Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/vmh8-6kiinw5bxJKvv8s-nnd5jI.roa
File:                     vmh8-6kiinw5bxJKvv8s-nnd5jI.roa (raw, json)
Hash identifier:          AX0Mi4+oRyxIcC6YzZGmkI9uItXFGb9Cjqq7V2LAZ2o=
Subject key identifier:   BE:68:7C:FB:A9:22:8A:7C:39:6F:12:4A:BE:FF:2C:FA:79:DD:E6:32
Certificate issuer:       /CN=e8d062a969d2142bb8506a571180b45bd0fab934
Certificate serial:       0777D381
Authority key identifier: E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/vmh8-6kiinw5bxJKvv8s-nnd5jI.roa
Signing time:             Sat 01 Jan 2022 15:04:33 +0000
ROA not before:           Sat 01 Jan 2022 15:04:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42521
IP address blocks:        45.150.206.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125293441 (0x777d381)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8d062a969d2142bb8506a571180b45bd0fab934
        Validity
            Not Before: Jan  1 15:04:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=be687cfba9228a7c396f124abeff2cfa79dde632
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:77:81:f7:09:a2:e5:58:1d:c6:1c:d9:76:23:
                    b7:32:2f:1f:a9:f8:7e:68:42:36:9d:fe:11:7b:83:
                    7b:aa:05:d0:bf:06:4a:9f:41:78:c3:91:a8:e1:27:
                    e3:28:94:cd:dc:0f:bd:01:e8:3c:5e:90:87:0e:fe:
                    94:75:f2:80:8d:f2:dd:d5:51:d0:21:b4:28:b6:ec:
                    c7:92:4f:a7:1f:6e:8d:99:ec:3a:db:41:bd:9a:c6:
                    21:23:03:40:8a:f9:84:33:bd:8a:d4:b6:af:f6:71:
                    65:1a:6f:d5:9e:57:f4:27:1e:77:08:c8:4b:77:1f:
                    ff:6c:a6:80:38:61:81:11:3a:b6:8e:a2:c9:55:5c:
                    eb:be:d8:f1:61:4e:38:dc:97:dd:c7:ec:54:ad:77:
                    5d:e8:7e:aa:81:3d:39:5f:0f:0a:2a:22:55:2e:b1:
                    62:61:f6:4c:77:b0:53:eb:c2:82:cc:cb:8d:af:c8:
                    ba:9a:39:df:b7:60:ee:6d:16:8a:57:f5:a0:04:91:
                    2b:0d:9e:67:99:0a:52:37:d0:19:55:92:c7:30:14:
                    ff:5c:53:a2:8b:60:7e:0d:32:20:f1:26:ed:ce:62:
                    a0:df:a2:9c:ab:8b:eb:a9:82:88:5a:01:29:90:62:
                    8d:29:9c:fa:b4:67:98:b6:8d:f9:4f:a5:b6:a1:41:
                    0e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:68:7C:FB:A9:22:8A:7C:39:6F:12:4A:BE:FF:2C:FA:79:DD:E6:32
            X509v3 Authority Key Identifier:
                keyid:E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/vmh8-6kiinw5bxJKvv8s-nnd5jI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:38:39:39:0e:18:cf:b4:79:7a:c9:e5:cb:06:6b:55:69:cd:
         f3:44:2b:35:2d:03:6d:c4:53:0e:30:fe:bb:a9:27:c1:05:28:
         45:b6:45:0b:7c:a4:1a:b6:d1:b7:b2:e4:9b:4c:93:e6:0c:e2:
         a4:b6:5f:12:a6:06:7c:18:01:5c:bf:3c:77:fb:dd:8b:d6:58:
         4e:ba:cd:2b:11:66:a7:64:1c:6c:19:53:82:83:41:0d:5d:20:
         de:46:a1:f3:33:c7:83:ab:4c:54:e1:0f:e5:97:67:5b:75:6a:
         ff:cd:bc:ce:8f:2b:88:f6:87:91:82:79:30:2b:0e:2f:e2:e3:
         35:33:6a:8b:02:ae:bb:e4:e8:c2:f6:0c:02:e0:3a:f0:d3:a9:
         4f:e0:e5:71:a0:92:6b:b4:da:39:a7:4f:32:d3:9b:63:56:a6:
         ef:f9:07:bf:14:dc:58:82:66:1d:b0:67:f1:a3:0c:8e:b0:35:
         f8:41:3f:20:4d:3f:bf:aa:bc:65:66:e9:3b:02:00:46:0c:ed:
         90:4c:84:f0:55:34:8c:df:f0:d0:34:0a:df:cc:ce:d4:13:76:
         46:cd:c0:92:89:39:9c:cf:d8:88:42:26:a8:8f:87:5f:58:13:
         20:9f:31:5f:df:2d:e6:18:e2:31:e3:19:fe:2a:12:b2:d7:f2:
         f4:19:c2:8a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB3fTgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGQwNjJhOTY5ZDIxNDJiYjg1MDZhNTcxMTgwYjQ1YmQwZmFiOTM0MB4XDTIyMDEw
MTE1MDQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmU2ODdjZmJhOTIy
OGE3YzM5NmYxMjRhYmVmZjJjZmE3OWRkZTYzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMp3gfcJouVYHcYc2XYjtzIvH6n4fmhCNp3+EXuDe6oF0L8G
Sp9BeMORqOEn4yiUzdwPvQHoPF6Qhw7+lHXygI3y3dVR0CG0KLbsx5JPpx9ujZns
OttBvZrGISMDQIr5hDO9itS2r/ZxZRpv1Z5X9CcedwjIS3cf/2ymgDhhgRE6to6i
yVVc677Y8WFOONyX3cfsVK13Xeh+qoE9OV8PCioiVS6xYmH2THewU+vCgszLja/I
upo537dg7m0Wilf1oASRKw2eZ5kKUjfQGVWSxzAU/1xTootgfg0yIPEm7c5ioN+i
nKuL66mCiFoBKZBijSmc+rRnmLaN+U+ltqFBDpkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS+aHz7qSKKfDlvEkq+/yz6ed3mMjAfBgNVHSMEGDAWgBTo0GKpadIUK7hQ
alcRgLRb0Pq5NDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZOQmlxV25TRkN1NFVHcFhFWUMwVzlENnVUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8x
L3ZtaDgtNmtpaW53NWJ4Skt2djhzLW5uZDVqSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8xLzZOQmlxV25TRkN1
NFVHcFhFWUMwVzlENnVUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2WzjANBgkqhkiG9w0BAQsFAAOC
AQEAeTg5OQ4Yz7R5esnlywZrVWnN80QrNS0DbcRTDjD+u6knwQUoRbZFC3ykGrbR
t7Lkm0yT5gzipLZfEqYGfBgBXL88d/vdi9ZYTrrNKxFmp2QcbBlTgoNBDV0g3kah
8zPHg6tMVOEP5ZdnW3Vq/828zo8riPaHkYJ5MCsOL+LjNTNqiwKuu+TowvYMAuA6
8NOpT+DlcaCSa7TaOadPMtObY1am7/kHvxTcWIJmHbBn8aMMjrA1+EE/IE0/v6q8
ZWbpOwIARgztkEyE8FU0jN/w0DQK38zO1BN2Rs3Akok5nM/YiEImqI+HX1gTIJ8x
X98t5hjiMeMZ/ioSstfy9BnCig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:08 2024 by rpki-client on console-ams.rpki-client.org