Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/j_M9imH70cCiP-gDeFTk2B8UzO4.roa
File:                     j_M9imH70cCiP-gDeFTk2B8UzO4.roa (raw, json)
Hash identifier:          2kp5jH8JUqiOucJhvT4UoDz6Vi4zhrOjTHGpHe8ElP0=
Subject key identifier:   8F:F3:3D:8A:61:FB:D1:C0:A2:3F:E8:03:78:54:E4:D8:1F:14:CC:EE
Certificate issuer:       /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial:       01846DDA6FFF7B27942C74D886C5186448EC
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/j_M9imH70cCiP-gDeFTk2B8UzO4.roa
Signing time:             Sat 12 Nov 2022 21:59:02 +0000
ROA not before:           Sat 12 Nov 2022 21:59:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204843
IP address blocks:        45.158.125.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:6d:da:6f:ff:7b:27:94:2c:74:d8:86:c5:18:64:48:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
        Validity
            Not Before: Nov 12 21:59:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8ff33d8a61fbd1c0a23fe8037854e4d81f14ccee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:9b:97:52:55:8d:d5:f4:47:19:34:d5:9f:bb:
                    4a:3a:ea:be:6e:11:9c:a3:45:01:92:89:75:16:b9:
                    21:bf:06:c9:cd:2a:ee:45:5a:51:d7:0b:df:d2:67:
                    8e:03:77:27:99:63:1d:e1:39:73:f6:71:38:87:f5:
                    05:0a:d4:e6:83:ef:0f:f0:49:1a:5a:e1:09:9c:1d:
                    31:7b:62:c3:50:68:ff:00:64:ad:5c:4e:14:20:1c:
                    a4:30:9e:d5:ee:36:09:05:ad:1e:ad:64:67:7e:95:
                    a5:10:8c:08:15:52:e5:3e:58:39:5b:53:e6:85:21:
                    a1:e7:20:3d:c3:de:b5:82:66:36:93:13:9a:54:96:
                    69:ce:ae:7d:23:54:da:17:e3:79:e4:05:ab:73:fa:
                    90:1d:37:e5:67:c3:78:e4:45:5d:3e:43:a5:3e:28:
                    e5:c4:6f:0b:b1:c5:57:08:6a:71:55:5a:56:6e:8c:
                    ef:24:f4:63:fe:46:06:b7:09:14:0b:94:b4:24:c9:
                    4c:d7:4e:78:e4:42:dc:63:3f:46:81:7a:22:b2:a5:
                    b2:86:ce:21:97:44:49:b9:55:bb:96:65:c3:5d:62:
                    96:40:f2:5b:86:d3:0a:8a:50:6b:a5:be:33:64:a2:
                    d7:94:02:01:d8:7b:c8:63:68:98:9d:f6:9a:57:09:
                    07:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:F3:3D:8A:61:FB:D1:C0:A2:3F:E8:03:78:54:E4:D8:1F:14:CC:EE
            X509v3 Authority Key Identifier:
                keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/j_M9imH70cCiP-gDeFTk2B8UzO4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:71:62:e5:60:fb:16:f3:8a:d7:ee:91:8c:dc:10:b5:47:4c:
         75:7f:15:f7:af:5c:a3:77:10:b3:cb:7d:18:66:c9:f4:7c:62:
         2d:3f:2d:19:b2:e1:09:42:39:d0:03:06:1c:a5:ee:0c:66:60:
         59:b0:9c:4e:1c:ee:bd:11:e6:ec:67:b5:1a:0a:67:08:5c:bd:
         5e:d9:61:e0:8b:d0:6f:38:a3:38:d0:61:c1:85:87:2d:3d:88:
         0e:80:90:06:e0:c1:85:c5:bc:55:96:9c:d0:fd:30:eb:06:d2:
         70:71:49:6a:82:ca:09:b4:56:a8:3f:14:ff:66:35:5c:5a:eb:
         b4:7c:68:05:b2:f7:55:76:c5:10:fc:14:91:e9:45:b4:bc:ed:
         ae:24:06:0f:7b:46:65:2d:ca:13:12:bb:d3:78:25:59:74:54:
         59:52:62:e6:c0:0f:a2:4d:0a:84:d4:c2:83:55:67:a9:79:73:
         53:6c:62:ad:74:56:49:0e:38:2e:c1:a3:59:56:2a:8d:31:8c:
         4d:10:dd:64:b3:cc:ec:c6:83:c9:6e:be:b6:bf:66:8c:fb:4e:
         dc:a6:f4:3c:29:5c:a7:12:87:dd:01:8f:54:31:03:a4:a2:d5:
         2e:d6:ce:c3:23:b3:d2:26:21:d2:9a:f2:f0:cb:dc:50:03:3a:
         0c:97:b5:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRt2m//eyeULHTYhsUYZEjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjIxMTEyMjE1OTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmYzM2Q4YTYxZmJkMWMwYTIzZmU4MDM3ODU0ZTRkODFmMTRjY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5uXUlWN1fRHGTTVn7tKOuq+bhGc
o0UBkol1FrkhvwbJzSruRVpR1wvf0meOA3cnmWMd4Tlz9nE4h/UFCtTmg+8P8Eka
WuEJnB0xe2LDUGj/AGStXE4UIBykMJ7V7jYJBa0erWRnfpWlEIwIFVLlPlg5W1Pm
hSGh5yA9w961gmY2kxOaVJZpzq59I1TaF+N55AWrc/qQHTflZ8N45EVdPkOlPijl
xG8LscVXCGpxVVpWbozvJPRj/kYGtwkUC5S0JMlM10545ELcYz9GgXoisqWyhs4h
l0RJuVW7lmXDXWKWQPJbhtMKilBrpb4zZKLXlAIB2HvIY2iYnfaaVwkHDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI/zPYph+9HAoj/oA3hU5NgfFMzuMB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEval9NOWltSDcwY0NpUC1nRGVGVGsyQjhVek80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ59MA0G
CSqGSIb3DQEBCwUAA4IBAQAJcWLlYPsW84rX7pGM3BC1R0x1fxX3r1yjdxCzy30Y
Zsn0fGItPy0ZsuEJQjnQAwYcpe4MZmBZsJxOHO69EebsZ7UaCmcIXL1e2WHgi9Bv
OKM40GHBhYctPYgOgJAG4MGFxbxVlpzQ/TDrBtJwcUlqgsoJtFaoPxT/ZjVcWuu0
fGgFsvdVdsUQ/BSR6UW0vO2uJAYPe0ZlLcoTErvTeCVZdFRZUmLmwA+iTQqE1MKD
VWepeXNTbGKtdFZJDjguwaNZViqNMYxNEN1ks8zsxoPJbr62v2aM+07cpvQ8KVyn
EofdAY9UMQOkotUu1s7DI7PSJiHSmvLwy9xQAzoMl7VJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:45 2024 by rpki-client on console-fra.rpki-client.org