Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/IORYhkfeGldPMsLabQ510ju0rpI.roa
File:                     IORYhkfeGldPMsLabQ510ju0rpI.roa (raw, json)
Hash identifier:          98KbhQ0GNo1I+19VbHdYqA0AkoJJVZYIVXf0of1wv8Y=
Subject key identifier:   20:E4:58:86:47:DE:1A:57:4F:32:C2:DA:6D:0E:75:D2:3B:B4:AE:92
Certificate issuer:       /CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Certificate serial:       065A19B1
Authority key identifier: B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/IORYhkfeGldPMsLabQ510ju0rpI.roa
Signing time:             Mon 09 May 2022 05:50:41 +0000
ROA not before:           Mon 09 May 2022 05:50:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47527
IP address blocks:        45.95.208.0/24 maxlen: 24
                          2a00:b920:200::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 106568113 (0x65a19b1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b287ff2a733e33beaf53494a90eec152bbc758bc
        Validity
            Not Before: May  9 05:50:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=20e4588647de1a574f32c2da6d0e75d23bb4ae92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bd:a4:9e:e2:0a:1d:96:79:e9:2f:c9:cc:91:
                    86:9a:02:00:fc:5f:36:76:21:45:78:23:25:a3:39:
                    04:d4:ec:e8:10:fa:ae:aa:83:51:1b:d2:e5:fa:59:
                    06:52:67:34:2d:ad:3d:fd:ef:ba:29:bf:4e:e0:08:
                    ca:10:b8:d8:ca:7c:45:b9:27:fb:1c:93:ee:b4:a0:
                    6c:5d:c3:dc:af:e6:60:8f:24:b8:9f:ba:4d:31:7b:
                    7b:c7:31:d0:2c:11:bf:34:4a:7b:88:6d:d1:a3:59:
                    64:2b:52:a9:f1:75:b2:0e:0a:47:e3:b8:0f:06:bc:
                    59:0c:44:d3:b6:74:b2:5a:9f:19:90:cd:5b:ff:1e:
                    b7:08:58:89:93:51:66:f3:64:c7:e2:95:e6:c4:b3:
                    c3:5c:88:39:56:bc:33:3d:b4:5a:74:08:93:c8:e4:
                    94:ca:98:43:11:07:20:50:e8:9d:be:4c:43:dc:5f:
                    b9:c4:a3:7f:02:7b:57:cd:a7:2c:8b:30:a3:ba:fa:
                    f9:b1:d8:c5:49:0a:07:97:d6:ea:8e:b3:f0:2b:c4:
                    e0:81:21:72:46:95:8b:4e:28:4e:3d:41:61:0e:5d:
                    89:98:a4:f1:b8:74:ee:45:6c:0d:47:17:a2:c0:0d:
                    8d:cf:40:de:2a:2b:84:3c:c9:fe:14:72:26:b6:d9:
                    eb:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:E4:58:86:47:DE:1A:57:4F:32:C2:DA:6D:0E:75:D2:3B:B4:AE:92
            X509v3 Authority Key Identifier:
                keyid:B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/IORYhkfeGldPMsLabQ510ju0rpI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/sof_KnM-M76vU0lKkO7BUrvHWLw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.208.0/24
                IPv6:
