Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/NE2dE42oy9qs4GVFcNdZvcYfpdc.roa
File:                     NE2dE42oy9qs4GVFcNdZvcYfpdc.roa (raw, json)
Hash identifier:          JWEnL6ldW5gJWR9lrLx8oo0TNvv6AiZdxSM9RFxgK98=
Subject key identifier:   34:4D:9D:13:8D:A8:CB:DA:AC:E0:65:45:70:D7:59:BD:C6:1F:A5:D7
Certificate issuer:       /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial:       0593A3F1
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/NE2dE42oy9qs4GVFcNdZvcYfpdc.roa
Signing time:             Sat 01 Jan 2022 15:55:30 +0000
ROA not before:           Sat 01 Jan 2022 15:55:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        45.155.99.0/24 maxlen: 24
                          2a10:ba00:bee4::/48 maxlen: 48
                          2a10:ba00:bee2::/48 maxlen: 48
                          2a10:ba00:bee5::/48 maxlen: 48
                          2a10:ba00:bee0::/48 maxlen: 48
                          2a10:ba00:bee3::/48 maxlen: 48
                          2a10:ba00:bee1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 93561841 (0x593a3f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
        Validity
            Not Before: Jan  1 15:55:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=344d9d138da8cbdaace0654570d759bdc61fa5d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:dc:2f:30:4c:ae:c0:77:30:7c:2b:4c:2e:6a:
                    ac:88:f5:a7:91:a5:e7:56:0c:90:29:cd:36:1f:45:
                    b9:c5:c1:31:ef:35:f8:32:60:35:3e:b4:b2:d8:6d:
                    32:cf:6a:4b:35:39:6f:02:d3:44:12:a9:01:00:3c:
                    dc:b7:e6:25:e7:1f:c8:b3:84:d5:04:ba:02:5c:66:
                    19:47:e2:36:29:1e:13:8c:d5:4f:a1:3c:c8:1f:90:
                    e9:8f:24:4b:6b:1c:1e:0f:5c:db:fc:66:d7:33:df:
                    c7:c6:b5:a7:5f:21:42:fb:3c:4e:a6:cd:12:4c:4a:
                    cc:71:a7:1b:3a:d1:1d:10:ce:fd:e4:ac:2b:46:30:
                    48:3a:43:92:b6:d6:2a:87:80:ed:47:0f:87:2b:9e:
                    e3:ff:38:b8:bd:11:28:90:14:6e:22:f7:24:8c:5f:
                    00:9b:84:bf:ed:d4:fc:06:b8:72:20:88:6b:0a:09:
                    ae:5c:0f:78:25:a2:11:1f:c5:8a:04:af:2e:ac:09:
                    67:d9:97:40:69:98:c1:47:56:b2:1e:8e:22:ef:82:
                    52:9e:85:38:36:8d:d8:9d:c9:e0:37:be:0d:ac:c8:
                    4b:08:16:03:27:8a:21:bd:99:1c:ce:ca:47:97:a9:
                    6b:a1:44:c2:e9:36:e9:98:82:9d:4c:54:71:1f:e0:
                    1b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:4D:9D:13:8D:A8:CB:DA:AC:E0:65:45:70:D7:59:BD:C6:1F:A5:D7
            X509v3 Authority Key Identifier:
                keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/NE2dE42oy9qs4GVFcNdZvcYfpdc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.99.0/24
