Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/490ae5-32dd-4457-9407-0e00152dd9e1/1/Lp6JbvvbeuIVcExOIvkchNfio0s.roa
File:                     Lp6JbvvbeuIVcExOIvkchNfio0s.roa (raw, json)
Hash identifier:          ZtDU9J63IxrVXy4xnToUd0Q40y9Hso5KIfd3Ygflbl4=
Subject key identifier:   2E:9E:89:6E:FB:DB:7A:E2:15:70:4C:4E:22:F9:1C:84:D7:E2:A3:4B
Certificate issuer:       /CN=5f1cdada398240e67e4f826e8089d25b12490401
Certificate serial:       07426421
Authority key identifier: 5F:1C:DA:DA:39:82:40:E6:7E:4F:82:6E:80:89:D2:5B:12:49:04:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xxza2jmCQOZ-T4JugInSWxJJBAE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/490ae5-32dd-4457-9407-0e00152dd9e1/1/Lp6JbvvbeuIVcExOIvkchNfio0s.roa
Signing time:             Sat 01 Jan 2022 05:58:31 +0000
ROA not before:           Sat 01 Jan 2022 05:58:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58075
IP address blocks:        45.95.68.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121791521 (0x7426421)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f1cdada398240e67e4f826e8089d25b12490401
        Validity
            Not Before: Jan  1 05:58:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2e9e896efbdb7ae215704c4e22f91c84d7e2a34b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:dc:1b:79:46:5c:73:3f:c3:11:92:f7:86:2c:
                    7f:bd:9c:cd:18:07:d4:ec:f4:ca:b8:14:71:f9:ad:
                    a5:ac:0f:81:c5:37:4a:93:e4:72:83:e2:c8:f7:a8:
                    a9:a1:69:f8:3d:4c:7f:55:86:f0:ab:e6:72:8b:bc:
                    72:d5:95:3f:7f:90:76:aa:7b:33:2a:85:ba:f8:09:
                    fa:6a:ed:2a:a9:2a:84:d5:38:24:e6:9c:54:40:59:
                    d5:13:8f:13:c9:21:8d:84:64:2a:35:42:78:07:9a:
                    8a:6f:38:42:df:0d:17:ad:a5:bc:53:cf:12:19:44:
                    9a:70:5a:7a:7e:e7:d8:88:d0:77:88:5d:2d:8d:a5:
                    21:17:4c:55:c9:12:be:aa:f4:80:70:59:97:43:b6:
                    17:68:ee:f9:76:83:97:c2:7c:2f:83:69:32:d9:35:
                    ab:8e:0f:0c:e7:fd:d7:db:a7:46:ad:ba:65:44:67:
                    5f:60:c7:17:ce:04:80:94:ca:79:72:b7:70:06:e0:
                    73:61:ce:ce:61:58:78:99:c3:04:bd:51:c9:92:e1:
                    cb:22:6c:e1:1a:52:f6:21:83:41:e8:01:10:33:fa:
                    aa:7e:f4:13:c4:2c:b9:bc:de:36:5b:41:ed:8b:54:
                    34:57:af:13:57:23:b1:2c:4d:c1:13:58:bd:b6:53:
                    c0:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:9E:89:6E:FB:DB:7A:E2:15:70:4C:4E:22:F9:1C:84:D7:E2:A3:4B
            X509v3 Authority Key Identifier:
