Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/wI0pnMDgc8rtFhS8vY08sR9td6o.roa
File:                     wI0pnMDgc8rtFhS8vY08sR9td6o.roa (raw, json)
Hash identifier:          VbR38+51+csHvPUndh7McgI4QPaIeRhiqS1REJ6D9mE=
Subject key identifier:   C0:8D:29:9C:C0:E0:73:CA:ED:16:14:BC:BD:8D:3C:B1:1F:6D:77:AA
Certificate issuer:       /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial:       0185496BD4D2A1EED62BB5206C236BB0AB14
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/wI0pnMDgc8rtFhS8vY08sR9td6o.roa
Signing time:             Sun 25 Dec 2022 13:14:41 +0000
ROA not before:           Sun 25 Dec 2022 13:14:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61008
IP address blocks:        46.143.240.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:49:6b:d4:d2:a1:ee:d6:2b:b5:20:6c:23:6b:b0:ab:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
        Validity
            Not Before: Dec 25 13:14:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c08d299cc0e073caed1614bcbd8d3cb11f6d77aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c3:2d:75:09:b1:e9:68:f6:74:d0:a1:12:78:
                    a2:c4:88:ec:57:e3:56:63:c7:4b:f0:be:e1:76:68:
                    f8:03:f7:fa:54:dd:f9:d0:9f:9f:81:1c:2c:04:85:
                    e2:93:38:1b:7f:21:e2:7e:54:6b:3a:e6:31:40:5b:
                    76:08:7b:c7:ba:23:63:66:6d:48:0e:a9:13:92:ee:
                    5b:a6:fc:ee:06:22:c5:75:03:1e:78:fe:f2:9b:f6:
                    af:aa:3a:2e:73:76:57:3c:db:88:3d:2b:12:df:d0:
                    80:d1:81:23:2f:66:81:38:a1:5d:d3:c3:96:c2:d7:
                    7a:e2:de:46:29:21:de:82:e7:49:73:80:aa:c6:86:
                    7a:e2:6d:3d:f6:fd:a2:b1:7b:e6:a3:f3:fb:f7:69:
                    96:0a:9e:77:94:f5:93:cf:b7:02:73:a3:57:83:ea:
                    cb:fb:81:bf:6c:26:82:75:39:90:61:06:21:90:85:
                    0c:20:f7:60:da:8d:12:4b:00:48:63:6d:d7:ab:e1:
                    69:2e:77:d6:8f:83:3b:7f:2c:6d:25:d9:e0:00:98:
                    e7:b6:28:85:bf:6c:61:6f:f8:ad:61:25:7d:03:66:
                    ea:37:c3:30:a8:db:20:fe:31:3a:b0:0d:84:6a:e1:
                    b5:70:f2:3a:9c:ca:9a:b8:df:e6:ca:58:e0:dc:f9:
                    3e:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:8D:29:9C:C0:E0:73:CA:ED:16:14:BC:BD:8D:3C:B1:1F:6D:77:AA
            X509v3 Authority Key Identifier:
                keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/wI0pnMDgc8rtFhS8vY08sR9td6o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.143.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         15:97:31:27:91:5d:88:5e:d6:36:86:1b:62:e8:e0:75:b8:45:
         57:7f:90:a6:8a:e0:75:18:d5:dd:a7:47:c4:82:7d:4f:4b:96:
         59:2b:1a:0f:e8:b5:b6:cd:45:ac:f7:9f:22:07:f2:5e:5c:76:
         be:2d:55:2a:45:fb:4c:60:39:ab:32:12:80:37:91:53:e1:7f:
         e1:9d:a7:d5:98:5e:c0:49:c7:79:e7:17:b8:15:4e:d8:5a:97:
         c1:d9:db:f5:8f:5c:98:e5:37:77:9a:e5:26:8d:9f:e1:80:7c:
         10:00:39:a7:70:4f:d5:8a:5e:66:9b:c1:75:f8:5a:57:07:45:
         0a:7e:10:8a:d4:f9:23:d5:f1:d4:8d:09:6c:1a:de:9a:13:e6:
         31:32:ed:f1:88:f8:9e:bd:84:38:73:70:e9:72:44:87:95:24:
         00:fa:1f:c7:b6:65:bc:7e:49:9e:8d:ad:d9:88:b7:fe:87:01:
         df:2a:83:7f:38:48:76:75:07:0c:e3:cc:ec:1c:c4:ee:8a:7c:
         cc:3d:2b:4a:5c:a2:19:5a:83:53:28:9a:b3:7a:ec:5d:28:3c:
         3b:d9:f5:6b:11:a7:46:14:c7:4d:c5:58:5c:ad:03:05:b7:85:
         8c:47:a9:25:06:e1:e4:e8:ef:e6:85:3f:d4:98:66:2a:96:3c:
         7b:f0:e5:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVJa9TSoe7WK7UgbCNrsKsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjIxMjI1MTMxNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDhkMjk5Y2MwZTA3M2NhZWQxNjE0YmNiZDhkM2NiMTFmNmQ3N2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMMtdQmx6Wj2dNChEniixIjsV+NW
Y8dL8L7hdmj4A/f6VN350J+fgRwsBIXikzgbfyHiflRrOuYxQFt2CHvHuiNjZm1I
DqkTku5bpvzuBiLFdQMeeP7ym/avqjouc3ZXPNuIPSsS39CA0YEjL2aBOKFd08OW
wtd64t5GKSHegudJc4CqxoZ64m099v2isXvmo/P792mWCp53lPWTz7cCc6NXg+rL
+4G/bCaCdTmQYQYhkIUMIPdg2o0SSwBIY23Xq+FpLnfWj4M7fyxtJdngAJjntiiF
v2xhb/itYSV9A2bqN8MwqNsg/jE6sA2EauG1cPI6nMqauN/myljg3Pk+aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMCNKZzA4HPK7RYUvL2NPLEfbXeqMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvd0kwcG5NRGdjOHJ0RmhTOHZZMDhzUjl0ZDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELo/wMA0G
CSqGSIb3DQEBCwUAA4IBAQAVlzEnkV2IXtY2hhti6OB1uEVXf5CmiuB1GNXdp0fE
gn1PS5ZZKxoP6LW2zUWs958iB/JeXHa+LVUqRftMYDmrMhKAN5FT4X/hnafVmF7A
Scd55xe4FU7YWpfB2dv1j1yY5Td3muUmjZ/hgHwQADmncE/Vil5mm8F1+FpXB0UK
fhCK1Pkj1fHUjQlsGt6aE+YxMu3xiPievYQ4c3DpckSHlSQA+h/HtmW8fkmeja3Z
iLf+hwHfKoN/OEh2dQcM48zsHMTuinzMPStKXKIZWoNTKJqzeuxdKDw72fVrEadG
FMdNxVhcrQMFt4WMR6klBuHk6O/mhT/UmGYqljx78OV0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:37 2024 by rpki-client on console-ams.rpki-client.org