                  2a00:b920:200::/40

    Signature Algorithm: sha256WithRSAEncryption
         95:0c:a9:89:2d:0c:d8:86:85:72:ac:4d:73:fd:f0:c9:39:15:
         0f:1f:d0:0a:b3:16:a6:0a:b6:25:8e:af:61:e0:f5:fd:4a:79:
         5a:0b:95:0f:d2:29:d9:98:d1:4e:90:ae:9a:ad:06:c1:84:b2:
         96:34:36:6b:df:e0:1a:6c:1e:b0:86:f7:23:f6:e6:97:f1:f8:
         fe:49:17:1b:7e:92:5f:fc:fc:e9:55:c9:5c:d6:ec:c6:ec:47:
         2a:a0:22:76:50:92:1e:24:bc:4a:7a:b1:c6:56:b6:29:df:f8:
         fa:e1:42:39:de:38:34:a3:a9:60:1f:74:c1:b6:dc:82:ef:3e:
         25:f0:dd:1d:5b:ec:d7:2e:6a:ce:1a:74:db:94:27:ef:92:7b:
         e4:74:ea:a2:ca:83:0b:0b:81:fc:fe:98:94:42:1c:26:54:07:
         52:c1:b6:87:11:24:fe:08:40:2b:c3:64:a2:5f:7a:9e:94:ed:
         cd:10:45:b3:cf:e9:1f:23:b8:79:19:e3:22:0b:21:8e:93:24:
         de:ad:53:d6:47:f6:8b:f6:57:cc:4e:ab:c2:16:7f:4c:77:70:
         4d:d7:92:59:d7:77:f5:c3:d9:1b:c6:75:fb:c2:1b:b3:5e:3f:
         28:8c:cc:5e:f1:02:dc:a5:2b:a3:2d:c1:7e:66:de:6f:be:c7:
         ac:7d:25:41
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEBloZsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Mjg3ZmYyYTczM2UzM2JlYWY1MzQ5NGE5MGVlYzE1MmJiYzc1OGJjMB4XDTIyMDUw
OTA1NTA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBlNDU4ODY0N2Rl
MWE1NzRmMzJjMmRhNmQwZTc1ZDIzYmI0YWU5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALO9pJ7iCh2WeekvycyRhpoCAPxfNnYhRXgjJaM5BNTs6BD6
rqqDURvS5fpZBlJnNC2tPf3vuim/TuAIyhC42Mp8Rbkn+xyT7rSgbF3D3K/mYI8k
uJ+6TTF7e8cx0CwRvzRKe4ht0aNZZCtSqfF1sg4KR+O4Dwa8WQxE07Z0slqfGZDN
W/8etwhYiZNRZvNkx+KV5sSzw1yIOVa8Mz20WnQIk8jklMqYQxEHIFDonb5MQ9xf
ucSjfwJ7V82nLIswo7r6+bHYxUkKB5fW6o6z8CvE4IEhckaVi04oTj1BYQ5diZik
8bh07kVsDUcXosANjc9A3iorhDzJ/hRyJrbZ6w0CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQg5FiGR94aV08ywtptDnXSO7SukjAfBgNVHSMEGDAWgBSyh/8qcz4zvq9T
SUqQ7sFSu8dYvDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NvZl9Lbk0tTTc2dlUwbEtrTzdCVXJ2SFdMdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvY2IyMTUxLTA1Y2EtNGE3Ni04NTlmLTRmNWVjMGE3ZTAwNi8x
L0lPUlloa2ZlR2xkUE1zTGFiUTUxMGp1MHJwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
Y2IyMTUxLTA1Y2EtNGE3Ni04NTlmLTRmNWVjMGE3ZTAwNi8xL3NvZl9Lbk0tTTc2
dlUwbEtrTzdCVXJ2SFdMdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAC1f0DAOBAIAAjAIAwYAKgC5IAIw
DQYJKoZIhvcNAQELBQADggEBAJUMqYktDNiGhXKsTXP98Mk5FQ8f0AqzFqYKtiWO
r2Hg9f1KeVoLlQ/SKdmY0U6QrpqtBsGEspY0Nmvf4BpsHrCG9yP25pfx+P5JFxt+
kl/8/OlVyVzW7MbsRyqgInZQkh4kvEp6scZWtinf+PrhQjneODSjqWAfdMG23ILv
PiXw3R1b7Ncuas4adNuUJ++Se+R06qLKgwsLgfz+mJRCHCZUB1LBtocRJP4IQCvD
ZKJfep6U7c0QRbPP6R8juHkZ4yILIY6TJN6tU9ZH9ov2V8xOq8IWf0x3cE3XklnX
d/XD2RvGdfvCG7NePyiMzF7xAtylK6MtwX5m3m++x6x9JUE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:42 2024 by rpki-client on console-ams.rpki-client.org