Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/EcK2jxorR4-TF1psS6I6NSJy88g.roa
File:                     EcK2jxorR4-TF1psS6I6NSJy88g.roa (raw, json)
Hash identifier:          ZXR3x1nCh/t8geffML83Zl2BmOglzvny4gwSYz4DUAY=
Subject key identifier:   11:C2:B6:8F:1A:2B:47:8F:93:17:5A:6C:4B:A2:3A:35:22:72:F3:C8
Certificate issuer:       /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial:       01831C426766B3933B1774B02756D22DB8D9
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/EcK2jxorR4-TF1psS6I6NSJy88g.roa
Signing time:             Thu 08 Sep 2022 08:40:57 +0000
ROA not before:           Thu 08 Sep 2022 08:40:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     63023
IP address blocks:        87.254.31.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:1c:42:67:66:b3:93:3b:17:74:b0:27:56:d2:2d:b8:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
        Validity
            Not Before: Sep  8 08:40:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=11c2b68f1a2b478f93175a6c4ba23a352272f3c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fb:22:67:28:20:27:43:12:5b:74:c7:98:a0:
                    72:d4:1a:1b:fd:4b:59:ac:7c:c3:8e:c4:33:e2:5c:
                    38:c4:3c:a1:34:af:47:6a:fe:50:db:6c:a8:ef:55:
                    8f:95:ad:0e:0f:28:a1:6c:89:41:f3:d7:d6:e0:52:
                    ef:e3:4b:d0:29:b6:7f:dc:3c:3a:c9:05:89:d7:f5:
                    82:ac:b7:7c:e7:49:28:9d:96:ba:85:f4:ca:29:c5:
                    88:ac:89:22:22:62:3a:eb:b2:d9:21:30:ff:49:79:
                    b3:3a:c5:4d:3a:c5:c2:be:ea:56:3d:27:c1:94:1e:
                    db:0b:9a:ae:66:15:73:56:f0:a2:a0:17:88:0c:89:
                    62:fa:6d:e2:fd:e1:81:ce:84:bb:b0:08:7f:d9:da:
                    8d:37:4d:4b:5c:bc:7a:10:e2:b7:60:0f:40:bd:81:
                    53:9e:fb:31:cc:9f:fa:9f:87:20:02:ce:54:ea:d8:
                    0f:90:42:17:0d:93:97:86:12:56:c5:c8:87:31:f5:
                    f0:da:a2:f8:0e:3c:79:01:fd:99:b8:c0:ec:f3:c7:
                    db:a6:21:c1:76:14:2b:d8:fe:49:83:80:c8:90:ba:
                    92:30:4a:5a:ac:33:f2:cd:75:13:e2:3f:60:fe:2d:
                    0e:3f:22:44:fc:12:4c:83:5a:96:de:ac:51:4a:d0:
                    8d:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:C2:B6:8F:1A:2B:47:8F:93:17:5A:6C:4B:A2:3A:35:22:72:F3:C8
            X509v3 Authority Key Identifier:
                keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/EcK2jxorR4-TF1psS6I6NSJy88g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.254.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:28:7c:80:82:87:f6:90:15:cc:76:c9:63:47:77:9c:6c:97:
         d8:76:73:1a:19:a4:d6:03:2f:4f:5f:d5:6c:21:07:b5:8e:b5:
         41:2a:e7:66:f3:62:c2:f4:f2:7a:91:a3:2f:3e:72:74:a6:14:
         50:35:f4:17:04:3c:d5:0b:13:07:c2:09:6d:91:f2:bc:53:a9:
         fe:6d:83:10:97:15:b4:b8:d4:7a:15:36:52:f1:c4:f3:10:de:
         27:8a:3e:52:cc:eb:c4:22:63:4e:0b:28:d8:69:63:bc:f8:a8:
         2e:53:76:8d:71:10:04:03:a7:8e:a5:3e:e9:37:fa:5d:09:ee:
         1a:6c:ae:86:42:ec:2a:8d:54:ae:ef:5b:98:f2:d7:e2:54:21:
         0c:47:5f:c6:18:ff:d4:bb:f4:96:59:ec:48:49:6d:d3:06:7c:
         e3:47:7f:6f:59:d9:fc:09:55:6e:a2:b2:5b:e3:70:6b:d2:73:
         c1:d8:d6:0e:6b:bf:94:c4:6d:cd:df:74:d6:d6:d7:1a:0d:bb:
         fb:18:10:7b:e2:0d:b8:fa:f9:5e:a9:29:5e:dd:b1:e9:3f:26:
         6c:c1:f9:27:e1:fb:39:79:e1:f8:c8:cf:5b:bc:7f:eb:44:a5:
         52:ac:bd:a7:0b:97:16:ea:a5:04:38:44:98:50:99:6b:15:c2:
         f6:33:cc:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMcQmdms5M7F3SwJ1bSLbjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIwOTA4MDg0MDU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWMyYjY4ZjFhMmI0NzhmOTMxNzVhNmM0YmEyM2EzNTIyNzJmM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvsiZyggJ0MSW3THmKBy1Bob/UtZ
rHzDjsQz4lw4xDyhNK9Hav5Q22yo71WPla0ODyihbIlB89fW4FLv40vQKbZ/3Dw6
yQWJ1/WCrLd850konZa6hfTKKcWIrIkiImI667LZITD/SXmzOsVNOsXCvupWPSfB
lB7bC5quZhVzVvCioBeIDIli+m3i/eGBzoS7sAh/2dqNN01LXLx6EOK3YA9AvYFT
nvsxzJ/6n4cgAs5U6tgPkEIXDZOXhhJWxciHMfXw2qL4Djx5Af2ZuMDs88fbpiHB
dhQr2P5Jg4DIkLqSMEparDPyzXUT4j9g/i0OPyJE/BJMg1qW3qxRStCNBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBHCto8aK0ePkxdabEuiOjUicvPIMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvRWNLMmp4b3JSNC1URjFwc1M2STZOU0p5ODhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/4fMA0G
CSqGSIb3DQEBCwUAA4IBAQAgKHyAgof2kBXMdsljR3ecbJfYdnMaGaTWAy9PX9Vs
IQe1jrVBKudm82LC9PJ6kaMvPnJ0phRQNfQXBDzVCxMHwgltkfK8U6n+bYMQlxW0
uNR6FTZS8cTzEN4nij5SzOvEImNOCyjYaWO8+KguU3aNcRAEA6eOpT7pN/pdCe4a
bK6GQuwqjVSu71uY8tfiVCEMR1/GGP/Uu/SWWexISW3TBnzjR39vWdn8CVVuorJb
43Br0nPB2NYOa7+UxG3N33TW1tcaDbv7GBB74g24+vleqSle3bHpPyZswfkn4fs5
eeH4yM9bvH/rRKVSrL2nC5cW6qUEOESYUJlrFcL2M8zY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:21 2024 by rpki-client on console-ams.rpki-client.org