Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/t0oEOi8cN1Vv_u-Lioq_l4mWYmg.roa
File:                     t0oEOi8cN1Vv_u-Lioq_l4mWYmg.roa (raw, json)
Hash identifier:          fXRGmykW/Bv4w+OBV1BQahIbvSXbCBc967vbCZKz26A=
Subject key identifier:   B7:4A:04:3A:2F:1C:37:55:6F:FE:EF:8B:8A:8A:BF:97:89:96:62:68
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       04CCD1DA
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/t0oEOi8cN1Vv_u-Lioq_l4mWYmg.roa
Signing time:             Mon 02 May 2022 11:11:56 +0000
ROA not before:           Mon 02 May 2022 11:11:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201706
IP address blocks:        45.8.210.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 80531930 (0x4ccd1da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: May  2 11:11:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b74a043a2f1c37556ffeef8b8a8abf9789966268
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a9:7f:df:df:3d:47:68:5f:b1:79:24:f0:a8:
                    e5:90:97:61:7c:ff:37:ab:6c:46:12:e7:ec:a6:d5:
                    55:da:33:36:24:61:0b:8f:92:c3:59:99:43:34:ee:
                    6c:fd:c7:32:00:22:8f:03:c5:09:e6:8f:a4:95:ec:
                    88:8b:8a:ee:e2:8e:ab:bd:db:5e:3d:c3:6a:eb:a5:
                    b3:54:9a:c5:4d:18:85:6c:0a:58:25:b2:6c:90:5c:
                    b2:4a:6f:12:0a:97:80:5d:db:eb:eb:78:a3:7d:25:
                    6f:c6:3d:f4:d8:9d:18:0b:78:dc:02:41:7c:af:cd:
                    60:b7:47:ec:c6:50:c8:0e:1c:0b:79:07:b3:20:78:
                    c8:7b:e2:62:59:39:f5:bf:d8:1e:7f:ad:13:9d:7c:
                    27:f9:d5:a8:32:6c:49:63:41:b8:17:64:27:40:b2:
                    c8:e7:ce:7d:89:63:f8:2a:5f:7d:8c:91:58:bb:7b:
                    91:c1:a5:0d:47:07:2c:d5:59:38:51:d0:8f:8a:3b:
                    f9:38:89:46:ce:98:20:17:cb:2e:f1:85:aa:da:3b:
                    fb:da:3c:bb:6b:3f:27:cb:f1:52:bb:ce:58:4e:66:
                    5f:3e:73:f6:ca:cf:63:73:8f:1c:a2:7a:61:e3:43:
                    c6:e8:29:4c:f8:2e:f2:37:a9:55:eb:5c:a0:ba:e0:
                    36:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:4A:04:3A:2F:1C:37:55:6F:FE:EF:8B:8A:8A:BF:97:89:96:62:68
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/t0oEOi8cN1Vv_u-Lioq_l4mWYmg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:82:06:01:f4:e9:66:e1:d3:88:05:1c:d2:45:de:d7:91:e9:
         e6:76:e6:46:75:5c:2c:db:9c:ad:cd:79:c1:0d:fe:38:20:ef:
         f2:fb:95:94:12:2c:b0:7b:d9:da:8d:9c:5b:81:9f:43:3f:79:
         6c:7a:60:a1:37:dc:6e:39:4c:74:ad:f0:bc:ae:bd:d1:86:f3:
         61:9b:21:92:fc:fe:21:6f:52:23:6b:a8:34:fd:d9:4e:b1:a7:
         14:cb:f6:f8:ff:07:e2:61:76:62:63:46:71:ab:4a:0e:43:e1:
         0a:5f:64:05:51:58:9c:f2:12:7b:8a:6c:f4:c6:e1:2f:84:98:
         e4:a5:83:77:79:9a:0d:00:4e:6e:a3:a9:40:af:f3:f9:e3:fc:
         ab:7a:11:e1:c4:e0:4f:50:2d:5c:cc:47:2c:c3:2f:b6:e0:5b:
         07:d3:62:9c:6f:73:64:a5:33:3d:97:a8:6f:8f:3f:e7:8e:59:
         14:93:b7:c4:71:99:8a:61:5c:54:50:1b:45:a5:9d:15:98:d5:
         b9:6e:f4:39:71:e9:57:49:67:9e:f1:3d:10:3c:1d:db:c1:81:
         f0:07:3e:8e:dc:51:fa:ef:67:0d:dd:e8:08:82:c8:7d:27:44:
         56:a0:b2:77:73:d7:0b:ff:30:c0:ae:c8:a1:5a:91:38:66:d0:
         44:a8:e0:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBMzR2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDUw
MjExMTE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc0YTA0M2EyZjFj
Mzc1NTZmZmVlZjhiOGE4YWJmOTc4OTk2NjI2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCpf9/fPUdoX7F5JPCo5ZCXYXz/N6tsRhLn7KbVVdozNiRh
C4+Sw1mZQzTubP3HMgAijwPFCeaPpJXsiIuK7uKOq73bXj3Dauuls1SaxU0YhWwK
WCWybJBcskpvEgqXgF3b6+t4o30lb8Y99NidGAt43AJBfK/NYLdH7MZQyA4cC3kH
syB4yHviYlk59b/YHn+tE518J/nVqDJsSWNBuBdkJ0CyyOfOfYlj+CpffYyRWLt7
kcGlDUcHLNVZOFHQj4o7+TiJRs6YIBfLLvGFqto7+9o8u2s/J8vxUrvOWE5mXz5z
9srPY3OPHKJ6YeNDxugpTPgu8jepVetcoLrgNhkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS3SgQ6Lxw3VW/+74uKir+XiZZiaDAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L3Qwb0VPaThjTjFWdl91LUxpb3FfbDRtV1ltZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I0jANBgkqhkiG9w0BAQsFAAOC
AQEAlYIGAfTpZuHTiAUc0kXe15Hp5nbmRnVcLNucrc15wQ3+OCDv8vuVlBIssHvZ
2o2cW4GfQz95bHpgoTfcbjlMdK3wvK690YbzYZshkvz+IW9SI2uoNP3ZTrGnFMv2
+P8H4mF2YmNGcatKDkPhCl9kBVFYnPISe4ps9MbhL4SY5KWDd3maDQBObqOpQK/z
+eP8q3oR4cTgT1AtXMxHLMMvtuBbB9NinG9zZKUzPZeob48/545ZFJO3xHGZimFc
VFAbRaWdFZjVuW70OXHpV0lnnvE9EDwd28GB8Ac+jtxR+u9nDd3oCILIfSdEVqCy
d3PXC/8wwK7IoVqROGbQRKjgYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org