                keyid:5F:1C:DA:DA:39:82:40:E6:7E:4F:82:6E:80:89:D2:5B:12:49:04:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xxza2jmCQOZ-T4JugInSWxJJBAE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/490ae5-32dd-4457-9407-0e00152dd9e1/1/Lp6JbvvbeuIVcExOIvkchNfio0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/490ae5-32dd-4457-9407-0e00152dd9e1/1/Xxza2jmCQOZ-T4JugInSWxJJBAE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:b7:26:34:0a:b6:79:95:ba:00:e4:34:af:fe:27:cd:85:ce:
         5f:55:a7:8b:f2:8d:9d:80:d9:1b:f5:c2:43:54:2c:d9:10:e9:
         1a:4e:eb:89:ae:70:2f:6d:34:a2:17:3e:2f:ff:fa:f4:b9:d8:
         72:ec:9f:29:11:1c:56:22:1c:af:e9:be:94:09:b1:5e:09:e0:
         19:94:1a:62:68:2a:99:ce:1c:a7:00:63:f1:f7:86:2b:73:37:
         0c:b4:34:4c:16:d3:1c:05:16:ed:8b:30:a9:cd:66:d0:1a:9c:
         0e:8d:f5:c1:6a:b2:47:42:8c:20:0a:a8:ec:be:42:fb:ab:ad:
         63:05:07:fc:53:80:a8:61:98:24:01:74:cb:e2:93:f4:ea:3d:
         b9:de:2b:50:72:87:af:d2:2f:3c:0e:c2:33:16:3c:24:cd:32:
         21:9f:9d:84:cf:4c:1f:95:df:24:6e:3b:67:a2:65:5b:7f:a5:
         fc:e1:35:0b:c4:c5:1b:0a:f3:a7:2d:c4:9c:c9:48:6b:4f:30:
         34:69:e7:d6:1d:00:89:fd:93:49:2d:b1:01:34:1c:77:7e:52:
         83:1e:a1:d7:f1:a8:4e:3e:0e:7b:f1:21:32:e3:1d:2b:4e:0f:
         ee:62:51:13:16:ba:b6:b9:84:b1:2e:43:6f:7f:7a:1f:e6:a4:
         72:05:f5:3f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB0JkITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZjFjZGFkYTM5ODI0MGU2N2U0ZjgyNmU4MDg5ZDI1YjEyNDkwNDAxMB4XDTIyMDEw
MTA1NTgzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmU5ZTg5NmVmYmRi
N2FlMjE1NzA0YzRlMjJmOTFjODRkN2UyYTM0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjcG3lGXHM/wxGS94Ysf72czRgH1Oz0yrgUcfmtpawPgcU3
SpPkcoPiyPeoqaFp+D1Mf1WG8Kvmcou8ctWVP3+Qdqp7MyqFuvgJ+mrtKqkqhNU4
JOacVEBZ1ROPE8khjYRkKjVCeAeaim84Qt8NF62lvFPPEhlEmnBaen7n2IjQd4hd
LY2lIRdMVckSvqr0gHBZl0O2F2ju+XaDl8J8L4NpMtk1q44PDOf919unRq26ZURn
X2DHF84EgJTKeXK3cAbgc2HOzmFYeJnDBL1RyZLhyyJs4RpS9iGDQegBEDP6qn70
E8QsubzeNltB7YtUNFevE1cjsSxNwRNYvbZTwA8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQunolu+9t64hVwTE4i+RyE1+KjSzAfBgNVHSMEGDAWgBRfHNraOYJA5n5P
gm6AidJbEkkEATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1h4emEyam1DUU9aLVQ0SnVnSW5TV3hKSkJBRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvNDkwYWU1LTMyZGQtNDQ1Ny05NDA3LTBlMDAxNTJkZDllMS8x
L0xwNkpidnZiZXVJVmNFeE9JdmtjaE5maW8wcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
NDkwYWU1LTMyZGQtNDQ1Ny05NDA3LTBlMDAxNTJkZDllMS8xL1h4emEyam1DUU9a
LVQ0SnVnSW5TV3hKSkJBRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1fRDANBgkqhkiG9w0BAQsFAAOC
AQEAg7cmNAq2eZW6AOQ0r/4nzYXOX1Wni/KNnYDZG/XCQ1Qs2RDpGk7ria5wL200
ohc+L//69LnYcuyfKREcViIcr+m+lAmxXgngGZQaYmgqmc4cpwBj8feGK3M3DLQ0
TBbTHAUW7Yswqc1m0BqcDo31wWqyR0KMIAqo7L5C+6utYwUH/FOAqGGYJAF0y+KT
9Oo9ud4rUHKHr9IvPA7CMxY8JM0yIZ+dhM9MH5XfJG47Z6JlW3+l/OE1C8TFGwrz
py3EnMlIa08wNGnn1h0Aif2TSS2xATQcd35Sgx6h1/GoTj4Oe/EhMuMdK04P7mJR
Exa6trmEsS5Db396H+akcgX1Pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:03 2024 by rpki-client on console-ams.rpki-client.org