Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/jKh9vYTKARiD5OcPPTfr9c3UmXE.roa
File:                     jKh9vYTKARiD5OcPPTfr9c3UmXE.roa (raw, json)
Hash identifier:          Abx5c7PsAMmdH9cFm7+aE77Z8AZevF6nRQBh8EQXrz8=
Subject key identifier:   8C:A8:7D:BD:84:CA:01:18:83:E4:E7:0F:3D:37:EB:F5:CD:D4:99:71
Certificate issuer:       /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial:       0183F5198297D99AD8299748D8B064264DA9
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/jKh9vYTKARiD5OcPPTfr9c3UmXE.roa
Signing time:             Thu 20 Oct 2022 11:13:53 +0000
ROA not before:           Thu 20 Oct 2022 11:13:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        46.175.130.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f5:19:82:97:d9:9a:d8:29:97:48:d8:b0:64:26:4d:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
        Validity
            Not Before: Oct 20 11:13:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8ca87dbd84ca011883e4e70f3d37ebf5cdd49971
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:df:5b:f8:4e:c0:29:d0:52:b0:78:0b:f2:01:
                    b4:04:a2:e7:b4:35:0a:91:f6:ea:14:aa:0a:a1:de:
                    96:5b:36:d9:f5:c2:01:65:56:10:61:3d:2f:42:f7:
                    a6:20:15:b6:37:00:40:84:87:51:18:b9:1e:89:d4:
                    95:78:8c:82:ab:1d:a2:bf:0b:85:a8:f5:55:bb:f9:
                    b6:7c:c2:85:b6:ff:56:3c:f7:8c:d8:61:be:0c:bd:
                    f5:8b:88:e8:e6:f6:c2:c6:94:7a:d8:a0:6c:a9:a9:
                    46:7e:24:b0:0e:47:42:ca:10:25:c7:6b:64:85:ad:
                    99:09:f2:b8:f2:ac:be:7d:49:63:e2:03:db:09:7a:
                    b6:33:15:80:83:05:65:21:53:48:d9:94:9b:99:ed:
                    d8:f1:a8:e1:32:02:e7:e1:b1:f4:35:48:7a:88:36:
                    d9:04:f1:ec:f7:87:6f:1f:5a:af:6a:c3:1a:5e:e8:
                    6f:12:3b:b8:74:61:90:7a:70:94:58:3b:a2:7b:19:
                    9b:c5:f7:09:e2:66:1f:02:37:e6:1e:10:62:3f:4a:
                    cb:ef:aa:92:c8:93:12:ac:b3:e7:e0:7f:bb:68:0c:
                    ca:e9:fb:39:88:28:69:a4:33:fb:23:66:58:ae:76:
                    0a:9d:df:fa:c8:93:7a:8f:ca:10:b4:83:59:e2:f3:
                    dc:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:A8:7D:BD:84:CA:01:18:83:E4:E7:0F:3D:37:EB:F5:CD:D4:99:71
            X509v3 Authority Key Identifier:
                keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/jKh9vYTKARiD5OcPPTfr9c3UmXE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.175.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:f9:b3:1a:5a:5e:17:02:01:19:48:8b:a0:ca:8b:5f:a9:c9:
         a5:92:fb:33:52:8e:e1:33:ce:18:b6:de:a2:85:2a:7e:2f:9f:
         1a:24:40:2f:b6:0a:94:af:23:9b:0a:0c:92:9e:e9:2d:e4:ba:
         06:92:5a:2c:3c:8a:47:f8:7c:f7:88:52:37:52:d6:b1:86:4d:
         84:fe:e2:36:d4:b7:c3:ef:49:5a:75:15:70:3b:58:a4:30:36:
         38:f4:1c:8d:ae:5d:0a:be:f8:f7:d1:31:7c:6b:59:57:be:45:
         ef:78:06:0e:ed:49:e3:52:69:84:fb:d1:77:4a:c8:26:0f:d0:
         62:03:c0:a4:a0:6d:22:08:55:73:cd:75:4f:1f:7e:a5:c0:94:
         e4:a8:d8:8c:00:eb:fd:00:f4:ce:bb:f2:f3:76:3b:de:34:77:
         a7:44:2a:1a:df:0d:5f:b9:7f:a2:4f:30:dd:ea:f3:38:5a:1e:
         e4:11:9f:77:6f:27:19:b6:4d:23:ed:22:c8:02:9a:5f:8b:13:
         c1:49:45:b3:c1:ca:13:34:09:76:02:7c:fe:33:d5:9c:88:d4:
         5f:0e:17:b0:9e:a0:18:60:10:b4:a5:33:d4:0a:f6:a5:18:43:
         5d:d4:5b:51:a9:3e:e4:3e:d4:b2:ea:48:28:1c:5d:7e:18:19:
         8d:47:b8:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP1GYKX2ZrYKZdI2LBkJk2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjIxMDIwMTExMzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2E4N2RiZDg0Y2EwMTE4ODNlNGU3MGYzZDM3ZWJmNWNkZDQ5OTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs99b+E7AKdBSsHgL8gG0BKLntDUK
kfbqFKoKod6WWzbZ9cIBZVYQYT0vQvemIBW2NwBAhIdRGLkeidSVeIyCqx2ivwuF
qPVVu/m2fMKFtv9WPPeM2GG+DL31i4jo5vbCxpR62KBsqalGfiSwDkdCyhAlx2tk
ha2ZCfK48qy+fUlj4gPbCXq2MxWAgwVlIVNI2ZSbme3Y8ajhMgLn4bH0NUh6iDbZ
BPHs94dvH1qvasMaXuhvEju4dGGQenCUWDuiexmbxfcJ4mYfAjfmHhBiP0rL76qS
yJMSrLPn4H+7aAzK6fs5iChppDP7I2ZYrnYKnd/6yJN6j8oQtINZ4vPc6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyofb2EygEYg+TnDz036/XN1JlxMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvaktoOXZZVEtBUmlENU9jUFBUZnI5YzNVbVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALq+CMA0G
CSqGSIb3DQEBCwUAA4IBAQCW+bMaWl4XAgEZSIugyotfqcmlkvszUo7hM84Ytt6i
hSp+L58aJEAvtgqUryObCgySnukt5LoGklosPIpH+Hz3iFI3Utaxhk2E/uI21LfD
70ladRVwO1ikMDY49ByNrl0Kvvj30TF8a1lXvkXveAYO7UnjUmmE+9F3SsgmD9Bi
A8CkoG0iCFVzzXVPH36lwJTkqNiMAOv9APTOu/LzdjveNHenRCoa3w1fuX+iTzDd
6vM4Wh7kEZ93bycZtk0j7SLIAppfixPBSUWzwcoTNAl2Anz+M9WciNRfDhewnqAY
YBC0pTPUCvalGENd1FtRqT7kPtSy6kgoHF1+GBmNR7hE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:12 2024 by rpki-client on console-ams.rpki-client.org