Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/2e0286-5639-4a1c-8bf2-3ccb3074020f/1/aeL3-ZAod6TtHjC68K7fhu4B0u8.roa
File:                     aeL3-ZAod6TtHjC68K7fhu4B0u8.roa (raw, json)
Hash identifier:          q64jvQmO4Q/WWW6ex7U0lUEZT+toik8Aww/6VlkSAyY=
Subject key identifier:   69:E2:F7:F9:90:28:77:A4:ED:1E:30:BA:F0:AE:DF:86:EE:01:D2:EF
Certificate issuer:       /CN=47ad1f576e3f71b4f6c3391f2fa343d508b6b1ee
Certificate serial:       071E6E7D
Authority key identifier: 47:AD:1F:57:6E:3F:71:B4:F6:C3:39:1F:2F:A3:43:D5:08:B6:B1:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R60fV24_cbT2wzkfL6ND1Qi2se4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/2e0286-5639-4a1c-8bf2-3ccb3074020f/1/aeL3-ZAod6TtHjC68K7fhu4B0u8.roa
Signing time:             Sat 01 Jan 2022 13:02:07 +0000
ROA not before:           Sat 01 Jan 2022 13:02:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208597
IP address blocks:        45.93.208.0/22 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119434877 (0x71e6e7d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47ad1f576e3f71b4f6c3391f2fa343d508b6b1ee
        Validity
            Not Before: Jan  1 13:02:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=69e2f7f9902877a4ed1e30baf0aedf86ee01d2ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:9e:11:aa:ef:f2:22:f0:38:f8:68:97:8f:ef:
                    9b:92:f4:9f:d2:bb:1e:09:35:c6:8d:78:cb:fa:0a:
                    8b:ba:c2:8d:b3:66:28:11:a0:ac:1b:c0:79:f6:b7:
                    43:0f:52:aa:86:57:85:cb:b2:92:36:22:2b:13:a1:
                    0e:0c:f1:5c:d5:e2:a2:90:e7:b0:de:50:33:27:1c:
                    2d:87:54:68:9f:30:c2:5f:35:05:d4:a8:0d:59:ed:
                    9e:d7:2a:9b:67:7c:dd:d8:e9:55:63:dd:f1:8c:e0:
                    e0:65:bf:51:3b:bf:43:c0:db:0c:c3:0c:32:23:44:
                    29:9b:20:d7:00:09:8f:19:7b:59:6a:60:42:03:c2:
                    ae:0f:e9:92:16:b5:df:d2:fb:f3:09:de:4a:87:92:
                    19:78:6a:7f:df:fe:dd:12:81:f0:4c:bb:f1:03:f7:
                    7f:d3:1d:57:0f:c0:fe:52:53:8e:c7:ac:fa:9c:20:
                    a2:c4:28:2b:cc:95:59:3a:98:12:0c:7b:a1:07:71:
                    bc:26:59:f5:9d:3b:0f:93:47:d2:67:c0:07:fa:ad:
                    d1:35:b2:2c:3f:47:bf:41:be:a9:c0:c7:e4:06:6c:
                    6c:4d:54:d3:5f:7a:18:50:70:34:14:b4:6f:cd:15:
                    0e:99:07:3d:8f:1d:36:fc:11:4c:69:20:af:06:ac:
                    07:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:E2:F7:F9:90:28:77:A4:ED:1E:30:BA:F0:AE:DF:86:EE:01:D2:EF
            X509v3 Authority Key Identifier:
