Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/h8zseZQEZv8WroMGN4XwSADevIY.roa
File:                     h8zseZQEZv8WroMGN4XwSADevIY.roa (raw, json)
Hash identifier:          apXSInho492Dr+DRUMTQccYS22E3k3DsZM1eJNn7dWc=
Subject key identifier:   87:CC:EC:79:94:04:66:FF:16:AE:83:06:37:85:F0:48:00:DE:BC:86
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       018408D81FFA6EB4CB01173A42D86F58CE04
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/h8zseZQEZv8WroMGN4XwSADevIY.roa
Signing time:             Mon 24 Oct 2022 07:14:52 +0000
ROA not before:           Mon 24 Oct 2022 07:14:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400377
IP address blocks:        5.105.106.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:08:d8:1f:fa:6e:b4:cb:01:17:3a:42:d8:6f:58:ce:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Oct 24 07:14:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=87ccec79940466ff16ae83063785f04800debc86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:e7:08:b5:cd:12:e8:f6:ba:e9:cf:b1:b8:bc:
                    dc:04:37:73:65:da:9d:4f:3e:43:25:04:ab:e5:84:
                    ce:b6:1a:b2:10:34:38:19:06:bd:64:b5:47:dc:01:
                    4b:e7:49:25:95:16:b4:54:dd:00:6a:28:0d:b4:72:
                    2c:b8:ba:e4:7e:b1:00:a1:db:e1:e1:c6:7a:fb:cb:
                    ed:0c:f4:94:9b:0f:7b:3a:0c:e1:6d:bd:19:37:3a:
                    a3:9e:59:76:4e:05:cf:16:97:6d:93:64:bb:30:bc:
                    53:e5:44:82:33:a3:70:27:85:32:70:d7:ec:5f:ed:
                    36:26:72:c7:14:3c:39:23:58:f3:b1:6e:e2:96:10:
                    d7:6a:77:02:d8:1d:dc:a9:d5:fb:15:3c:02:97:e1:
                    58:12:01:81:fa:50:75:1c:e1:ca:da:ea:6f:62:83:
                    c0:f4:66:8d:ee:49:bb:48:64:42:50:c9:67:e5:c5:
                    d1:43:1e:05:f8:06:7b:d2:d8:67:b4:bd:08:14:9f:
                    80:41:2d:84:9a:bf:0f:de:ec:fb:cc:88:28:80:a1:
                    91:97:67:dd:df:f8:5d:86:32:40:f7:d6:dc:4e:16:
                    fc:3b:63:7c:4c:99:07:b7:a9:4a:f4:91:c8:de:af:
                    82:e1:f1:cb:0f:cb:5d:05:52:ee:98:29:42:f1:fa:
                    b1:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:CC:EC:79:94:04:66:FF:16:AE:83:06:37:85:F0:48:00:DE:BC:86
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/h8zseZQEZv8WroMGN4XwSADevIY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:17:31:a0:88:ec:4d:9c:a7:0b:72:b5:8b:78:f1:96:5e:94:
         1c:af:e1:4a:09:99:75:59:87:78:72:56:14:52:ee:3b:83:83:
         18:6e:51:c3:65:3a:d0:0a:ed:b2:9d:df:6b:b6:ba:57:d9:59:
         7e:8a:24:cc:1f:25:f8:96:4e:cd:6f:e6:cf:41:5e:8f:ff:28:
         e5:e4:80:9f:c2:51:33:35:90:4d:94:ad:28:a1:fb:fa:32:e5:
         fc:49:7f:68:03:ca:bd:99:14:36:c5:b6:cc:48:e3:e5:36:b4:
         b5:ad:aa:28:d9:f2:46:06:9d:ef:12:3f:c2:e8:71:99:44:f8:
         e3:b2:9f:5c:a8:21:21:68:de:65:7b:3b:80:56:e6:5d:c7:8b:
         ac:ce:69:90:05:ac:c1:21:a8:08:10:bb:3a:01:80:f2:2b:38:
         d8:76:b3:1a:25:e5:12:02:e7:1f:37:13:79:99:28:8d:79:22:
         42:36:d6:88:2b:8d:97:00:19:4d:c8:2d:03:6a:ca:53:6d:57:
         4b:15:5b:70:c2:86:9a:ee:61:a5:ad:d8:1a:3b:d9:9d:ec:1e:
         d7:68:9b:62:d1:45:1f:c8:6c:7e:b1:59:bb:22:ee:01:ce:e0:
         1e:7d:e9:50:6f:d6:7f:23:fb:67:48:76:01:1c:bc:0f:a5:64:
         7e:bc:7d:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQI2B/6brTLARc6QthvWM4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDI0MDcxNDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2NjZWM3OTk0MDQ2NmZmMTZhZTgzMDYzNzg1ZjA0ODAwZGViYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+cItc0S6Pa66c+xuLzcBDdzZdqd
Tz5DJQSr5YTOthqyEDQ4GQa9ZLVH3AFL50kllRa0VN0AaigNtHIsuLrkfrEAodvh
4cZ6+8vtDPSUmw97Ogzhbb0ZNzqjnll2TgXPFpdtk2S7MLxT5USCM6NwJ4UycNfs
X+02JnLHFDw5I1jzsW7ilhDXancC2B3cqdX7FTwCl+FYEgGB+lB1HOHK2upvYoPA
9GaN7km7SGRCUMln5cXRQx4F+AZ70thntL0IFJ+AQS2Emr8P3uz7zIgogKGRl2fd
3/hdhjJA99bcThb8O2N8TJkHt6lK9JHI3q+C4fHLD8tdBVLumClC8fqx+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfM7HmUBGb/Fq6DBjeF8EgA3ryGMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvaDh6c2VaUUVadjhXcm9NR040WHdTQURldklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWlqMA0G
CSqGSIb3DQEBCwUAA4IBAQB6FzGgiOxNnKcLcrWLePGWXpQcr+FKCZl1WYd4clYU
Uu47g4MYblHDZTrQCu2ynd9rtrpX2Vl+iiTMHyX4lk7Nb+bPQV6P/yjl5ICfwlEz
NZBNlK0oofv6MuX8SX9oA8q9mRQ2xbbMSOPlNrS1raoo2fJGBp3vEj/C6HGZRPjj
sp9cqCEhaN5lezuAVuZdx4uszmmQBazBIagIELs6AYDyKzjYdrMaJeUSAucfNxN5
mSiNeSJCNtaIK42XABlNyC0DaspTbVdLFVtwwoaa7mGlrdgaO9md7B7XaJti0UUf
yGx+sVm7Iu4BzuAefelQb9Z/I/tnSHYBHLwPpWR+vH2L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:58 2024 by rpki-client on console-ams.rpki-client.org