Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/8il1ajLwWw8pIMSWJea5Xen0DWo.roa
File:                     8il1ajLwWw8pIMSWJea5Xen0DWo.roa (raw, json)
Hash identifier:          6ogd06GzLpU9vejGykmx/jZxVPBQ6RUoKNHrNjQ8ZZs=
Subject key identifier:   F2:29:75:6A:32:F0:5B:0F:29:20:C4:96:25:E6:B9:5D:E9:F4:0D:6A
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       01831E77FE131313D61DC4800FCC7C4DD87B
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/8il1ajLwWw8pIMSWJea5Xen0DWo.roa
Signing time:             Thu 08 Sep 2022 18:58:43 +0000
ROA not before:           Thu 08 Sep 2022 18:58:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        45.150.53.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:1e:77:fe:13:13:13:d6:1d:c4:80:0f:cc:7c:4d:d8:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: Sep  8 18:58:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f229756a32f05b0f2920c49625e6b95de9f40d6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:38:fe:e9:a4:8f:4a:89:e7:9b:24:f1:e6:6d:
                    2e:53:4a:e7:f6:b0:8b:67:26:44:a7:cd:1a:ce:0d:
                    63:3b:59:1a:48:83:73:04:b0:fd:aa:f9:63:86:28:
                    3d:1e:d2:3d:da:b1:c7:90:7e:93:31:ce:9b:4f:3a:
                    54:90:6f:ec:10:c7:89:f7:e2:65:95:1c:06:6a:a5:
                    b9:68:3c:43:2e:6d:2f:61:2d:95:b7:64:a5:8e:91:
                    b7:75:cb:5e:15:54:f6:ef:2a:85:eb:f7:3d:48:66:
                    13:5f:91:3a:4b:6a:fc:46:78:fe:5c:6a:78:72:59:
                    65:21:14:d7:98:5e:83:3c:58:4c:fe:c7:6d:68:1e:
                    0a:07:5c:76:a2:90:09:90:64:85:5d:00:fa:05:f4:
                    8f:ae:be:82:51:ab:e9:13:f5:af:f2:ce:0d:ad:21:
                    3f:75:fb:fc:47:54:bf:01:9f:c8:38:5d:f2:9e:40:
                    84:d3:09:c1:03:6b:56:3f:a8:7d:1a:aa:04:1a:bb:
                    17:df:81:7f:2a:4d:cd:3e:47:f0:07:81:81:54:c3:
                    d0:52:87:00:d0:cd:cd:92:b7:42:1d:0e:11:ee:fe:
                    5a:f2:38:a7:9c:cf:0d:97:52:be:a9:7d:61:5c:8b:
                    e9:5f:49:28:69:ad:db:d3:1f:1e:bc:3c:ab:b0:3f:
                    39:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:29:75:6A:32:F0:5B:0F:29:20:C4:96:25:E6:B9:5D:E9:F4:0D:6A
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/8il1ajLwWw8pIMSWJea5Xen0DWo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:32:d0:88:d9:d3:27:f8:37:11:bc:80:51:81:46:f9:b7:ab:
         b9:09:d0:89:df:92:2d:72:6b:bf:90:18:bf:9a:92:8f:72:f6:
         c2:ff:ee:fa:16:43:1f:0d:b7:71:63:80:51:27:f7:c9:ad:e3:
         a7:cd:6f:99:5e:49:4b:24:62:68:b9:7a:e7:5a:10:f7:0d:bb:
         ee:55:68:80:da:76:56:e6:87:4b:91:2c:8c:fe:dd:2c:36:f0:
         81:e8:7b:df:85:fc:e8:56:08:1c:0c:91:16:3e:19:ec:79:21:
         10:9f:fc:c0:db:d7:a0:3a:01:7a:19:89:ac:85:b4:75:c8:2f:
         24:55:df:d6:90:7e:62:d2:3a:3d:32:bf:a4:5a:ce:8e:aa:dd:
         a1:b7:69:9b:c6:37:57:48:ba:da:dd:c6:4f:2c:83:8e:4c:ae:
         52:05:09:c4:c9:b5:d9:09:fe:3d:4f:17:12:fe:65:87:81:db:
         cd:c4:0c:3f:cf:0c:66:9d:a2:bf:e9:ca:0d:dd:35:24:6a:8d:
         f8:be:6e:9b:86:4d:ca:2e:a7:40:07:2e:cc:00:de:40:94:59:
         31:fb:7c:4b:12:f1:68:39:27:27:fa:bd:bc:f7:26:03:36:9f:
         59:c8:6c:48:f2:b3:e0:92:29:72:ab:69:72:ab:ba:2e:03:b6:
         a8:0a:0d:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMed/4TExPWHcSAD8x8Tdh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjIwOTA4MTg1ODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjI5NzU2YTMyZjA1YjBmMjkyMGM0OTYyNWU2Yjk1ZGU5ZjQwZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Dj+6aSPSonnmyTx5m0uU0rn9rCL
ZyZEp80azg1jO1kaSINzBLD9qvljhig9HtI92rHHkH6TMc6bTzpUkG/sEMeJ9+Jl
lRwGaqW5aDxDLm0vYS2Vt2SljpG3dcteFVT27yqF6/c9SGYTX5E6S2r8Rnj+XGp4
clllIRTXmF6DPFhM/sdtaB4KB1x2opAJkGSFXQD6BfSPrr6CUavpE/Wv8s4NrSE/
dfv8R1S/AZ/IOF3ynkCE0wnBA2tWP6h9GqoEGrsX34F/Kk3NPkfwB4GBVMPQUocA
0M3NkrdCHQ4R7v5a8jinnM8Nl1K+qX1hXIvpX0koaa3b0x8evDyrsD85ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIpdWoy8FsPKSDEliXmuV3p9A1qMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvOGlsMWFqTHdXdzhwSU1TV0plYTVYZW4wRFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZY1MA0G
CSqGSIb3DQEBCwUAA4IBAQAMMtCI2dMn+DcRvIBRgUb5t6u5CdCJ35Itcmu/kBi/
mpKPcvbC/+76FkMfDbdxY4BRJ/fJreOnzW+ZXklLJGJouXrnWhD3DbvuVWiA2nZW
5odLkSyM/t0sNvCB6HvfhfzoVggcDJEWPhnseSEQn/zA29egOgF6GYmshbR1yC8k
Vd/WkH5i0jo9Mr+kWs6Oqt2ht2mbxjdXSLra3cZPLIOOTK5SBQnEybXZCf49TxcS
/mWHgdvNxAw/zwxmnaK/6coN3TUkao34vm6bhk3KLqdABy7MAN5AlFkx+3xLEvFo
OScn+r289yYDNp9ZyGxI8rPgkilyq2lyq7ouA7aoCg3N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:42 2024 by rpki-client on console-ams.rpki-client.org