.rpki-client.org