Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/I63OiUFmjcbKXRi72RlA69wpQzM.roa
File:                     I63OiUFmjcbKXRi72RlA69wpQzM.roa (raw, json)
Hash identifier:          xpOr7pofLKd+6uXtLOtC4EmTvYsT1VJ0SHVkPW8oQMQ=
Subject key identifier:   23:AD:CE:89:41:66:8D:C6:CA:5D:18:BB:D9:19:40:EB:DC:29:43:33
Certificate issuer:       /CN=719e59b5017bfe634411949eff2d70ba0a07c540
Certificate serial:       018286A4B8B33261B81E13E80F8B6159AFC0
Authority key identifier: 71:9E:59:B5:01:7B:FE:63:44:11:94:9E:FF:2D:70:BA:0A:07:C5:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/I63OiUFmjcbKXRi72RlA69wpQzM.roa
Signing time:             Wed 10 Aug 2022 07:25:18 +0000
ROA not before:           Wed 10 Aug 2022 07:25:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        46.28.58.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:86:a4:b8:b3:32:61:b8:1e:13:e8:0f:8b:61:59:af:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=719e59b5017bfe634411949eff2d70ba0a07c540
        Validity
            Not Before: Aug 10 07:25:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=23adce8941668dc6ca5d18bbd91940ebdc294333
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:b6:39:ba:76:e5:45:10:e5:54:48:c6:7c:23:
                    57:fc:88:fe:32:d2:ec:ff:b0:7c:46:28:db:41:cb:
                    b9:67:cb:80:e4:bb:26:7b:cf:8b:f3:16:8c:b4:32:
                    cf:6a:8a:e3:bf:40:cc:b2:84:db:13:49:7b:ca:19:
                    c1:af:27:12:40:7e:22:e2:8d:7a:2d:3d:f3:54:01:
                    7a:e9:a0:33:ed:a7:d2:01:a0:06:b1:5f:2d:d7:0f:
                    06:b2:dd:e8:e9:55:38:6d:87:00:2a:ba:6e:b2:33:
                    18:86:4d:aa:0b:92:b2:fe:46:82:c0:ba:54:af:a6:
                    ee:29:65:80:84:f8:00:2c:27:58:b4:fa:0f:6a:d8:
                    38:4e:28:dd:1a:5a:92:ab:5a:01:3d:00:b8:e7:3d:
                    9a:6d:60:0c:27:b2:de:75:69:d5:0b:0d:a2:b8:11:
                    1f:82:1c:88:a2:8e:41:cb:04:dc:ab:62:f6:72:b2:
                    e9:5a:2c:ef:a2:7d:e9:5c:37:ab:c6:fc:b0:b7:f2:
                    a3:08:b9:11:68:8e:90:c8:23:91:d9:27:a3:8d:f6:
                    91:c9:4e:20:ee:1d:1a:c1:0a:9b:17:76:49:65:f0:
                    71:2c:8e:26:1e:93:d2:f1:cf:7e:19:9b:35:6d:d5:
                    36:f0:e4:33:7c:4f:5f:b3:3f:ba:fc:82:da:9f:6e:
                    ec:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:AD:CE:89:41:66:8D:C6:CA:5D:18:BB:D9:19:40:EB:DC:29:43:33
            X509v3 Authority Key Identifier:
                keyid:71:9E:59:B5:01:7B:FE:63:44:11:94:9E:FF:2D:70:BA:0A:07:C5:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/I63OiUFmjcbKXRi72RlA69wpQzM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.28.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:49:81:91:dd:e9:e1:b1:ed:df:04:d9:90:c6:6b:e3:0f:40:
