Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/mIZlRGw0zC_ur57bqehrKAVSTs0.roa
File:                     mIZlRGw0zC_ur57bqehrKAVSTs0.roa (raw, json)
Hash identifier:          JvqZ9j9uj2tmjtcJJXcubqcHdngzRplByiidcyRnRuE=
Subject key identifier:   98:86:65:44:6C:34:CC:2F:EE:AF:9E:DB:A9:E8:6B:28:05:52:4E:CD
Certificate issuer:       /CN=250e7df43c82d120a13d3c865f1f06f49644b1e1
Certificate serial:       02B6EA
Authority key identifier: 25:0E:7D:F4:3C:82:D1:20:A1:3D:3C:86:5F:1F:06:F4:96:44:B1:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQ599DyC0SChPTyGXx8G9JZEseE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/mIZlRGw0zC_ur57bqehrKAVSTs0.roa
Signing time:             Tue 01 Feb 2022 12:46:10 +0000
ROA not before:           Tue 01 Feb 2022 12:46:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        45.143.132.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 177898 (0x2b6ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=250e7df43c82d120a13d3c865f1f06f49644b1e1
        Validity
            Not Before: Feb  1 12:46:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=988665446c34cc2feeaf9edba9e86b2805524ecd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a3:8a:6b:0a:ab:05:c1:e3:a6:5b:46:e7:b0:
                    19:13:1c:78:38:5a:bf:93:b3:7d:ae:e9:ef:49:4d:
                    c9:45:c6:00:5e:37:0d:9b:41:aa:42:52:dd:ba:87:
                    85:0a:b8:f0:96:e5:6b:e6:f2:c4:fb:0f:87:13:61:
                    3f:6f:b3:2e:26:9c:c2:c9:6c:ec:ce:0b:7e:39:14:
                    84:10:f2:9a:0c:1c:96:10:59:10:4f:3c:42:c3:d5:
                    3b:6f:a6:13:be:a0:3a:45:ff:20:8f:e5:89:05:06:
                    81:ad:80:54:6f:0e:d3:33:fc:0a:de:b0:63:05:63:
                    8e:5b:38:b5:c5:cb:5b:a1:a5:6e:ff:8f:23:34:46:
                    a9:b5:31:69:51:ed:ad:29:fe:4d:d7:4c:d8:51:72:
                    1c:92:b3:91:39:20:3c:fe:40:6e:cf:1f:db:ee:58:
                    57:65:04:a4:30:fb:4a:41:76:1c:5f:b9:6b:47:17:
                    ec:40:8a:45:42:f5:3a:c2:5a:8d:92:3d:c5:3c:64:
                    31:73:dd:82:9b:4f:7f:ac:db:9d:fa:10:64:bc:b9:
                    ff:93:d1:90:9a:5a:c8:23:ab:b6:ab:ef:36:ba:07:
                    40:1b:8b:3a:66:95:c1:64:c4:fe:21:6d:39:56:b6:
                    dc:fc:7b:83:7f:f3:92:80:bf:8a:89:87:6f:e4:c9:
                    b1:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:86:65:44:6C:34:CC:2F:EE:AF:9E:DB:A9:E8:6B:28:05:52:4E:CD
            X509v3 Authority Key Identifier:
                keyid:25:0E:7D:F4:3C:82:D1:20:A1:3D:3C:86:5F:1F:06:F4:96:44:B1:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQ599DyC0SChPTyGXx8G9JZEseE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/mIZlRGw0zC_ur57bqehrKAVSTs0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/JQ599DyC0SChPTyGXx8G9JZEseE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:21:0f:b0:c6:70:05:cf:74:1d:22:2b:e4:7b:07:1c:df:da:
