Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/v61HiiLUqMGzooYitzlKuiMBt9o.roa
File:                     v61HiiLUqMGzooYitzlKuiMBt9o.roa (raw, json)
Hash identifier:          bo8jgh537Wsr0geligRVTyxcRth4DZthkF/OB+wuoyU=
Subject key identifier:   BF:AD:47:8A:22:D4:A8:C1:B3:A2:86:22:B7:39:4A:BA:23:01:B7:DA
Certificate issuer:       /CN=1062bc36512658a0f7d3f96bc1d8e67d9fd4918b
Certificate serial:       047E08C4
Authority key identifier: 10:62:BC:36:51:26:58:A0:F7:D3:F9:6B:C1:D8:E6:7D:9F:D4:91:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EGK8NlEmWKD30_lrwdjmfZ_UkYs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/v61HiiLUqMGzooYitzlKuiMBt9o.roa
Signing time:             Sat 01 Jan 2022 04:57:00 +0000
ROA not before:           Sat 01 Jan 2022 04:57:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        195.245.86.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75368644 (0x47e08c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1062bc36512658a0f7d3f96bc1d8e67d9fd4918b
        Validity
            Not Before: Jan  1 04:57:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bfad478a22d4a8c1b3a28622b7394aba2301b7da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:32:0a:95:7d:0c:74:b8:4c:a2:9c:1d:45:37:
                    f0:72:25:6f:15:86:36:02:6f:97:dc:b7:46:d8:02:
                    58:3a:4d:41:d7:60:31:16:12:77:6a:b4:fb:7e:06:
                    86:42:72:4e:98:5f:74:ef:d6:dd:51:a6:98:cf:e0:
                    48:8d:25:91:28:4b:2a:2b:9d:f2:ed:7d:22:7c:ec:
                    8e:03:e1:cf:c2:4d:de:90:03:81:ce:9c:6d:cd:20:
                    a0:2a:af:7a:cb:2f:2b:4a:c9:b6:bf:59:63:42:65:
                    4a:68:21:e9:7a:23:97:0a:8f:c8:08:d9:d2:b1:11:
                    8b:c2:e1:7d:6b:66:5d:0e:4a:d2:34:26:b9:b7:da:
                    cd:5d:50:da:a1:c7:dc:3d:78:b6:30:2c:98:f6:62:
                    49:e3:b1:02:a6:ca:b2:f7:a4:9b:7a:30:bc:eb:5c:
                    c3:3b:cd:7c:6d:2f:d6:87:7a:c8:c6:88:9a:26:06:
                    c2:3f:68:c8:7a:23:f7:28:bd:54:91:e4:df:b4:6d:
                    87:ec:24:23:fb:ce:a7:2e:a7:6e:3c:95:5b:44:63:
                    34:33:76:c6:9d:e9:b3:f0:4c:d0:6d:e8:bc:33:61:
                    7f:41:89:3a:d5:a4:00:92:6d:99:b3:da:ff:2f:40:
                    8d:11:59:54:6e:0f:2a:eb:12:72:25:0b:17:5a:02:
                    2b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:AD:47:8A:22:D4:A8:C1:B3:A2:86:22:B7:39:4A:BA:23:01:B7:DA
            X509v3 Authority Key Identifier:
                keyid:10:62:BC:36:51:26:58:A0:F7:D3:F9:6B:C1:D8:E6:7D:9F:D4:91:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EGK8NlEmWKD30_lrwdjmfZ_UkYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/v61HiiLUqMGzooYitzlKuiMBt9o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/EGK8NlEmWKD30_lrwdjmfZ_UkYs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.245.86.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0e:8d:4a:c5:3d:a2:32:37:b5:66:3c:7b:f4:6e:9e:6a:24:07:
