Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/jl4hR-YBjaZlFgH2xPTtjR-8-24.roa
File:                     jl4hR-YBjaZlFgH2xPTtjR-8-24.roa (raw, json)
Hash identifier:          VwB9f+T+PtdJ2Va2bXw1WP+4jLxkgnuuvWBjFGbnXRI=
Subject key identifier:   8E:5E:21:47:E6:01:8D:A6:65:16:01:F6:C4:F4:ED:8D:1F:BC:FB:6E
Certificate issuer:       /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial:       0182CB0B0EBF87D1A0BB05ACB08FB04541E5
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/jl4hR-YBjaZlFgH2xPTtjR-8-24.roa
Signing time:             Tue 23 Aug 2022 14:11:15 +0000
ROA not before:           Tue 23 Aug 2022 14:11:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        145.46.168.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:cb:0b:0e:bf:87:d1:a0:bb:05:ac:b0:8f:b0:45:41:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
        Validity
            Not Before: Aug 23 14:11:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8e5e2147e6018da6651601f6c4f4ed8d1fbcfb6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:6e:5d:ba:f8:d0:f2:64:3e:21:d8:e1:e4:c1:
                    4a:61:dd:fe:7a:19:29:ac:56:3e:22:75:53:8a:49:
                    d9:ee:9f:90:a3:72:66:ca:33:5f:38:ee:cd:9a:4a:
                    fb:e5:62:d2:8f:9a:4c:e0:bd:22:c5:73:e8:d8:87:
                    ca:68:e4:42:b8:69:da:7b:25:c6:12:2d:1a:5a:e2:
                    b5:c4:cf:1c:5d:7a:c5:3e:ef:25:2a:4a:7c:2e:0e:
                    9c:45:51:8a:73:9b:5b:54:59:84:ad:58:c0:48:9d:
                    96:f3:82:02:ed:c2:51:02:2a:a8:a4:4e:71:a6:2f:
                    7a:43:b2:2c:5f:73:8b:ae:45:73:e3:f6:5f:49:f2:
                    83:a5:a9:98:df:3c:13:05:c8:df:10:ee:65:c5:5a:
                    d8:ca:e4:94:b3:12:8c:c7:70:53:d3:1a:9f:b7:31:
                    0f:62:fe:de:62:49:9d:93:7e:53:03:ff:96:57:c8:
                    65:76:22:01:4b:11:3e:6b:f4:7f:63:cb:51:3c:b8:
                    e9:41:24:d7:86:bb:74:7a:f9:7d:83:fe:3f:0a:39:
                    b9:df:21:0f:90:a6:f5:89:6a:a0:8c:02:4d:5a:cf:
                    5f:1b:8d:ad:5e:59:95:cb:7b:e5:16:1a:1c:fb:70:
                    a0:e2:43:da:85:b0:18:e2:5e:be:05:95:b7:dd:45:
                    96:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:5E:21:47:E6:01:8D:A6:65:16:01:F6:C4:F4:ED:8D:1F:BC:FB:6E
            X509v3 Authority Key Identifier:
                keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/jl4hR-YBjaZlFgH2xPTtjR-8-24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.46.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:a1:e4:8b:81:de:88:55:8f:6e:be:9a:42:2d:14:36:97:1e:
         f4:07:8b:6c:64:cd:2f:23:6b:ab:35:26:45:5b:a6:48:1c:e0:
         79:f5:dd:f2:78:b4:d1:2b:7a:d6:62:ad:39:4b:39:e8:a1:05:
         5f:a6:96:83:76:10:b7:cf:a5:b1:c9:bb:ad:62:c8:90:2f:cc:
         b9:9c:b2:61:50:dc:6f:1b:b7:e5:e1:de:bc:4d:4f:db:07:d8:
         4d:0b:93:a4:e2:fb:57:14:57:b8:0c:5c:87:49:1a:a1:ea:fc:
         55:be:f4:67:35:bc:3f:4c:6d:28:93:77:c3:45:a7:3f:05:72:
         78:9a:9a:d3:e3:6b:c5:dd:4a:96:3b:ea:13:25:8d:8f:c9:71:
         05:98:2e:cf:82:1d:e9:52:ef:d3:1c:91:cd:17:01:9a:89:0a:
         a4:1f:d5:65:16:fc:65:ad:c3:bd:ca:44:fc:c3:7d:2e:d7:32:
         51:2b:79:da:c3:b7:ab:f5:d7:7f:ba:cf:f8:50:b3:8c:10:a0:
         f1:e2:dd:be:40:b1:98:c9:62:a6:35:7f:4c:10:6e:5b:9d:49:
         66:2d:8a:c7:1b:65:f8:ff:cc:d6:96:e2:72:2c:b9:7b:e4:ed:
         b4:d9:59:1d:e4:89:f3:11:78:29:5d:a7:57:d5:70:e4:c0:b3:
         6b:ce:1c:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLLCw6/h9GguwWssI+wRUHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjIwODIzMTQxMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTVlMjE0N2U2MDE4ZGE2NjUxNjAxZjZjNGY0ZWQ4ZDFmYmNmYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum5duvjQ8mQ+Idjh5MFKYd3+ehkp
rFY+InVTiknZ7p+Qo3JmyjNfOO7Nmkr75WLSj5pM4L0ixXPo2IfKaORCuGnaeyXG
Ei0aWuK1xM8cXXrFPu8lKkp8Lg6cRVGKc5tbVFmErVjASJ2W84IC7cJRAiqopE5x
pi96Q7IsX3OLrkVz4/ZfSfKDpamY3zwTBcjfEO5lxVrYyuSUsxKMx3BT0xqftzEP
Yv7eYkmdk35TA/+WV8hldiIBSxE+a/R/Y8tRPLjpQSTXhrt0evl9g/4/Cjm53yEP
kKb1iWqgjAJNWs9fG42tXlmVy3vlFhoc+3Cg4kPahbAY4l6+BZW33UWW7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5eIUfmAY2mZRYB9sT07Y0fvPtuMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvamw0aFItWUJqYVpsRmdIMnhQVHRqUi04LTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkS6oMA0G
CSqGSIb3DQEBCwUAA4IBAQBfoeSLgd6IVY9uvppCLRQ2lx70B4tsZM0vI2urNSZF
W6ZIHOB59d3yeLTRK3rWYq05SznooQVfppaDdhC3z6WxybutYsiQL8y5nLJhUNxv
G7fl4d68TU/bB9hNC5Ok4vtXFFe4DFyHSRqh6vxVvvRnNbw/TG0ok3fDRac/BXJ4
mprT42vF3UqWO+oTJY2PyXEFmC7Pgh3pUu/THJHNFwGaiQqkH9VlFvxlrcO9ykT8
w30u1zJRK3naw7er9dd/us/4ULOMEKDx4t2+QLGYyWKmNX9MEG5bnUlmLYrHG2X4
/8zWluJyLLl75O202Vkd5InzEXgpXadX1XDkwLNrzhxL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:20 2024 by rpki-client on console-ams.rpki-client.org