Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/6iemESQWEex0ZAbjaTQScyQgp9g.roa
File:                     6iemESQWEex0ZAbjaTQScyQgp9g.roa (raw, json)
Hash identifier:          IlwRG+13xBEanjbtN7SrdarYIVumLPBK7JUfpVK0Ww4=
Subject key identifier:   EA:27:A6:11:24:16:11:EC:74:64:06:E3:69:34:12:73:24:20:A7:D8
Certificate issuer:       /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial:       0181F3F293B82EF6884DF6EA8825BE312A7A
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/6iemESQWEex0ZAbjaTQScyQgp9g.roa
Signing time:             Tue 12 Jul 2022 19:46:09 +0000
ROA not before:           Tue 12 Jul 2022 19:46:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     142430
IP address blocks:        45.80.29.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f3:f2:93:b8:2e:f6:88:4d:f6:ea:88:25:be:31:2a:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
        Validity
            Not Before: Jul 12 19:46:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ea27a611241611ec746406e3693412732420a7d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d2:40:46:d8:52:47:75:27:30:ec:ae:f9:75:
                    b2:22:79:12:3f:7d:25:03:93:7a:d0:43:15:42:d5:
                    6f:f9:1d:be:63:1d:f5:cd:0a:98:58:25:47:00:d2:
                    7e:cc:f5:14:9f:0e:87:58:e0:0b:12:e7:85:24:3d:
                    bf:27:3c:86:48:b8:cd:17:0e:20:d0:ef:cb:e9:7d:
                    17:c8:47:31:d6:f3:a0:9c:c8:29:7c:16:2b:7e:17:
                    f6:cf:68:0f:a0:dd:3a:91:0a:0c:21:25:26:47:d0:
                    c0:bf:cb:09:1a:3a:5c:45:d1:ff:b9:92:d1:c2:20:
                    b0:0f:5b:c7:23:43:b6:aa:11:3b:09:3d:33:0b:2f:
                    02:b2:28:a6:05:b4:31:5f:14:1c:85:b6:da:3a:8e:
                    d3:6a:52:47:5e:d3:ef:dd:ca:e0:2d:51:36:56:19:
                    d6:67:74:05:30:aa:a1:bb:91:74:35:de:1f:32:df:
                    be:b7:4f:4a:83:3c:35:96:bd:d3:15:ad:63:24:30:
                    5a:51:c6:6f:dc:78:c9:f5:09:13:06:59:c2:b4:16:
                    d7:97:dc:53:6d:e8:e1:05:86:c6:63:a9:d1:52:c9:
                    a3:94:46:e0:ab:d8:75:2d:09:2f:1f:f4:77:12:35:
                    57:67:12:2a:b2:dd:9a:e5:d6:97:6f:db:ad:75:a3:
                    e4:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:27:A6:11:24:16:11:EC:74:64:06:E3:69:34:12:73:24:20:A7:D8
            X509v3 Authority Key Identifier:
                keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/6iemESQWEex0ZAbjaTQScyQgp9g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:0e:bd:3b:df:9b:fd:e3:b4:94:c6:e7:ee:8f:da:a0:03:3d:
         0a:6e:22:99:0a:c2:bd:1a:9c:8b:a3:f9:ed:0a:21:da:43:06:
         87:d3:1c:ce:b6:61:25:7e:c1:92:fe:12:af:a9:6e:6e:7d:f0:
         69:f0:18:b2:dc:e5:88:cf:87:02:08:f4:bb:d4:e0:50:4d:3d:
         4d:e2:a2:2a:89:a0:e6:8c:34:19:a3:f4:57:76:7a:07:dc:7e:
         d4:d6:51:da:bf:80:0d:be:0b:5b:2e:83:c3:ad:5b:68:28:2d:
         01:e4:92:8e:15:f7:a3:23:92:2a:71:75:c3:08:87:22:3f:65:
         de:74:a2:35:f4:a4:c2:19:1e:2d:c3:2a:f2:9a:89:0b:64:70:
         b0:f7:18:d8:66:94:b6:74:a2:f6:39:aa:e8:3d:54:40:21:5d:
         91:bb:ba:06:36:1a:de:35:5c:c0:f1:fd:48:74:eb:82:4c:8c:
         10:ba:25:ae:3c:c6:8e:a8:19:2d:fb:bd:82:b8:4e:fb:cc:c1:
         54:0b:cd:f1:be:fe:44:39:bc:d6:7c:3e:9f:5e:34:1d:f2:d4:
         3c:95:6f:ff:9e:eb:7c:4c:7b:36:ad:75:fc:ec:14:c5:ad:26:
         b2:30:7b:12:08:82:81:72:4b:8d:6f:21:a0:ea:2a:71:00:5e:
         d1:53:45:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHz8pO4LvaITfbqiCW+MSp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjIwNzEyMTk0NjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTI3YTYxMTI0MTYxMWVjNzQ2NDA2ZTM2OTM0MTI3MzI0MjBhN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNJARthSR3UnMOyu+XWyInkSP30l
A5N60EMVQtVv+R2+Yx31zQqYWCVHANJ+zPUUnw6HWOALEueFJD2/JzyGSLjNFw4g
0O/L6X0XyEcx1vOgnMgpfBYrfhf2z2gPoN06kQoMISUmR9DAv8sJGjpcRdH/uZLR
wiCwD1vHI0O2qhE7CT0zCy8CsiimBbQxXxQchbbaOo7TalJHXtPv3crgLVE2VhnW
Z3QFMKqhu5F0Nd4fMt++t09Kgzw1lr3TFa1jJDBaUcZv3HjJ9QkTBlnCtBbXl9xT
bejhBYbGY6nRUsmjlEbgq9h1LQkvH/R3EjVXZxIqst2a5daXb9utdaPk4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOonphEkFhHsdGQG42k0EnMkIKfYMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvNmllbUVTUVdFZXgwWkFiamFUUVNjeVFncDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVAdMA0G
CSqGSIb3DQEBCwUAA4IBAQCKDr0735v947SUxufuj9qgAz0KbiKZCsK9GpyLo/nt
CiHaQwaH0xzOtmElfsGS/hKvqW5uffBp8Biy3OWIz4cCCPS71OBQTT1N4qIqiaDm
jDQZo/RXdnoH3H7U1lHav4ANvgtbLoPDrVtoKC0B5JKOFfejI5IqcXXDCIciP2Xe
dKI19KTCGR4twyrymokLZHCw9xjYZpS2dKL2OaroPVRAIV2Ru7oGNhreNVzA8f1I
dOuCTIwQuiWuPMaOqBkt+72CuE77zMFUC83xvv5EObzWfD6fXjQd8tQ8lW//nut8
THs2rXX87BTFrSayMHsSCIKBckuNbyGg6ipxAF7RU0WO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:38 2024 by rpki-client on console-ams.rpki-client.org