         3a:5a:5f:42:e1:00:71:92:94:76:b0:e2:37:77:d4:be:04:84:
         57:d7:ec:87:1f:4a:26:c1:fa:8b:53:70:47:29:96:89:f7:9b:
         b6:c4:75:82:5c:31:4b:2c:a5:e4:59:c4:09:58:65:1e:fd:e9:
         1d:1c:5b:9e:1b:7f:f6:83:fe:76:fe:ef:c0:36:d0:1b:3f:6c:
         0f:d6:84:4f:a4:18:75:d6:53:51:49:1f:ed:d2:0c:e4:c5:a2:
         d8:21:b5:e5:63:ca:64:50:4a:22:60:bf:ee:b2:fe:e0:4d:7d:
         70:a7:be:53:1f:53:ea:10:9e:94:b5:f7:6e:52:61:3d:a8:90:
         15:39:8d:3b:22:5e:72:12:81:94:49:81:30:0a:21:8f:16:d3:
         5a:cb:41:3e:ce:97:c1:f3:5f:26:82:cf:c4:7a:fe:98:54:f1:
         24:45:9b:6c:67:fa:28:6a:23:91:da:ac:b3:c7:4b:36:74:c9:
         f1:75:56:c6:91:ea:00:a8:79:af:39:9b:9d:22:45:7b:df:ec:
         d7:11:6e:e5:d0:6e:0f:88:1c:3a:cc:13:af:7a:d9:a9:b6:2f:
         c3:62:d4:18:80:ce:68:20:a2:96:92:6d:71:ec:77:af:24:cf:
         80:a3:92:a5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBH4IxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDYyYmMzNjUxMjY1OGEwZjdkM2Y5NmJjMWQ4ZTY3ZDlmZDQ5MThiMB4XDTIyMDEw
MTA0NTcwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZhZDQ3OGEyMmQ0
YThjMWIzYTI4NjIyYjczOTRhYmEyMzAxYjdkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQyCpV9DHS4TKKcHUU38HIlbxWGNgJvl9y3RtgCWDpNQddg
MRYSd2q0+34GhkJyTphfdO/W3VGmmM/gSI0lkShLKiud8u19InzsjgPhz8JN3pAD
gc6cbc0goCqvessvK0rJtr9ZY0JlSmgh6XojlwqPyAjZ0rERi8LhfWtmXQ5K0jQm
ubfazV1Q2qHH3D14tjAsmPZiSeOxAqbKsvekm3owvOtcwzvNfG0v1od6yMaImiYG
wj9oyHoj9yi9VJHk37Rth+wkI/vOpy6nbjyVW0RjNDN2xp3ps/BM0G3ovDNhf0GJ
OtWkAJJtmbPa/y9AjRFZVG4PKusSciULF1oCKzsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS/rUeKItSowbOihiK3OUq6IwG32jAfBgNVHSMEGDAWgBQQYrw2USZYoPfT
+WvB2OZ9n9SRizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VHSzhObEVtV0tEMzBfbHJ3ZGptZlpfVWtZcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvNjY5ZWJmLWVlN2YtNGViNy04NDg2LTk1YWQ5MmFjODY5OC8x
L3Y2MUhpaUxVcU1Hem9vWWl0emxLdWlNQnQ5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
NjY5ZWJmLWVlN2YtNGViNy04NDg2LTk1YWQ5MmFjODY5OC8xL0VHSzhObEVtV0tE
MzBfbHJ3ZGptZlpfVWtZcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcP1VjANBgkqhkiG9w0BAQsFAAOC
AQEADo1KxT2iMje1Zjx79G6eaiQHOlpfQuEAcZKUdrDiN3fUvgSEV9fshx9KJsH6
i1NwRymWifebtsR1glwxSyyl5FnECVhlHv3pHRxbnht/9oP+dv7vwDbQGz9sD9aE
T6QYddZTUUkf7dIM5MWi2CG15WPKZFBKImC/7rL+4E19cKe+Ux9T6hCelLX3blJh
PaiQFTmNOyJechKBlEmBMAohjxbTWstBPs6XwfNfJoLPxHr+mFTxJEWbbGf6KGoj
kdqss8dLNnTJ8XVWxpHqAKh5rzmbnSJFe9/s1xFu5dBuD4gcOswTr3rZqbYvw2LU
GIDOaCCilpJtcex3ryTPgKOSpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:05 2024 by rpki-client on console-ams.rpki-client.org