Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/j1w3YvCUOwCwUeHLW1Dm0K3NyTg.roa
File:                     j1w3YvCUOwCwUeHLW1Dm0K3NyTg.roa (raw, json)
Hash identifier:          hP48fShWuU0eoF9fVnuNdyYZ2oOfEegxs6WlwzzB3lY=
Subject key identifier:   8F:5C:37:62:F0:94:3B:00:B0:51:E1:CB:5B:50:E6:D0:AD:CD:C9:38
Certificate issuer:       /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Certificate serial:       19D98CAC
Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/j1w3YvCUOwCwUeHLW1Dm0K3NyTg.roa
Signing time:             Sat 01 Jan 2022 04:55:08 +0000
ROA not before:           Sat 01 Jan 2022 04:55:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24669
IP address blocks:        45.250.26.0/24 maxlen: 24
                          45.250.25.0/24 maxlen: 24
                          45.250.27.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 433687724 (0x19d98cac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
        Validity
            Not Before: Jan  1 04:55:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8f5c3762f0943b00b051e1cb5b50e6d0adcdc938
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:8c:dd:47:98:ec:19:bb:9e:5f:50:de:32:4f:
                    df:bb:3f:10:13:75:71:4a:76:53:e0:6c:a1:ac:aa:
                    a5:e8:b5:6b:3f:5f:b6:bd:c3:9b:2d:13:a2:70:39:
                    8e:bf:e9:d2:ed:5b:eb:21:d3:0f:08:62:1b:34:de:
                    a7:8e:c6:39:95:d7:91:d3:0d:06:b3:04:b2:6a:62:
                    d1:f8:df:1b:8a:8c:97:6a:87:27:48:72:2c:84:54:
                    ba:3c:27:ae:18:a4:f9:14:d3:2a:b3:7a:4d:ee:95:
                    f9:0b:78:fd:e6:5a:98:58:8a:dc:cc:a2:45:2f:f5:
                    1d:e4:4a:67:b4:ff:49:ae:ef:f5:66:d2:b5:93:17:
                    b9:64:18:52:18:c2:29:ea:c9:60:3b:b3:fb:4b:42:
                    94:8f:ca:c4:4f:9c:a2:64:8c:f6:b7:c4:56:cb:9d:
                    22:a9:1c:9d:d3:ca:36:11:45:bc:98:2a:0c:49:01:
                    1a:f8:8e:15:19:83:f7:45:d5:66:c0:13:74:76:7a:
                    fd:8f:72:5d:27:7b:0d:93:36:00:23:03:2b:18:89:
                    54:35:d6:5a:9a:bb:df:f0:2f:cf:71:07:fd:73:73:
                    13:e9:c4:46:e4:2f:24:d1:4d:2a:e2:a0:56:bd:96:
                    c8:d7:ba:71:f2:4f:1b:0d:05:ce:38:9a:35:b2:be:
                    45:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:5C:37:62:F0:94:3B:00:B0:51:E1:CB:5B:50:E6:D0:AD:CD:C9:38
            X509v3 Authority Key Identifier:
                keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/j1w3YvCUOwCwUeHLW1Dm0K3NyTg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.250.25.0-45.250.27.255

    Signature Algorithm: sha256WithRSAEncryption
         88:d5:05:94:b8:f8:f0:3f:9d:a4:73:ef:f9:b0:72:2a:e4:1e:
         be:af:2b:bf:1c:f5:c9:4d:fe:f5:59:d0:f3:a6:33:48:5e:ea:
         e1:d5:46:2e:39:f7:16:94:52:14:25:3d:25:0f:98:9e:33:98:
         31:21:85:35:88:a0:c2:51:7f:83:35:f1:90:24:02:54:4a:65:
         25:ef:42:31:7d:8f:c5:14:a1:e0:67:b2:4d:12:d4:01:ec:e7:
         e4:b8:12:40:23:51:05:75:6b:95:46:a6:f2:e2:fc:36:5d:80:
         32:16:62:83:41:29:58:52:1f:92:69:16:27:fe:db:35:bb:60:
         68:44:9c:de:60:09:22:42:ab:c1:d4:74:30:f3:69:cd:08:2e:
         14:a2:c9:50:90:16:34:4c:da:fa:5c:a0:16:65:e9:2c:1d:ca:
         68:c0:e8:e6:2a:85:a8:0e:49:eb:e8:52:c4:06:32:b9:23:aa:
         77:d1:12:0d:c3:bc:f3:e9:f2:88:90:36:a0:21:57:2e:70:67:
         45:d3:f9:1d:15:b5:a9:1e:6a:a7:ab:fa:ff:ca:18:76:e2:ca:
         47:be:0c:a3:d1:78:cf:6e:b5:fd:20:d7:49:25:71:ef:99:15:
         8c:7a:d8:5b:38:76:62:7f:20:21:16:ef:7b:ab:67:40:f0:0a:
         03:bd:c6:3d
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEGdmMrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmRlYzRhNDZhNmU2ZTRmOWE5MmQwYmEyZTBiM2FiNTY1OGJlMWJkMB4XDTIyMDEw
MTA0NTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY1YzM3NjJmMDk0
M2IwMGIwNTFlMWNiNWI1MGU2ZDBhZGNkYzkzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqM3UeY7Bm7nl9Q3jJP37s/EBN1cUp2U+Bsoayqpei1az9f
tr3Dmy0TonA5jr/p0u1b6yHTDwhiGzTep47GOZXXkdMNBrMEsmpi0fjfG4qMl2qH
J0hyLIRUujwnrhik+RTTKrN6Te6V+Qt4/eZamFiK3MyiRS/1HeRKZ7T/Sa7v9WbS
tZMXuWQYUhjCKerJYDuz+0tClI/KxE+comSM9rfEVsudIqkcndPKNhFFvJgqDEkB
GviOFRmD90XVZsATdHZ6/Y9yXSd7DZM2ACMDKxiJVDXWWpq73/Avz3EH/XNzE+nE
RuQvJNFNKuKgVr2WyNe6cfJPGw0FzjiaNbK+RaECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSPXDdi8JQ7ALBR4ctbUObQrc3JODAfBgNVHSMEGDAWgBT/3sSkam5uT5qS
0LouCzq1ZYvhvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L185N0VwR3B1YmstYWt0QzZMZ3M2dFdXTDRiMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvMTFlNWIzLTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8x
L2oxdzNZdkNVT3dDd1VlSExXMURtMEszTnlUZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
MTFlNWIzLTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8xL185N0VwR3B1Ymst
YWt0QzZMZ3M2dFdXTDRiMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQALfoZAwQCLfoYMA0GCSqGSIb3
DQEBCwUAA4IBAQCI1QWUuPjwP52kc+/5sHIq5B6+ryu/HPXJTf71WdDzpjNIXurh
1UYuOfcWlFIUJT0lD5ieM5gxIYU1iKDCUX+DNfGQJAJUSmUl70IxfY/FFKHgZ7JN
EtQB7OfkuBJAI1EFdWuVRqby4vw2XYAyFmKDQSlYUh+SaRYn/ts1u2BoRJzeYAki
QqvB1HQw82nNCC4UoslQkBY0TNr6XKAWZeksHcpowOjmKoWoDknr6FLEBjK5I6p3
0RINw7zz6fKIkDagIVcucGdF0/kdFbWpHmqnq/r/yhh24spHvgyj0XjPbrX9INdJ
JXHvmRWMethbOHZifyAhFu97q2dA8AoDvcY9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:52 2024 by rpki-client on console-ams.rpki-client.org