Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/aJEqRp1wka7yMQOpl-JlqFw-9zg.roa
File:                     aJEqRp1wka7yMQOpl-JlqFw-9zg.roa (raw, json)
Hash identifier:          89JxE+lYsevvDxM8ZUlzXaK2GoYjp7gJhGvwQWe9oTw=
Subject key identifier:   68:91:2A:46:9D:70:91:AE:F2:31:03:A9:97:E2:65:A8:5C:3E:F7:38
Certificate issuer:       /CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7
Certificate serial:       032220A6
Authority key identifier: F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/aJEqRp1wka7yMQOpl-JlqFw-9zg.roa
Signing time:             Fri 04 Feb 2022 12:04:01 +0000
ROA not before:           Fri 04 Feb 2022 12:04:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212582
IP address blocks:        45.88.228.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52568230 (0x32220a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7
        Validity
            Not Before: Feb  4 12:04:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=68912a469d7091aef23103a997e265a85c3ef738
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:bc:59:9a:59:3b:30:2c:5d:29:37:eb:44:c7:
                    4c:c2:ee:3c:da:03:65:ea:b9:26:c3:1a:1b:0a:0e:
                    97:8e:cf:f6:5b:76:61:b9:27:f1:90:6c:51:be:39:
                    26:dd:d6:40:30:3a:5d:98:cb:83:4b:52:db:ad:b0:
                    1b:a4:67:21:2b:20:50:43:cb:f8:7d:f9:0e:99:e6:
                    fd:76:0c:b8:c4:1b:32:25:ca:8f:8e:1d:80:77:4c:
                    df:9c:5b:55:ae:55:50:70:55:6f:cb:16:34:3e:18:
                    54:23:26:0d:9f:eb:57:ca:85:df:8a:a2:32:90:68:
                    89:0f:08:a3:f3:b7:8a:d0:96:35:13:94:63:a5:8e:
                    96:60:74:ff:9a:3a:41:a4:b3:bd:9e:76:eb:04:7b:
                    55:e3:c7:72:1c:ed:46:41:02:43:1a:bf:0d:7b:f6:
                    48:48:b6:a8:2c:79:43:26:c9:15:55:c3:71:cb:1d:
                    46:5d:49:4b:a5:61:8a:8b:cb:34:b6:46:37:ee:22:
                    a3:2f:98:44:10:0e:24:a4:5b:16:25:a6:40:6d:5c:
                    c3:14:a9:d3:4c:1f:26:07:6d:9d:e9:9d:3f:8e:11:
                    19:41:c7:55:90:4d:e7:b1:36:95:36:79:76:f8:0f:
                    da:ac:ec:b5:88:e5:68:ab:45:d2:4e:5b:bd:ea:24:
                    a7:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:91:2A:46:9D:70:91:AE:F2:31:03:A9:97:E2:65:A8:5C:3E:F7:38
            X509v3 Authority Key Identifier:
                keyid:F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/aJEqRp1wka7yMQOpl-JlqFw-9zg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:c4:c1:ba:d0:77:27:1b:b7:5f:b5:26:d0:d9:45:d7:2b:83:
         dd:72:10:0b:b1:9c:9c:9b:85:15:e3:e1:b4:a0:82:b2:dc:68:
         04:c5:3c:bb:ae:bc:e8:83:d6:0c:4b:9e:15:98:c4:34:a8:a7:
         18:ed:6d:0f:a2:1e:8d:2e:9e:15:40:60:ee:1b:a6:9e:c2:40:
         66:fa:4b:62:83:a8:a2:12:0a:4b:5d:0d:9b:18:9a:a4:c1:ac:
         a4:0d:f7:38:b1:78:3d:b9:47:e9:6a:2c:ed:03:57:b5:a7:ec:
         cf:e2:3e:7c:5e:d0:73:b1:8d:22:11:33:00:f8:af:b7:ec:59:
         6f:dc:05:16:77:49:db:4f:2c:37:de:63:d8:ae:23:8f:b2:b2:
         43:df:cb:1a:05:a5:ab:33:3b:d3:63:1e:95:b8:49:1f:2f:67:
         7e:a1:ae:a2:d7:d1:c0:5e:26:49:92:a4:46:6b:35:44:94:a3:
         64:e1:a0:7e:ab:1f:57:a0:0d:f7:18:7e:f2:95:cf:70:1f:c1:
         89:41:45:9e:3e:dd:84:b8:4c:82:19:01:b7:9d:bc:da:0d:05:
         ed:b3:1d:4a:ca:09:76:0f:e5:8e:56:f1:68:37:32:c3:6f:5d:
         35:dc:3d:25:ba:5b:0e:a7:75:cf:34:01:1b:e6:1d:65:85:73:
         5a:50:a2:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyIgpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MmEyNTNjZGY1MDdhMDNlMWY1NzlkMjAyZDhkZjExZDY4ZjVjM2Q3MB4XDTIyMDIw
NDEyMDQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg5MTJhNDY5ZDcw
OTFhZWYyMzEwM2E5OTdlMjY1YTg1YzNlZjczODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALi8WZpZOzAsXSk360THTMLuPNoDZeq5JsMaGwoOl47P9lt2
Ybkn8ZBsUb45Jt3WQDA6XZjLg0tS262wG6RnISsgUEPL+H35Dpnm/XYMuMQbMiXK
j44dgHdM35xbVa5VUHBVb8sWND4YVCMmDZ/rV8qF34qiMpBoiQ8Io/O3itCWNROU
Y6WOlmB0/5o6QaSzvZ526wR7VePHchztRkECQxq/DXv2SEi2qCx5QybJFVXDccsd
Rl1JS6VhiovLNLZGN+4ioy+YRBAOJKRbFiWmQG1cwxSp00wfJgdtnemdP44RGUHH
VZBN57E2lTZ5dvgP2qzstYjlaKtF0k5bveokp1MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRokSpGnXCRrvIxA6mX4mWoXD73ODAfBgNVHSMEGDAWgBTyolPN9QegPh9X
nSAtjfEdaPXD1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhxSlR6ZlVIb0Q0ZlY1MGdMWTN4SFdqMXc5Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvMTBlYmVjLTI3ODQtNGRhYS04ZGY3LWJlNGQ1ZDA5ZDcxMC8x
L2FKRXFScDF3a2E3eU1RT3BsLUpscUZ3LTl6Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
MTBlYmVjLTI3ODQtNGRhYS04ZGY3LWJlNGQ1ZDA5ZDcxMC8xLzhxSlR6ZlVIb0Q0
ZlY1MGdMWTN4SFdqMXc5Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1Y5DANBgkqhkiG9w0BAQsFAAOC
AQEASsTButB3Jxu3X7Um0NlF1yuD3XIQC7GcnJuFFePhtKCCstxoBMU8u6686IPW
DEueFZjENKinGO1tD6IejS6eFUBg7humnsJAZvpLYoOoohIKS10NmxiapMGspA33
OLF4PblH6Wos7QNXtafsz+I+fF7Qc7GNIhEzAPivt+xZb9wFFndJ208sN95j2K4j
j7KyQ9/LGgWlqzM702MelbhJHy9nfqGuotfRwF4mSZKkRms1RJSjZOGgfqsfV6AN
9xh+8pXPcB/BiUFFnj7dhLhMghkBt5282g0F7bMdSsoJdg/ljlbxaDcyw29dNdw9
JbpbDqd1zzQBG+YdZYVzWlCiYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:19 2024 by rpki-client on console-fra.rpki-client.org