Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/7ojCMJEYd9DUTj_9irKxOCIIOno.roa
File:                     7ojCMJEYd9DUTj_9irKxOCIIOno.roa (raw, json)
Hash identifier:          I+fZxF5dIVzxcgwrUYfSZP+jnjWG2IxWlL0hjO7mVJ0=
Subject key identifier:   EE:88:C2:30:91:18:77:D0:D4:4E:3F:FD:8A:B2:B1:38:22:08:3A:7A
Certificate issuer:       /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial:       045CE7D8
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/7ojCMJEYd9DUTj_9irKxOCIIOno.roa
Signing time:             Sat 01 Jan 2022 00:54:00 +0000
ROA not before:           Sat 01 Jan 2022 00:54:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25462
IP address blocks:        87.245.216.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73197528 (0x45ce7d8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
        Validity
            Not Before: Jan  1 00:54:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ee88c230911877d0d44e3ffd8ab2b13822083a7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:53:9d:59:fe:80:77:dd:22:9b:f5:0f:66:13:
                    90:85:fb:a3:72:b3:1d:71:05:58:7b:0b:82:6f:eb:
                    30:f4:57:70:d1:f3:be:44:05:e2:bd:5f:62:5f:dd:
                    3a:ed:13:d4:70:91:1a:de:99:19:bd:7a:d1:bd:40:
                    d8:37:56:c1:7a:14:dd:49:98:e8:59:c4:b0:25:9a:
                    77:0e:96:04:54:86:08:01:0f:4b:a8:06:7b:e1:a7:
                    be:69:df:eb:c1:ea:71:79:7d:94:54:59:23:c6:56:
                    c5:6f:78:c0:0f:c2:c9:57:14:a0:6d:42:14:d2:12:
                    e8:2e:c5:b2:69:f6:f1:ec:6b:be:8e:86:c5:69:af:
                    7e:a8:1a:56:36:82:bd:03:1d:20:60:8c:2a:e2:f3:
                    04:e3:b9:c7:da:05:3b:30:07:c0:35:9e:5b:81:26:
                    f9:8e:39:33:a5:35:6b:c4:d2:bc:2f:84:07:a9:30:
                    9c:32:f4:4d:79:f4:ff:55:f2:aa:7a:4d:c3:8d:cf:
                    8f:20:9d:12:08:d8:7f:ee:5e:a6:a8:df:92:29:52:
                    d5:58:37:db:bb:76:3c:a7:3f:fa:af:45:52:fd:01:
                    a3:0b:45:74:4a:dc:38:94:73:da:63:fe:a7:39:c3:
                    d1:f9:13:c8:cf:a3:21:99:7e:c7:4a:b4:d5:1f:80:
                    9b:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:88:C2:30:91:18:77:D0:D4:4E:3F:FD:8A:B2:B1:38:22:08:3A:7A
            X509v3 Authority Key Identifier:
                keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/7ojCMJEYd9DUTj_9irKxOCIIOno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.245.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         15:7a:e9:f7:dc:a0:3f:c0:36:fc:04:d5:8a:61:13:22:b9:2a:
         3a:a4:9d:cf:99:2b:ef:18:9c:23:4b:84:b8:eb:c6:40:51:e6:
         6f:b2:ab:8a:e7:84:4a:fb:20:96:31:e5:f3:97:78:5d:3a:e3:
         90:75:ef:c7:dc:cb:a9:fe:75:06:ad:53:0a:5e:ba:17:e9:d2:
         d6:de:4d:73:af:0a:e7:f0:2d:50:62:53:0d:5a:c2:c3:17:70:
         8b:0a:d2:f2:03:03:c7:11:11:9f:50:59:81:05:e5:ab:d4:ce:
         9c:40:f3:e3:ce:22:c1:29:13:1e:40:d1:20:e6:5a:6d:99:5b:
         8d:79:14:10:15:22:e5:a7:eb:4b:02:73:55:99:1e:b1:eb:d7:
         2b:74:f7:a7:ad:dd:f6:f0:d1:21:61:fd:1b:95:98:8b:ba:40:
         1c:d3:78:48:5c:74:f1:92:4e:01:49:86:21:5a:f7:78:46:97:
         bf:bc:8a:74:d9:76:a6:41:0c:3f:32:1a:ed:6a:b3:19:cc:69:
         c8:59:c6:2b:b3:d7:af:07:fc:de:18:ac:8c:9e:df:80:8f:aa:
         a7:6c:56:81:5c:72:e2:de:19:61:b2:1b:12:b8:3b:8b:11:7c:
         d6:47:ca:2c:c5:3a:8c:be:c2:1a:c5:d7:4c:38:c5:7f:2b:32:
         8b:17:81:d2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBFzn2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWJlMDJkZWEwYTA4NmU5ODgwZjU2NGM4Njg3MmJiYzU5N2NjNjcyMB4XDTIyMDEw
MTAwNTQwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWU4OGMyMzA5MTE4
NzdkMGQ0NGUzZmZkOGFiMmIxMzgyMjA4M2E3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJTnVn+gHfdIpv1D2YTkIX7o3KzHXEFWHsLgm/rMPRXcNHz
vkQF4r1fYl/dOu0T1HCRGt6ZGb160b1A2DdWwXoU3UmY6FnEsCWadw6WBFSGCAEP
S6gGe+Gnvmnf68HqcXl9lFRZI8ZWxW94wA/CyVcUoG1CFNIS6C7Fsmn28exrvo6G
xWmvfqgaVjaCvQMdIGCMKuLzBOO5x9oFOzAHwDWeW4Em+Y45M6U1a8TSvC+EB6kw
nDL0TXn0/1XyqnpNw43PjyCdEgjYf+5epqjfkilS1Vg327t2PKc/+q9FUv0BowtF
dErcOJRz2mP+pznD0fkTyM+jIZl+x0q01R+AmxcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTuiMIwkRh30NROP/2KsrE4Igg6ejAfBgNVHSMEGDAWgBQpvgLeoKCG6YgP
VkyGhyu8WXzGcjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tiNEMzcUNnaHVtSUQxWk1ob2NydkZsOHhuSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvZWExY2ZmLWFlOGYtNDcxOS04OWIzLTAwM2ExNTY4YmYzZi8x
LzdvakNNSkVZZDlEVVRqXzlpckt4T0NJSU9uby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
ZWExY2ZmLWFlOGYtNDcxOS04OWIzLTAwM2ExNTY4YmYzZi8xL0tiNEMzcUNnaHVt
SUQxWk1ob2NydkZsOHhuSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1f12DANBgkqhkiG9w0BAQsFAAOC
AQEAFXrp99ygP8A2/ATVimETIrkqOqSdz5kr7xicI0uEuOvGQFHmb7KriueESvsg
ljHl85d4XTrjkHXvx9zLqf51Bq1TCl66F+nS1t5Nc68K5/AtUGJTDVrCwxdwiwrS
8gMDxxERn1BZgQXlq9TOnEDz484iwSkTHkDRIOZabZlbjXkUEBUi5afrSwJzVZke
sevXK3T3p63d9vDRIWH9G5WYi7pAHNN4SFx08ZJOAUmGIVr3eEaXv7yKdNl2pkEM
PzIa7WqzGcxpyFnGK7PXrwf83hisjJ7fgI+qp2xWgVxy4t4ZYbIbErg7ixF81kfK
LMU6jL7CGsXXTDjFfysyixeB0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org