Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/mxxFWFpRsNpsJDnF973lg36ZMto.roa
File:                     mxxFWFpRsNpsJDnF973lg36ZMto.roa (raw, json)
Hash identifier:          jCoZE1ia+OvKz4dLgAJ8hHtsdsvvcmSNVHpDFItg+Ok=
Subject key identifier:   9B:1C:45:58:5A:51:B0:DA:6C:24:39:C5:F7:BD:E5:83:7E:99:32:DA
Certificate issuer:       /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial:       0182CAC80C5E2FB2BC943CE193EAFA431817
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/mxxFWFpRsNpsJDnF973lg36ZMto.roa
Signing time:             Tue 23 Aug 2022 12:58:04 +0000
ROA not before:           Tue 23 Aug 2022 12:58:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        145.46.170.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ca:c8:0c:5e:2f:b2:bc:94:3c:e1:93:ea:fa:43:18:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
        Validity
            Not Before: Aug 23 12:58:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9b1c45585a51b0da6c2439c5f7bde5837e9932da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:32:6e:60:1f:d7:eb:5c:fc:fe:cf:7f:ee:31:
                    d0:48:3e:bf:09:70:13:ad:d3:f3:66:7e:0c:d2:9d:
                    e7:fa:bb:99:a8:40:6a:40:36:1e:62:a7:13:4d:06:
                    f3:e3:32:61:e1:ed:3b:83:5d:4e:fa:c5:a8:71:b6:
                    61:62:03:ab:11:16:9b:20:98:08:cb:56:a7:de:78:
                    bc:08:13:6e:1b:30:45:9e:b9:04:89:e7:ad:c9:60:
                    e2:e0:87:0d:67:09:9b:18:fa:0c:e3:61:6c:f4:56:
                    36:c2:8e:8b:d4:bd:fc:5a:44:01:67:14:1e:9f:50:
                    a6:a6:cc:9a:85:8e:16:b2:90:48:35:ce:a1:ad:a9:
                    44:c1:b9:fb:d6:cc:9c:36:ec:6e:7d:2a:d1:50:f7:
                    68:3a:f4:1f:7a:ee:af:44:ba:17:c8:51:f7:97:ed:
                    f9:54:16:08:74:21:cf:54:83:90:ed:ac:27:8d:ba:
                    a7:e0:88:d8:31:fd:dc:66:38:75:1d:59:b7:ff:a5:
                    99:76:97:b4:9f:f8:a1:61:53:7c:cc:17:cc:d4:ac:
                    ba:16:31:19:88:cc:43:9e:36:94:07:c2:bf:87:17:
                    2c:43:dd:ff:31:52:69:a8:a6:b7:b1:b2:79:6c:0a:
                    d2:78:64:07:c5:62:d2:9d:94:7d:6d:91:24:49:7a:
                    f5:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:1C:45:58:5A:51:B0:DA:6C:24:39:C5:F7:BD:E5:83:7E:99:32:DA
            X509v3 Authority Key Identifier:
                keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/mxxFWFpRsNpsJDnF973lg36ZMto.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.46.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:4e:65:6e:a2:08:63:bb:db:18:67:13:71:dc:43:cd:0e:e2:
         ec:74:de:fa:0e:49:9b:40:48:2f:d5:af:76:ae:c3:a7:18:9e:
         32:95:40:71:70:10:fd:96:16:cb:7f:f7:07:b4:bc:af:5a:d2:
         c8:38:7e:7f:c6:b5:be:40:d4:8f:1d:d5:63:29:b9:dc:57:ea:
         04:40:92:0d:99:04:cf:a4:3e:50:e3:76:26:90:e4:a2:14:00:
         b2:62:33:83:eb:98:d9:ea:9c:eb:b9:e7:cc:65:64:64:5e:60:
         c1:3c:72:8e:2e:9f:51:28:4b:1e:82:6d:aa:10:13:4f:31:25:
         00:e1:3d:aa:4f:2f:06:09:f5:1b:bd:3d:32:b5:2d:59:05:65:
         d4:f7:37:e8:66:7d:c0:ef:f6:4f:4d:1c:ce:c7:61:f4:0a:f8:
         7c:93:9a:a8:48:41:8e:7b:22:39:ab:cd:22:57:cf:47:dd:c2:
         ff:30:d3:d1:9f:14:56:6d:86:f7:42:62:05:86:a3:af:73:16:
         13:95:7a:db:47:98:89:76:68:65:9e:3c:65:e3:e0:b6:d8:40:
         23:50:79:77:e8:95:38:92:81:93:c9:63:7d:c0:a6:ef:d9:a3:
         c1:19:74:11:b2:70:06:79:81:c7:8c:64:4d:07:06:44:08:ea:
         91:63:04:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLKyAxeL7K8lDzhk+r6QxgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjIwODIzMTI1ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjFjNDU1ODVhNTFiMGRhNmMyNDM5YzVmN2JkZTU4MzdlOTkzMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DJuYB/X61z8/s9/7jHQSD6/CXAT
rdPzZn4M0p3n+ruZqEBqQDYeYqcTTQbz4zJh4e07g11O+sWocbZhYgOrERabIJgI
y1an3ni8CBNuGzBFnrkEieetyWDi4IcNZwmbGPoM42Fs9FY2wo6L1L38WkQBZxQe
n1CmpsyahY4WspBINc6hralEwbn71sycNuxufSrRUPdoOvQfeu6vRLoXyFH3l+35
VBYIdCHPVIOQ7awnjbqn4IjYMf3cZjh1HVm3/6WZdpe0n/ihYVN8zBfM1Ky6FjEZ
iMxDnjaUB8K/hxcsQ93/MVJpqKa3sbJ5bArSeGQHxWLSnZR9bZEkSXr1xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJscRVhaUbDabCQ5xfe95YN+mTLaMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvbXh4RldGcFJzTnBzSkRuRjk3M2xnMzZaTXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkS6qMA0G
CSqGSIb3DQEBCwUAA4IBAQBmTmVuoghju9sYZxNx3EPNDuLsdN76DkmbQEgv1a92
rsOnGJ4ylUBxcBD9lhbLf/cHtLyvWtLIOH5/xrW+QNSPHdVjKbncV+oEQJINmQTP
pD5Q43YmkOSiFACyYjOD65jZ6pzruefMZWRkXmDBPHKOLp9RKEsegm2qEBNPMSUA
4T2qTy8GCfUbvT0ytS1ZBWXU9zfoZn3A7/ZPTRzOx2H0Cvh8k5qoSEGOeyI5q80i
V89H3cL/MNPRnxRWbYb3QmIFhqOvcxYTlXrbR5iJdmhlnjxl4+C22EAjUHl36JU4
koGTyWN9wKbv2aPBGXQRsnAGeYHHjGRNBwZECOqRYwTb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:20 2024 by rpki-client on console-ams.rpki-client.org