Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/V-5xJv2diwS9pEwYih7n49F5knA.roa
File:                     V-5xJv2diwS9pEwYih7n49F5knA.roa (raw, json)
Hash identifier:          PUe9k8hFDZ/Pevk0f00wuVtS24nb0W93GkVWw3N9jMc=
Subject key identifier:   57:EE:71:26:FD:9D:8B:04:BD:A4:4C:18:8A:1E:E7:E3:D1:79:92:70
Certificate issuer:       /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial:       0183361CA56A998556E8B3899959EA52FB7E
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/V-5xJv2diwS9pEwYih7n49F5knA.roa
Signing time:             Tue 13 Sep 2022 09:09:50 +0000
ROA not before:           Tue 13 Sep 2022 09:09:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56587
IP address blocks:        46.151.150.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:36:1c:a5:6a:99:85:56:e8:b3:89:99:59:ea:52:fb:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
        Validity
            Not Before: Sep 13 09:09:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=57ee7126fd9d8b04bda44c188a1ee7e3d1799270
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:02:c4:81:13:01:4f:8a:a8:5b:aa:78:e5:a9:
                    77:05:27:f2:78:13:46:9e:8c:a4:5d:e0:41:0c:9a:
                    af:b1:51:b2:44:1d:64:9b:48:f8:e7:1c:7b:3a:f9:
                    0c:5c:33:bc:22:f4:f7:6c:e6:63:dc:c5:94:7d:ee:
                    9d:e9:90:47:54:48:f3:53:b1:36:0a:75:41:08:45:
                    f2:54:fb:c4:a5:57:e7:e2:8a:5a:c2:67:49:33:78:
                    b0:84:2d:a3:16:80:05:81:1a:b2:c1:c0:c9:a8:be:
                    95:c0:84:20:c4:f2:91:53:0c:87:d3:f3:1b:57:be:
                    f2:d1:a2:70:18:65:60:40:cd:c2:15:ea:96:71:62:
                    5e:20:55:df:60:41:bd:da:7b:fd:12:76:46:be:3a:
                    11:4c:ba:d6:ce:3f:41:d0:b9:ae:25:09:8f:0f:24:
                    58:09:e5:d0:ac:a6:4d:2d:8e:19:83:ec:a3:07:0a:
                    eb:c1:e9:18:a7:52:97:a1:a1:81:f9:1b:01:4c:c6:
                    45:02:dd:8e:bc:4e:bf:75:c1:10:09:9b:00:0c:41:
                    52:0d:e5:ec:08:33:c1:5e:fe:70:da:3c:2d:5a:ae:
                    2f:2c:7b:b3:ce:5c:76:d3:90:56:65:81:c8:aa:51:
                    4e:07:16:38:78:8e:b8:53:0c:7d:c1:09:ca:61:1f:
                    e2:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:EE:71:26:FD:9D:8B:04:BD:A4:4C:18:8A:1E:E7:E3:D1:79:92:70
            X509v3 Authority Key Identifier:
                keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/V-5xJv2diwS9pEwYih7n49F5knA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.151.150.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:90:ed:17:65:77:60:a3:80:3a:43:6c:38:24:dd:30:2a:16:
         25:f3:8f:50:8b:0e:0e:c5:16:4f:ed:d0:2e:b7:d5:d2:07:ea:
         a1:e1:0f:52:c8:4a:c7:66:58:d4:47:cb:bd:ca:e7:0b:69:0f:
         19:db:f3:64:60:49:84:83:88:9d:ea:27:55:cf:74:b0:c2:8c:
         4e:28:e3:bd:15:17:9d:5f:59:47:e7:e6:06:31:da:3d:d0:90:
         e5:32:3b:90:aa:94:b2:af:c2:19:e9:23:66:37:fc:57:a0:92:
         97:62:cf:25:e8:38:fb:84:9a:86:f7:a2:06:0c:fd:f0:a3:2a:
         51:d5:eb:c5:70:f8:7c:1b:53:40:f6:bd:b4:f0:be:d3:07:8b:
         2c:58:4f:28:c9:aa:52:f5:1e:60:c3:80:bf:41:de:94:8c:9a:
         87:1a:31:e0:45:60:fd:bd:34:f1:e4:53:7e:1f:d7:34:3e:27:
         c4:3f:2c:16:59:ba:0b:5c:07:a5:89:18:0c:84:05:4d:bd:da:
         76:f0:8c:2d:f6:1d:fd:d9:db:cc:41:20:03:82:2b:e7:8f:88:
         60:11:8e:66:ad:55:b4:72:da:79:ed:a2:f0:f8:a0:41:7b:2a:
         3c:59:b0:0a:76:f3:13:58:5a:21:62:2f:b0:f7:6b:3c:47:7b:
         fa:19:29:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM2HKVqmYVW6LOJmVnqUvt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjIwOTEzMDkwOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2VlNzEyNmZkOWQ4YjA0YmRhNDRjMTg4YTFlZTdlM2QxNzk5MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgLEgRMBT4qoW6p45al3BSfyeBNG
noykXeBBDJqvsVGyRB1km0j45xx7OvkMXDO8IvT3bOZj3MWUfe6d6ZBHVEjzU7E2
CnVBCEXyVPvEpVfn4opawmdJM3iwhC2jFoAFgRqywcDJqL6VwIQgxPKRUwyH0/Mb
V77y0aJwGGVgQM3CFeqWcWJeIFXfYEG92nv9EnZGvjoRTLrWzj9B0LmuJQmPDyRY
CeXQrKZNLY4Zg+yjBwrrwekYp1KXoaGB+RsBTMZFAt2OvE6/dcEQCZsADEFSDeXs
CDPBXv5w2jwtWq4vLHuzzlx205BWZYHIqlFOBxY4eI64Uwx9wQnKYR/i2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFfucSb9nYsEvaRMGIoe5+PReZJwMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvVi01eEp2MmRpd1M5cEV3WWloN240OUY1a25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLpeWMA0G
CSqGSIb3DQEBCwUAA4IBAQAokO0XZXdgo4A6Q2w4JN0wKhYl849Qiw4OxRZP7dAu
t9XSB+qh4Q9SyErHZljUR8u9yucLaQ8Z2/NkYEmEg4id6idVz3SwwoxOKOO9FRed
X1lH5+YGMdo90JDlMjuQqpSyr8IZ6SNmN/xXoJKXYs8l6Dj7hJqG96IGDP3woypR
1evFcPh8G1NA9r208L7TB4ssWE8oyapS9R5gw4C/Qd6UjJqHGjHgRWD9vTTx5FN+
H9c0PifEPywWWboLXAeliRgMhAVNvdp28Iwt9h392dvMQSADgivnj4hgEY5mrVW0
ctp57aLw+KBBeyo8WbAKdvMTWFohYi+w92s8R3v6GSkM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:53 2024 by rpki-client on console-ams.rpki-client.org