                IPv6:
                  2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         a6:f9:07:c4:29:ff:26:db:cb:b9:c2:30:69:9b:65:1b:d6:bd:
         a7:1e:9b:21:c8:61:a4:79:36:39:6d:63:c3:5d:78:37:6b:92:
         66:fa:94:67:5c:8f:8b:ba:af:1e:ac:cf:8e:31:6f:66:7d:cd:
         c7:ce:aa:3f:96:2f:f5:74:6a:28:c9:b9:dd:53:9a:df:1a:55:
         6c:02:fb:c0:29:d0:bf:91:8b:c3:02:6e:65:9f:46:f1:c5:da:
         d0:d7:c3:9e:c6:68:61:22:73:39:75:85:6a:01:cb:52:c8:e4:
         eb:40:2b:6d:bc:c0:c6:ab:d3:7b:b6:06:27:6f:cb:d7:90:18:
         a9:87:31:e8:f4:4a:d2:c0:8b:e9:c6:11:90:9e:e1:5b:09:77:
         c0:61:3c:85:a7:d2:ac:12:29:90:07:49:66:4b:59:23:95:82:
         b1:bc:04:c5:da:87:15:55:84:c9:f3:46:ae:d5:bc:b3:6c:4a:
         af:2d:20:3c:27:5e:6f:56:01:ce:20:e2:a3:7f:b3:9e:fb:1e:
         8c:f0:3c:5d:6d:a3:72:ca:bf:44:77:1f:dc:76:7d:64:2e:fa:
         a3:ce:e6:04:79:bb:5c:92:7d:53:f4:84:cf:31:f0:f0:30:05:
         ae:d5:9a:dd:0b:48:89:76:a4:d4:dd:6b:51:a1:a7:be:ab:47:
         13:09:21:28
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBZOj8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2RmYzA2NmNlN2NkM2UzODI1NzRhNjg2Njc5NzNiMGI0NjhkZjNjMB4XDTIyMDEw
MTE1NTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ0ZDlkMTM4ZGE4
Y2JkYWFjZTA2NTQ1NzBkNzU5YmRjNjFmYTVkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPDcLzBMrsB3MHwrTC5qrIj1p5Gl51YMkCnNNh9FucXBMe81
+DJgNT60sthtMs9qSzU5bwLTRBKpAQA83LfmJecfyLOE1QS6AlxmGUfiNikeE4zV
T6E8yB+Q6Y8kS2scHg9c2/xm1zPfx8a1p18hQvs8TqbNEkxKzHGnGzrRHRDO/eSs
K0YwSDpDkrbWKoeA7UcPhyue4/84uL0RKJAUbiL3JIxfAJuEv+3U/Aa4ciCIawoJ
rlwPeCWiER/FigSvLqwJZ9mXQGmYwUdWsh6OIu+CUp6FODaN2J3J4De+DazISwgW
AyeKIb2ZHM7KR5epa6FEwuk26ZiCnUxUcR/gG90CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQ0TZ0TjajL2qzgZUVw11m9xh+l1zAfBgNVHSMEGDAWgBRD38BmznzT44JX
SmhmeXOwtGjfPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E5X0FaczU4MC1PQ1YwcG9abmx6c0xSbzN6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvMTYzNmY4LTUwMjYtNDA0ZS1hMWFlLTI1MDk3NDNhZDI5ZS8x
L05FMmRFNDJveTlxczRHVkZjTmRadmNZZnBkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
MTYzNmY4LTUwMjYtNDA0ZS1hMWFlLTI1MDk3NDNhZDI5ZS8xL1E5X0FaczU4MC1P
Q1YwcG9abmx6c0xSbzN6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEAC2bYzAaBAIAAjAUMBIDBwUqELoA
vuADBwEqELoAvuQwDQYJKoZIhvcNAQELBQADggEBAKb5B8Qp/ybby7nCMGmbZRvW
vacemyHIYaR5NjltY8NdeDdrkmb6lGdcj4u6rx6sz44xb2Z9zcfOqj+WL/V0aijJ
ud1Tmt8aVWwC+8Ap0L+Ri8MCbmWfRvHF2tDXw57GaGEiczl1hWoBy1LI5OtAK228
wMar03u2Bidvy9eQGKmHMej0StLAi+nGEZCe4VsJd8BhPIWn0qwSKZAHSWZLWSOV
grG8BMXahxVVhMnzRq7VvLNsSq8tIDwnXm9WAc4g4qN/s577HozwPF1to3LKv0R3
H9x2fWQu+qPO5gR5u1ySfVP0hM8x8PAwBa7Vmt0LSIl2pNTda1Ghp76rRxMJISg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:47 2023 by rpki-client on console-ams.rpki-client.org