Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8JpYjaVsVcyLktZmz4ZboFQPNYU.roa
File:                     8JpYjaVsVcyLktZmz4ZboFQPNYU.roa (raw, json)
Hash identifier:          x/+WcJWPZST5IE3RFlSBEyZOBmJr96y9kmNC++xH4KM=
Subject key identifier:   F0:9A:58:8D:A5:6C:55:CC:8B:92:D6:66:CF:86:5B:A0:54:0F:35:85
Certificate issuer:       /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial:       01856DCAE817A607D604F742D197A1C64985
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8JpYjaVsVcyLktZmz4ZboFQPNYU.roa
Signing time:             Sun 01 Jan 2023 14:44:52 +0000
ROA not before:           Sun 01 Jan 2023 14:44:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7979
IP address blocks:        45.152.197.0/24 maxlen: 24
                          45.130.253.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:ca:e8:17:a6:07:d6:04:f7:42:d1:97:a1:c6:49:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
        Validity
            Not Before: Jan  1 14:44:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f09a588da56c55cc8b92d666cf865ba0540f3585
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:2e:37:da:e6:56:c7:83:60:4d:d4:e8:d2:2a:
                    1a:25:74:2d:89:f6:c4:91:8b:ea:91:1c:44:07:39:
                    57:0c:03:7b:a7:5e:c3:ac:54:68:25:93:e2:96:a2:
                    12:e9:4a:e5:e9:a9:7d:f6:01:f9:5f:96:28:f6:43:
                    70:20:9a:91:ef:e3:6a:fd:98:14:0c:de:27:64:23:
                    8a:c7:14:2c:24:bd:aa:32:07:14:dc:72:c5:3b:f6:
                    a5:2e:4f:4e:ee:c2:6c:72:24:42:cf:aa:b5:c0:34:
                    6b:64:24:6d:fd:a8:10:66:5d:f5:5f:56:35:39:ec:
                    e6:25:34:65:bb:3e:8f:59:1c:a2:2d:5c:7b:26:e5:
                    4b:fc:78:fa:16:e2:83:a8:d9:98:8c:bb:c4:98:4c:
                    c1:ff:6d:91:e9:5f:f8:5b:49:0a:1b:13:6c:c7:cb:
                    9b:64:99:58:2e:8e:70:86:76:c4:0b:31:72:de:b4:
                    16:99:7a:ce:5c:96:39:3f:36:e9:fe:d5:72:3a:36:
                    da:f5:ee:a8:80:56:9e:d8:8b:03:f9:01:e1:af:b7:
                    43:69:5a:54:38:16:56:5c:c9:ed:b2:72:d1:fb:f9:
                    c1:a7:0a:f5:83:27:0c:94:8c:b1:97:30:a4:f7:71:
                    c3:97:ad:d5:3f:18:cb:87:b6:5a:a8:5d:27:fb:1d:
                    2e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:9A:58:8D:A5:6C:55:CC:8B:92:D6:66:CF:86:5B:A0:54:0F:35:85
            X509v3 Authority Key Identifier:
                keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8JpYjaVsVcyLktZmz4ZboFQPNYU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.253.0/24
                  45.152.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:fc:81:82:ca:e8:eb:71:f4:5c:b8:85:a7:48:5f:01:ae:e1:
         c6:ca:e6:c5:66:8b:4f:5e:30:ce:d8:e0:0f:96:d7:2e:02:5b:
         c0:71:fd:03:71:2a:c2:4c:09:4b:41:32:72:54:9c:b6:81:85:
         08:30:b9:17:c7:c9:61:ba:15:c5:b7:8b:e3:b0:36:6c:6d:83:
         1b:ff:10:cf:9d:b0:4e:4a:d0:3a:e3:1e:90:aa:79:c8:de:ec:
         ee:7b:cb:c8:2f:69:8f:d8:06:57:fd:3c:fe:3c:8b:f6:fd:96:
         c0:b8:0b:9d:5f:7c:d9:11:6b:f1:91:15:ab:52:66:c6:41:4b:
         af:f7:bd:64:2a:9c:78:7b:c6:4b:d0:4b:cb:4f:64:26:96:2b:
         e9:14:ee:02:6a:96:e6:ef:c5:c2:8e:c0:3d:85:49:99:02:c1:
         1c:be:b8:f8:01:7f:d4:cc:d3:02:5d:07:e0:94:1c:09:7f:62:
         e1:dd:d5:55:60:91:8a:1d:de:bd:b2:88:26:20:27:e8:87:5e:
         3f:b7:65:0b:99:d3:4c:a7:da:a7:3e:23:86:90:9f:f9:f5:f2:
         b4:47:59:c4:98:14:e8:b6:7e:3a:8b:75:fe:4c:d8:f7:e7:7c:
         de:76:bf:a3:61:ea:ce:e3:6c:69:e0:90:83:d6:10:1d:37:ca:
         89:61:c5:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtyugXpgfWBPdC0ZehxkmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDlhNTg4ZGE1NmM1NWNjOGI5MmQ2NjZjZjg2NWJhMDU0MGYzNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS432uZWx4NgTdTo0ioaJXQtifbE
kYvqkRxEBzlXDAN7p17DrFRoJZPilqIS6Url6al99gH5X5Yo9kNwIJqR7+Nq/ZgU
DN4nZCOKxxQsJL2qMgcU3HLFO/alLk9O7sJsciRCz6q1wDRrZCRt/agQZl31X1Y1
OezmJTRluz6PWRyiLVx7JuVL/Hj6FuKDqNmYjLvEmEzB/22R6V/4W0kKGxNsx8ub
ZJlYLo5whnbECzFy3rQWmXrOXJY5Pzbp/tVyOjba9e6ogFae2IsD+QHhr7dDaVpU
OBZWXMntsnLR+/nBpwr1gycMlIyxlzCk93HDl63VPxjLh7ZaqF0n+x0ucQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPCaWI2lbFXMi5LWZs+GW6BUDzWFMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOEpwWWphVnNWY3lMa3RabXo0WmJvRlFQTllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYL9AwQA
LZjFMA0GCSqGSIb3DQEBCwUAA4IBAQBh/IGCyujrcfRcuIWnSF8BruHGyubFZotP
XjDO2OAPltcuAlvAcf0DcSrCTAlLQTJyVJy2gYUIMLkXx8lhuhXFt4vjsDZsbYMb
/xDPnbBOStA64x6QqnnI3uzue8vIL2mP2AZX/Tz+PIv2/ZbAuAudX3zZEWvxkRWr
UmbGQUuv971kKpx4e8ZL0EvLT2QmlivpFO4Capbm78XCjsA9hUmZAsEcvrj4AX/U
zNMCXQfglBwJf2Lh3dVVYJGKHd69sogmICfoh14/t2ULmdNMp9qnPiOGkJ/59fK0
R1nEmBTotn46i3X+TNj353zedr+jYerO42xp4JCD1hAdN8qJYcUu
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:43:23 2025 by rpki-client