         c8:38:59:c8:13:73:a6:4b:43:51:fc:55:a3:82:dd:c6:09:27:
         00:11:9b:8b:f2:2c:6c:b2:51:dd:39:f5:bd:ef:24:2c:32:ea:
         cf:b4:b1:3b:11:83:47:6e:51:45:d2:9b:90:b3:d4:16:cd:cb:
         60:55:96:f0:63:76:ab:e1:02:d5:29:97:99:e6:fc:e3:7b:26:
         e9:e9:1d:df:d9:d2:45:65:95:fe:ba:a0:9f:6b:9d:94:5c:c1:
         25:48:99:df:f0:68:79:7c:a6:45:6a:15:9e:0e:27:42:d6:d1:
         a5:b4:be:f1:95:c3:e5:70:a9:c4:bb:e3:8f:82:60:1c:f3:5f:
         10:6f:d7:98:de:ed:c0:62:5b:24:59:4b:ad:72:c8:7d:7f:ac:
         0e:80:4b:0d:e2:61:fb:a6:57:c5:32:37:d8:a7:ed:58:0d:1c:
         2f:bd:47:33:4b:57:95:3d:35:4a:4e:27:45:24:74:2f:f8:22:
         02:90:69:c1:73:b9:50:2c:b7:50:4c:7b:e1:df:70:15:c0:74:
         3a:d1:3b:58:ad:06:3a:a0:f1:5e:1e:3b:81:7b:13:51:bd:90:
         50:ce:ed:49:b9:a4:66:57:80:6a:25:2d:00:9d:9b:ef:74:64:
         5e:11:42:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKGpLizMmG4HhPoD4thWa/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOWU1OWI1MDE3YmZlNjM0NDExOTQ5ZWZmMmQ3MGJhMGEw
N2M1NDAwHhcNMjIwODEwMDcyNTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FkY2U4OTQxNjY4ZGM2Y2E1ZDE4YmJkOTE5NDBlYmRjMjk0MzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbY5unblRRDlVEjGfCNX/Ij+MtLs
/7B8RijbQcu5Z8uA5Lsme8+L8xaMtDLPaorjv0DMsoTbE0l7yhnBrycSQH4i4o16
LT3zVAF66aAz7afSAaAGsV8t1w8Gst3o6VU4bYcAKrpusjMYhk2qC5Ky/kaCwLpU
r6buKWWAhPgALCdYtPoPatg4TijdGlqSq1oBPQC45z2abWAMJ7LedWnVCw2iuBEf
ghyIoo5BywTcq2L2crLpWizvon3pXDerxvywt/KjCLkRaI6QyCOR2SejjfaRyU4g
7h0awQqbF3ZJZfBxLI4mHpPS8c9+GZs1bdU28OQzfE9fsz+6/ILan27sawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOtzolBZo3Gyl0Yu9kZQOvcKUMzMB8GA1UdIwQY
MBaAFHGeWbUBe/5jRBGUnv8tcLoKB8VAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1o1WnRRRjdfbU5FRVpTZV95MXd1Z29IeFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZjllNmMtZTZiOC00YWQ0LTk5NDEt
ZjQ2ZjlkNjc0ZjZjLzEvSTYzT2lVRm1qY2JLWFJpNzJSbEE2OXdwUXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xZjllNmMtZTZiOC00YWQ0LTk5NDEtZjQ2ZjlkNjc0ZjZj
LzEvY1o1WnRRRjdfbU5FRVpTZV95MXd1Z29IeFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhw6MA0G
CSqGSIb3DQEBCwUAA4IBAQB6SYGR3enhse3fBNmQxmvjD0DIOFnIE3OmS0NR/FWj
gt3GCScAEZuL8ixsslHdOfW97yQsMurPtLE7EYNHblFF0puQs9QWzctgVZbwY3ar
4QLVKZeZ5vzjeybp6R3f2dJFZZX+uqCfa52UXMElSJnf8Gh5fKZFahWeDidC1tGl
tL7xlcPlcKnEu+OPgmAc818Qb9eY3u3AYlskWUutcsh9f6wOgEsN4mH7plfFMjfY
p+1YDRwvvUczS1eVPTVKTidFJHQv+CICkGnBc7lQLLdQTHvh33AVwHQ60TtYrQY6
oPFeHjuBexNRvZBQzu1JuaRmV4BqJS0AnZvvdGReEUKi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:10 2024 by rpki-client on console-fra.rpki-client.org