Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/63e3vvEqWQL3NlsBhH672tLjTAY.roa
File:                     63e3vvEqWQL3NlsBhH672tLjTAY.roa (raw, json)
Hash identifier:          52yqALiJrqgC82ra4l1iRX+qCJP7KHZmz04Aoop91vM=
Subject key identifier:   EB:77:B7:BE:F1:2A:59:02:F7:36:5B:01:84:7E:BB:DA:D2:E3:4C:06
Certificate issuer:       /CN=bea6ca03a8c135ceeae232c937c1ee0bab87e782
Certificate serial:       B920
Authority key identifier: BE:A6:CA:03:A8:C1:35:CE:EA:E2:32:C9:37:C1:EE:0B:AB:87:E7:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vqbKA6jBNc7q4jLJN8HuC6uH54I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/63e3vvEqWQL3NlsBhH672tLjTAY.roa
Signing time:             Fri 14 Jan 2022 14:13:20 +0000
ROA not before:           Fri 14 Jan 2022 14:13:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8075
IP address blocks:        45.8.43.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47392 (0xb920)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bea6ca03a8c135ceeae232c937c1ee0bab87e782
        Validity
            Not Before: Jan 14 14:13:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eb77b7bef12a5902f7365b01847ebbdad2e34c06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:cb:b9:34:ff:d6:2f:9c:f1:7a:3c:6c:b0:15:
                    a7:8c:da:dd:ba:97:62:92:ff:41:55:9d:91:c7:47:
                    b1:96:f2:86:15:23:7f:12:b8:49:35:25:fd:f0:f3:
                    11:41:dc:54:26:df:19:04:c4:ea:f4:5b:75:64:18:
                    fe:1d:99:20:01:a1:8e:f2:80:99:fc:60:d3:7b:86:
                    2a:0b:ba:f0:f6:0d:a7:b0:ce:ca:96:49:36:09:4e:
                    d1:18:8c:fe:10:f0:b1:96:7a:71:dc:17:83:38:8e:
                    a4:3d:a9:b0:bf:61:4c:8b:ac:06:04:ba:5c:2c:a4:
                    41:54:d5:a8:d2:9f:c8:0e:63:94:b1:46:e1:04:09:
                    5c:94:08:b3:3d:90:ea:dd:07:07:df:a7:8a:0d:60:
                    6e:c1:11:ea:36:5d:92:5d:58:3f:bf:34:17:89:de:
                    15:c1:7d:94:fd:c5:df:0b:af:bf:db:7c:3d:81:d5:
                    c4:9a:aa:10:82:a7:bb:c1:50:90:19:d4:2e:30:2b:
                    62:c5:b0:a6:9f:e4:c8:ca:bb:ca:21:68:2e:47:d2:
                    16:52:3c:5d:06:10:32:31:53:15:79:f2:cf:e5:79:
                    bd:73:8e:c4:d9:2f:57:51:45:44:86:5e:a2:22:f2:
                    28:8c:7d:18:bb:2a:85:b2:4a:b0:e2:16:0b:0a:73:
                    49:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:77:B7:BE:F1:2A:59:02:F7:36:5B:01:84:7E:BB:DA:D2:E3:4C:06
            X509v3 Authority Key Identifier:
                keyid:BE:A6:CA:03:A8:C1:35:CE:EA:E2:32:C9:37:C1:EE:0B:AB:87:E7:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqbKA6jBNc7q4jLJN8HuC6uH54I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/63e3vvEqWQL3NlsBhH672tLjTAY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/vqbKA6jBNc7q4jLJN8HuC6uH54I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:3d:4c:44:22:69:32:12:ed:29:86:7b:d7:79:21:9b:9f:34:
         3d:6c:e0:79:82:2b:3a:4b:72:d3:6e:6f:84:a4:21:48:5d:87:
         6c:86:32:e1:6b:fd:20:45:88:00:e0:fd:ff:79:10:d4:15:b4:
         7c:ad:bb:0b:2d:3a:0b:bf:26:0a:3a:56:88:fa:de:2e:0a:9a:
         1c:d8:b8:04:29:00:86:af:ee:bd:14:f7:02:25:42:58:b6:9c:
         6f:69:5d:2e:7c:d5:43:67:65:eb:cc:6e:4e:2d:44:f6:d3:37:
         7c:f5:b5:c9:f0:95:de:34:80:cc:60:e0:e9:f4:af:79:1c:5a:
         b8:77:93:a8:18:60:3f:ea:80:fc:d9:e3:ff:7b:67:49:dd:1b:
         96:e3:d8:d3:23:18:8e:0f:be:a0:ba:da:df:77:7e:2d:70:e0:
         24:68:b7:99:3f:71:cf:87:d4:f2:a6:73:7c:9f:a1:12:f5:36:
         60:c3:18:a7:bc:38:72:ba:a0:72:cc:9e:ce:dc:40:68:d4:ce:
         de:50:a9:4e:38:fd:c6:62:f1:6b:5a:4c:b1:50:93:b2:64:df:
         5e:9b:d5:14:26:e1:30:5d:a7:e1:c7:17:23:4a:1d:08:97:02:
         c4:cf:9e:cf:52:67:76:2b:05:2c:89:94:ca:af:a0:fd:19:41:
         38:96:34:8c
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDALkgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJl
YTZjYTAzYThjMTM1Y2VlYWUyMzJjOTM3YzFlZTBiYWI4N2U3ODIwHhcNMjIwMTE0
MTQxMzIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlYjc3YjdiZWYxMmE1
OTAyZjczNjViMDE4NDdlYmJkYWQyZTM0YzA2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkMu5NP/WL5zxejxssBWnjNrdupdikv9BVZ2Rx0exlvKGFSN/
ErhJNSX98PMRQdxUJt8ZBMTq9Ft1ZBj+HZkgAaGO8oCZ/GDTe4YqC7rw9g2nsM7K
lkk2CU7RGIz+EPCxlnpx3BeDOI6kPamwv2FMi6wGBLpcLKRBVNWo0p/IDmOUsUbh
BAlclAizPZDq3QcH36eKDWBuwRHqNl2SXVg/vzQXid4VwX2U/cXfC6+/23w9gdXE
mqoQgqe7wVCQGdQuMCtixbCmn+TIyrvKIWguR9IWUjxdBhAyMVMVefLP5Xm9c47E
2S9XUUVEhl6iIvIojH0YuyqFskqw4hYLCnNJkwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFOt3t77xKlkC9zZbAYR+u9rS40wGMB8GA1UdIwQYMBaAFL6mygOowTXO6uIy
yTfB7gurh+eCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dnFiS0E2akJOYzdxNGpMSk44SHVDNnVINTRJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82Zi9iYzY1ZjYtMGMzYi00MDRlLWJmYWQtOWZhNDIyOGMwMmVhLzEv
NjNlM3Z2RXFXUUwzTmxzQmhINjcydExqVEFZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9i
YzY1ZjYtMGMzYi00MDRlLWJmYWQtOWZhNDIyOGMwMmVhLzEvdnFiS0E2akJOYzdx
NGpMSk44SHVDNnVINTRJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQgrMA0GCSqGSIb3DQEBCwUAA4IB
AQBVPUxEImkyEu0phnvXeSGbnzQ9bOB5gis6S3LTbm+EpCFIXYdshjLha/0gRYgA
4P3/eRDUFbR8rbsLLToLvyYKOlaI+t4uCpoc2LgEKQCGr+69FPcCJUJYtpxvaV0u
fNVDZ2XrzG5OLUT20zd89bXJ8JXeNIDMYODp9K95HFq4d5OoGGA/6oD82eP/e2dJ
3RuW49jTIxiOD76gutrfd34tcOAkaLeZP3HPh9TypnN8n6ES9TZgwxinvDhyuqBy
zJ7O3EBo1M7eUKlOOP3GYvFrWkyxUJOyZN9em9UUJuEwXafhxxcjSh0IlwLEz57P
Umd2KwUsiZTKr6D9GUE4ljSM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:02 2024 by rpki-client on console-ams.rpki-client.org