Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/lR3RsM-wp8xbWRHXVU6S8KT5njc.roa
File:                     lR3RsM-wp8xbWRHXVU6S8KT5njc.roa (raw, json)
Hash identifier:          ofTdGHGVzUSOxsdxc0Olx7znaePTF54x6XWaJUcIEwA=
Subject key identifier:   95:1D:D1:B0:CF:B0:A7:CC:5B:59:11:D7:55:4E:92:F0:A4:F9:9E:37
Certificate issuer:       /CN=1062bc36512658a0f7d3f96bc1d8e67d9fd4918b
Certificate serial:       047CD8EC
Authority key identifier: 10:62:BC:36:51:26:58:A0:F7:D3:F9:6B:C1:D8:E6:7D:9F:D4:91:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EGK8NlEmWKD30_lrwdjmfZ_UkYs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/lR3RsM-wp8xbWRHXVU6S8KT5njc.roa
Signing time:             Sat 01 Jan 2022 04:56:59 +0000
ROA not before:           Sat 01 Jan 2022 04:56:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29551
IP address blocks:        195.245.86.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75290860 (0x47cd8ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1062bc36512658a0f7d3f96bc1d8e67d9fd4918b
        Validity
            Not Before: Jan  1 04:56:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=951dd1b0cfb0a7cc5b5911d7554e92f0a4f99e37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3a:e1:e4:5a:80:52:43:b1:39:c9:35:e1:f1:
                    29:be:bb:44:a7:a8:8e:13:d5:09:f4:e9:9d:3c:3d:
                    01:d6:64:4c:d9:56:78:0d:e8:ac:26:dc:41:5d:a4:
                    ab:cb:58:7e:8c:d4:96:6d:44:05:3e:60:03:87:a4:
                    b4:31:fd:fe:e9:15:3c:da:11:61:2b:dc:20:72:82:
                    9d:12:97:4a:6b:84:e9:bc:b6:f1:4e:44:63:ea:84:
                    f2:e3:cd:a5:3f:a1:49:00:78:1b:af:b9:30:a8:5d:
                    47:14:60:f1:18:2a:b1:23:1a:15:7b:61:7e:57:5e:
                    ba:3c:6c:66:73:0f:ed:d9:b1:86:89:7f:4f:f8:7d:
                    53:16:7f:78:0d:f5:16:bb:df:c2:a1:e5:94:b6:0b:
                    8c:cb:cc:56:a1:f5:da:50:d7:74:9d:83:df:e7:e1:
                    be:b3:cf:5a:3f:3a:38:23:1f:f9:f9:ba:cc:fc:9b:
                    66:1c:ae:ae:26:e0:84:6b:8d:86:68:85:25:ce:69:
                    51:34:a1:f4:41:68:18:cb:52:03:23:e1:06:dc:0a:
                    79:1e:7b:06:ae:09:69:2a:58:d5:b4:3a:4b:43:c9:
                    1b:ce:d6:ce:82:20:29:89:ee:af:7c:3d:d3:c2:bd:
                    52:c4:7d:9a:1e:1e:96:4c:7b:df:7d:89:96:77:e1:
                    3b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:1D:D1:B0:CF:B0:A7:CC:5B:59:11:D7:55:4E:92:F0:A4:F9:9E:37
            X509v3 Authority Key Identifier:
                keyid:10:62:BC:36:51:26:58:A0:F7:D3:F9:6B:C1:D8:E6:7D:9F:D4:91:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EGK8NlEmWKD30_lrwdjmfZ_UkYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/lR3RsM-wp8xbWRHXVU6S8KT5njc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/EGK8NlEmWKD30_lrwdjmfZ_UkYs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.245.86.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bc:fb:02:15:5b:70:8f:08:13:3a:09:b9:82:e8:5e:a3:33:57:
         17:7f:06:d7:45:96:66:70:0d:0e:d4:56:de:8c:21:bc:e9:a9:
         e2:96:f0:b6:d3:19:50:63:1a:73:1e:ce:c7:92:ee:f6:a1:21:
         94:fb:28:af:cf:b2:af:0e:a5:a7:3b:68:d4:8b:d4:5a:82:94:
         f4:51:0c:96:ea:c3:26:53:4e:1a:01:1c:5d:1c:84:2e:38:93:
         89:22:e9:01:1f:0c:34:53:d2:a7:24:a3:8e:50:8e:15:61:c6:
         10:82:e0:4c:86:ec:26:9c:bc:1e:af:54:62:bc:ea:22:e8:88:
         17:94:3d:e2:d7:f9:3f:13:bb:75:b7:4d:17:fc:06:2f:ff:89:
         98:40:f5:e3:cd:09:73:cf:8d:e5:0d:d6:69:b5:f2:f6:5b:c9:
         85:23:51:f4:30:22:2b:91:79:56:d4:25:a9:80:2a:b4:a6:1c:
         5c:b7:43:74:44:9d:3c:2d:01:92:60:e5:94:f5:32:07:78:5c:
         72:11:8a:1d:47:53:74:28:20:61:aa:84:3f:0b:e8:e5:63:fe:
         0a:04:24:e4:2f:cf:f1:f3:ac:8a:69:87:9a:5f:a9:e5:ad:ef:
         c4:2c:8e:ce:fc:d4:df:03:41:53:eb:03:6b:16:90:7a:59:95:
         4f:f8:d0:ba
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBHzY7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDYyYmMzNjUxMjY1OGEwZjdkM2Y5NmJjMWQ4ZTY3ZDlmZDQ5MThiMB4XDTIyMDEw
MTA0NTY1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTUxZGQxYjBjZmIw
YTdjYzViNTkxMWQ3NTU0ZTkyZjBhNGY5OWUzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL064eRagFJDsTnJNeHxKb67RKeojhPVCfTpnTw9AdZkTNlW
eA3orCbcQV2kq8tYfozUlm1EBT5gA4ektDH9/ukVPNoRYSvcIHKCnRKXSmuE6by2
8U5EY+qE8uPNpT+hSQB4G6+5MKhdRxRg8RgqsSMaFXthfldeujxsZnMP7dmxhol/
T/h9UxZ/eA31FrvfwqHllLYLjMvMVqH12lDXdJ2D3+fhvrPPWj86OCMf+fm6zPyb
ZhyuribghGuNhmiFJc5pUTSh9EFoGMtSAyPhBtwKeR57Bq4JaSpY1bQ6S0PJG87W
zoIgKYnur3w908K9UsR9mh4elkx7332JlnfhO9cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSVHdGwz7CnzFtZEddVTpLwpPmeNzAfBgNVHSMEGDAWgBQQYrw2USZYoPfT
+WvB2OZ9n9SRizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VHSzhObEVtV0tEMzBfbHJ3ZGptZlpfVWtZcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvNjY5ZWJmLWVlN2YtNGViNy04NDg2LTk1YWQ5MmFjODY5OC8x
L2xSM1JzTS13cDh4YldSSFhWVTZTOEtUNW5qYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
NjY5ZWJmLWVlN2YtNGViNy04NDg2LTk1YWQ5MmFjODY5OC8xL0VHSzhObEVtV0tE
MzBfbHJ3ZGptZlpfVWtZcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcP1VjANBgkqhkiG9w0BAQsFAAOC
AQEAvPsCFVtwjwgTOgm5guheozNXF38G10WWZnANDtRW3owhvOmp4pbwttMZUGMa
cx7Ox5Lu9qEhlPsor8+yrw6lpzto1IvUWoKU9FEMlurDJlNOGgEcXRyELjiTiSLp
AR8MNFPSpySjjlCOFWHGEILgTIbsJpy8Hq9UYrzqIuiIF5Q94tf5PxO7dbdNF/wG
L/+JmED1480Jc8+N5Q3WabXy9lvJhSNR9DAiK5F5VtQlqYAqtKYcXLdDdESdPC0B
kmDllPUyB3hcchGKHUdTdCggYaqEPwvo5WP+CgQk5C/P8fOsimmHml+p5a3vxCyO
zvzU3wNBU+sDaxaQelmVT/jQug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:04 2024 by rpki-client on console-ams.rpki-client.org