         a8:6e:ac:6e:e9:7b:ce:71:0a:da:ef:b0:67:84:82:18:7b:90:
         54:32:88:c5:25:23:52:cb:23:5e:67:4e:81:51:b4:33:b9:60:
         dc:fe:64:18:07:e7:10:3f:1d:a8:77:f2:07:20:b4:57:11:16:
         0b:83:f6:ef:e9:fe:09:f6:53:63:5d:fc:a3:80:3e:4a:ee:0e:
         0d:ab:cf:f9:8c:03:bc:f9:33:15:3e:d2:fa:dc:b7:aa:08:21:
         93:3e:a6:5a:b2:a1:6a:c0:c8:8b:29:29:32:0c:d2:6b:66:a9:
         a2:16:6a:15:41:6d:0b:2d:72:86:54:93:db:30:bf:5e:84:3e:
         d1:62:21:a5:05:80:39:97:93:ad:0a:ba:09:14:0f:1f:91:ce:
         68:62:e7:1c:e2:45:ff:98:a0:b9:04:18:1c:af:37:6d:a5:97:
         a1:c8:50:52:32:a5:24:11:9b:9b:3e:39:17:56:2a:3b:65:7f:
         f8:5e:d7:e7:f4:6a:94:7d:ad:7b:37:5f:db:6e:3c:a5:ff:d8:
         c6:be:76:90:50:b5:1d:15:1a:47:56:36:2c:21:63:ef:ef:b3:
         92:ab:f5:9a:ac:2e:d2:6f:ca:e2:42:14:3c:92:df:fb:79:74:
         38:03:8a:68
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDArbqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI1
MGU3ZGY0M2M4MmQxMjBhMTNkM2M4NjVmMWYwNmY0OTY0NGIxZTEwHhcNMjIwMjAx
MTI0NjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ODg2NjU0NDZjMzRj
YzJmZWVhZjllZGJhOWU4NmIyODA1NTI0ZWNkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm6OKawqrBcHjpltG57AZExx4OFq/k7N9runvSU3JRcYAXjcN
m0GqQlLduoeFCrjwluVr5vLE+w+HE2E/b7MuJpzCyWzszgt+ORSEEPKaDByWEFkQ
TzxCw9U7b6YTvqA6Rf8gj+WJBQaBrYBUbw7TM/wK3rBjBWOOWzi1xctboaVu/48j
NEaptTFpUe2tKf5N10zYUXIckrOROSA8/kBuzx/b7lhXZQSkMPtKQXYcX7lrRxfs
QIpFQvU6wlqNkj3FPGQxc92Cm09/rNud+hBkvLn/k9GQmlrII6u2q+82ugdAG4s6
ZpXBZMT+IW05Vrbc/HuDf/OSgL+KiYdv5MmxQQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJiGZURsNMwv7q+e26noaygFUk7NMB8GA1UdIwQYMBaAFCUOffQ8gtEgoT08
hl8fBvSWRLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SlE1OTlEeUMwU0NoUFR5R1h4OEc5SlpFc2VFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZS83ZDJlNjQtMTBkOS00YTRlLWE0YzYtNGE5YmIyZmU3MzMxLzEv
bUlabFJHdzB6Q191cjU3YnFlaHJLQVZTVHMwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83
ZDJlNjQtMTBkOS00YTRlLWE0YzYtNGE5YmIyZmU3MzMxLzEvSlE1OTlEeUMwU0No
UFR5R1h4OEc5SlpFc2VFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY+EMA0GCSqGSIb3DQEBCwUAA4IB
AQBBIQ+wxnAFz3QdIivkewcc39qobqxu6XvOcQra77BnhIIYe5BUMojFJSNSyyNe
Z06BUbQzuWDc/mQYB+cQPx2od/IHILRXERYLg/bv6f4J9lNjXfyjgD5K7g4Nq8/5
jAO8+TMVPtL63LeqCCGTPqZasqFqwMiLKSkyDNJrZqmiFmoVQW0LLXKGVJPbML9e
hD7RYiGlBYA5l5OtCroJFA8fkc5oYucc4kX/mKC5BBgcrzdtpZehyFBSMqUkEZub
PjkXVio7ZX/4Xtfn9GqUfa17N1/bbjyl/9jGvnaQULUdFRpHVjYsIWPv77OSq/Wa
rC7Sb8riQhQ8kt/7eXQ4A4po
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:00 2024 by rpki-client on console-ams.rpki-client.org