Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/AA4NjLKu5CW1bvxgoRiuqH72r18.roa
File:                     AA4NjLKu5CW1bvxgoRiuqH72r18.roa (raw, json)
Hash identifier:          xBvomA1WEfozXeVECytDuyBcQoQEygveK7mvtwlKn9Q=
Subject key identifier:   00:0E:0D:8C:B2:AE:E4:25:B5:6E:FC:60:A1:18:AE:A8:7E:F6:AF:5F
Certificate issuer:       /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial:       0183D122B6AA5875B69828B991C1E7628C99
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/AA4NjLKu5CW1bvxgoRiuqH72r18.roa
Signing time:             Thu 13 Oct 2022 11:37:36 +0000
ROA not before:           Thu 13 Oct 2022 11:37:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     140947
IP address blocks:        45.80.31.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:d1:22:b6:aa:58:75:b6:98:28:b9:91:c1:e7:62:8c:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
        Validity
            Not Before: Oct 13 11:37:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=000e0d8cb2aee425b56efc60a118aea87ef6af5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:41:0d:3a:7b:6d:05:24:1e:36:63:67:b5:aa:
                    aa:76:da:fb:1e:3d:02:7d:1c:1d:e7:4c:a6:ba:26:
                    15:d1:f6:4b:9c:3e:42:a6:4e:a3:c2:85:77:3e:13:
                    1f:b3:17:9b:7a:f7:a6:89:ee:cd:e8:09:d1:ff:88:
                    67:a0:f4:d0:e2:87:4c:a5:ae:0b:6f:cb:4b:23:2b:
                    cf:0d:6b:b4:bb:27:e4:af:10:f2:ac:ec:38:db:23:
                    8f:cc:07:1e:d3:16:56:cd:c7:ae:57:91:bd:e3:20:
                    2f:1f:54:8e:f5:93:df:bf:ed:9e:2f:c1:ef:5f:2c:
                    55:45:96:a2:23:8e:d7:f1:d9:a1:34:f4:2a:27:f9:
                    24:77:0a:2e:ca:f8:6d:21:43:6f:f2:69:cf:18:70:
                    46:26:71:0a:66:9c:a5:db:65:b3:d8:b4:e8:9c:f3:
                    24:0d:07:75:5e:d7:8a:bf:75:c9:85:93:9e:40:2a:
                    9a:9a:7e:46:e1:97:33:fc:54:1f:1e:e4:9c:b5:8f:
                    bc:81:a2:02:43:94:5d:e0:ad:c2:f7:d9:12:59:0f:
                    cb:97:1b:5a:50:64:c5:89:eb:a2:7e:9a:30:90:39:
                    42:6b:03:54:f9:25:9c:ee:26:d2:f9:9c:aa:3b:f7:
                    2b:9a:dc:af:90:37:90:5a:82:8e:db:de:52:ea:70:
                    04:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:0E:0D:8C:B2:AE:E4:25:B5:6E:FC:60:A1:18:AE:A8:7E:F6:AF:5F
            X509v3 Authority Key Identifier:
                keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/AA4NjLKu5CW1bvxgoRiuqH72r18.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:68:f5:9c:f2:2a:e1:43:09:e2:77:38:f6:96:af:19:83:5e:
         29:10:98:90:0d:4b:b4:d4:ae:f8:4a:e5:b8:cb:a4:2a:9f:62:
         23:13:87:1e:99:af:86:fc:b0:5d:be:14:d9:eb:42:8b:a0:87:
         4c:27:8c:ef:0e:e4:d6:24:df:b2:9c:9d:c8:89:eb:c7:ef:89:
         27:07:84:04:92:26:0b:af:c1:24:c3:3f:26:42:0e:88:43:ef:
         1f:f6:3b:c2:3f:63:34:69:79:db:78:70:bc:e0:16:0f:e3:4e:
         f2:16:7d:e4:31:3e:03:cc:55:aa:39:51:f9:99:16:fe:b3:ce:
         e4:c2:64:a5:7e:3d:3c:a2:7e:e1:e2:20:4b:6a:e3:38:15:8e:
         fc:87:84:ee:54:39:c3:19:e9:e4:bb:ad:40:c1:69:98:d1:69:
         ae:e8:ee:5c:92:2d:f8:8b:e8:2c:ad:a0:cc:ae:d2:da:96:65:
         71:f6:f7:36:cc:61:46:aa:9e:4d:1f:35:08:49:b1:e3:c6:d5:
         3d:df:4c:7d:ba:54:1d:0c:41:2b:14:4f:b9:9a:8d:ff:c4:49:
         64:81:22:2a:b6:c3:1f:10:c7:57:5a:68:22:e5:e6:04:14:06:
         58:05:5f:60:d7:b1:bc:2f:28:8e:e9:78:0b:c9:fa:2e:d7:a7:
         ca:16:69:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPRIraqWHW2mCi5kcHnYoyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjIxMDEzMTEzNzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDBlMGQ4Y2IyYWVlNDI1YjU2ZWZjNjBhMTE4YWVhODdlZjZhZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUENOnttBSQeNmNntaqqdtr7Hj0C
fRwd50ymuiYV0fZLnD5Cpk6jwoV3PhMfsxebevemie7N6AnR/4hnoPTQ4odMpa4L
b8tLIyvPDWu0uyfkrxDyrOw42yOPzAce0xZWzceuV5G94yAvH1SO9ZPfv+2eL8Hv
XyxVRZaiI47X8dmhNPQqJ/kkdwouyvhtIUNv8mnPGHBGJnEKZpyl22Wz2LTonPMk
DQd1XteKv3XJhZOeQCqamn5G4Zcz/FQfHuSctY+8gaICQ5Rd4K3C99kSWQ/Llxta
UGTFieuifpowkDlCawNU+SWc7ibS+ZyqO/crmtyvkDeQWoKO295S6nAENwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAAODYyyruQltW78YKEYrqh+9q9fMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvQUE0TmpMS3U1Q1cxYnZ4Z29SaXVxSDcycjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVAfMA0G
CSqGSIb3DQEBCwUAA4IBAQB1aPWc8irhQwnidzj2lq8Zg14pEJiQDUu01K74SuW4
y6Qqn2IjE4cema+G/LBdvhTZ60KLoIdMJ4zvDuTWJN+ynJ3IievH74knB4QEkiYL
r8Ekwz8mQg6IQ+8f9jvCP2M0aXnbeHC84BYP407yFn3kMT4DzFWqOVH5mRb+s87k
wmSlfj08on7h4iBLauM4FY78h4TuVDnDGenku61AwWmY0Wmu6O5cki34i+gsraDM
rtLalmVx9vc2zGFGqp5NHzUISbHjxtU930x9ulQdDEErFE+5mo3/xElkgSIqtsMf
EMdXWmgi5eYEFAZYBV9g17G8LyiO6XgLyfou16fKFmk5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:12 2024 by rpki-client on console-fra.rpki-client.org