                keyid:47:AD:1F:57:6E:3F:71:B4:F6:C3:39:1F:2F:A3:43:D5:08:B6:B1:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R60fV24_cbT2wzkfL6ND1Qi2se4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/2e0286-5639-4a1c-8bf2-3ccb3074020f/1/aeL3-ZAod6TtHjC68K7fhu4B0u8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/2e0286-5639-4a1c-8bf2-3ccb3074020f/1/R60fV24_cbT2wzkfL6ND1Qi2se4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.93.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2c:e2:08:b3:c7:15:79:1e:ed:36:dd:ab:c4:3b:f0:26:81:cc:
         4f:a8:ca:3e:e8:ed:e2:92:5b:61:cf:15:a7:b3:b0:d9:f9:e9:
         f8:1d:1a:bc:4f:96:76:65:d8:33:d3:a8:e9:27:05:a1:f0:a2:
         44:e1:5f:75:49:88:ae:8c:fd:82:ad:a2:4b:4e:3a:ef:23:71:
         9e:ec:e7:c6:15:7b:14:61:e1:7d:ce:a9:29:09:c1:82:59:26:
         2a:ad:94:8e:26:4a:4a:d6:1f:37:be:2f:f5:53:6d:dc:87:d5:
         50:05:35:b2:50:1c:88:e8:82:c1:33:dd:19:08:66:b5:0c:13:
         a0:19:9b:d0:dc:27:45:39:71:c3:fd:63:f1:c3:c4:c1:94:4b:
         0d:53:4b:ab:ef:7f:70:f8:f7:78:2a:90:3b:99:5a:a1:d3:59:
         0d:d7:91:10:e7:5d:ce:cb:59:72:dd:a2:a1:75:31:81:c5:9f:
         5e:f1:22:d6:3c:9d:c7:47:bd:4b:ce:0c:e9:1c:55:4c:00:5e:
         ad:e7:5d:93:71:c8:de:19:92:dd:cd:13:48:7e:f6:20:fd:5a:
         f7:31:36:45:7a:a5:90:f3:9d:3c:2c:0f:b0:e9:9b:7e:7d:e8:
         ff:c0:fe:28:46:55:cb:52:dc:ed:a0:a0:e3:18:c3:4a:db:3c:
         c2:90:83:a5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBx5ufTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
N2FkMWY1NzZlM2Y3MWI0ZjZjMzM5MWYyZmEzNDNkNTA4YjZiMWVlMB4XDTIyMDEw
MTEzMDIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjllMmY3Zjk5MDI4
NzdhNGVkMWUzMGJhZjBhZWRmODZlZTAxZDJlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMueEarv8iLwOPhol4/vm5L0n9K7Hgk1xo14y/oKi7rCjbNm
KBGgrBvAefa3Qw9SqoZXhcuykjYiKxOhDgzxXNXiopDnsN5QMyccLYdUaJ8wwl81
BdSoDVntntcqm2d83djpVWPd8Yzg4GW/UTu/Q8DbDMMMMiNEKZsg1wAJjxl7WWpg
QgPCrg/pkha139L78wneSoeSGXhqf9/+3RKB8Ey78QP3f9MdVw/A/lJTjses+pwg
osQoK8yVWTqYEgx7oQdxvCZZ9Z07D5NH0mfAB/qt0TWyLD9Hv0G+qcDH5AZsbE1U
0196GFBwNBS0b80VDpkHPY8dNvwRTGkgrwasB1UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRp4vf5kCh3pO0eMLrwrt+G7gHS7zAfBgNVHSMEGDAWgBRHrR9Xbj9xtPbD
OR8vo0PVCLax7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1I2MGZWMjRfY2JUMnd6a2ZMNk5EMVFpMnNlNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvMmUwMjg2LTU2MzktNGExYy04YmYyLTNjY2IzMDc0MDIwZi8x
L2FlTDMtWkFvZDZUdEhqQzY4SzdmaHU0QjB1OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
MmUwMjg2LTU2MzktNGExYy04YmYyLTNjY2IzMDc0MDIwZi8xL1I2MGZWMjRfY2JU
Mnd6a2ZMNk5EMVFpMnNlNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1d0DANBgkqhkiG9w0BAQsFAAOC
AQEALOIIs8cVeR7tNt2rxDvwJoHMT6jKPujt4pJbYc8Vp7Ow2fnp+B0avE+WdmXY
M9Oo6ScFofCiROFfdUmIroz9gq2iS0467yNxnuznxhV7FGHhfc6pKQnBglkmKq2U
jiZKStYfN74v9VNt3IfVUAU1slAciOiCwTPdGQhmtQwToBmb0NwnRTlxw/1j8cPE
wZRLDVNLq+9/cPj3eCqQO5laodNZDdeREOddzstZct2ioXUxgcWfXvEi1jydx0e9
S84M6RxVTABereddk3HI3hmS3c0TSH72IP1a9zE2RXqlkPOdPCwPsOmbfn3o/8D+
KEZVy1Lc7aCg4xjDSts8wpCDpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org