Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9ff645-e0f1-4b18-980f-eda59bc9ca2c/1/wJBi2fvr4lcRAAeiPNe_KI5eYXo.roa
File:                     wJBi2fvr4lcRAAeiPNe_KI5eYXo.roa (raw, json)
Hash identifier:          YFvg7LXds5EE2iXwk3P9e5muP02QLMPYLqBeooJEar8=
Subject key identifier:   C0:90:62:D9:FB:EB:E2:57:11:00:07:A2:3C:D7:BF:28:8E:5E:61:7A
Certificate issuer:       /CN=b62fccda29be666deef8ec62d6bc1e6cd067c35f
Certificate serial:       0174037B
Authority key identifier: B6:2F:CC:DA:29:BE:66:6D:EE:F8:EC:62:D6:BC:1E:6C:D0:67:C3:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ti_M2im-Zm3u-Oxi1rwebNBnw18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/9ff645-e0f1-4b18-980f-eda59bc9ca2c/1/wJBi2fvr4lcRAAeiPNe_KI5eYXo.roa
Signing time:             Sat 01 Jan 2022 05:57:10 +0000
ROA not before:           Sat 01 Jan 2022 05:57:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208343
IP address blocks:        45.144.32.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24380283 (0x174037b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b62fccda29be666deef8ec62d6bc1e6cd067c35f
        Validity
            Not Before: Jan  1 05:57:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c09062d9fbebe257110007a23cd7bf288e5e617a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d9:8f:62:91:6b:ac:54:a9:0b:9d:36:57:0a:
                    25:23:71:b7:29:93:4c:cc:45:28:5e:84:d8:20:a8:
                    0c:ad:67:95:cc:03:c7:04:ad:45:24:40:0c:85:8d:
                    ac:ee:d1:14:1c:0f:5a:0a:40:49:eb:b2:6a:11:86:
                    9a:5f:5f:d9:91:19:44:48:87:16:50:c4:d9:7a:a3:
                    2d:44:7f:6c:ce:be:81:70:4d:1f:8c:ed:79:c7:0f:
                    10:34:d8:94:7e:19:8a:0c:03:75:9a:5b:16:c7:72:
                    7b:39:a7:c8:c5:f5:43:8f:11:4c:f8:50:18:0b:9d:
                    f2:39:2e:86:8b:35:6f:b8:c9:9e:32:18:d9:42:a3:
                    fa:cd:f8:2b:33:63:e4:e6:ec:ba:60:59:0c:a4:5a:
                    90:52:35:34:02:51:18:d3:09:5d:04:6d:ca:14:d3:
                    de:fd:24:b4:8d:91:a0:3d:f9:b3:f5:45:2d:ca:f7:
                    6f:b0:45:51:41:24:39:64:b2:1a:5d:f6:74:35:2f:
                    30:09:67:66:03:c7:ca:07:2d:7e:ff:6f:d1:f1:cb:
                    95:15:ab:9a:e1:e4:ff:3f:fa:c3:e0:b7:14:80:68:
                    0d:d3:bd:29:8c:f2:0c:04:46:5d:f7:5c:02:7a:2b:
                    3c:70:3c:15:b6:56:1e:8b:11:96:9c:ea:86:17:02:
                    69:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:90:62:D9:FB:EB:E2:57:11:00:07:A2:3C:D7:BF:28:8E:5E:61:7A
            X509v3 Authority Key Identifier:
                keyid:B6:2F:CC:DA:29:BE:66:6D:EE:F8:EC:62:D6:BC:1E:6C:D0:67:C3:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti_M2im-Zm3u-Oxi1rwebNBnw18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9ff645-e0f1-4b18-980f-eda59bc9ca2c/1/wJBi2fvr4lcRAAeiPNe_KI5eYXo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9ff645-e0f1-4b18-980f-eda59bc9ca2c/1/ti_M2im-Zm3u-Oxi1rwebNBnw18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7a:82:c0:6e:75:5e:38:cb:a3:47:f9:dc:3d:ea:7e:3f:0b:ed:
         ad:42:05:85:a8:90:59:16:99:ef:c1:65:bc:ad:e3:f6:31:a2:
         ba:ff:cf:a5:6f:7e:ea:27:3b:92:91:aa:15:6b:1f:28:1d:69:
         56:a7:b3:2d:04:f3:e7:20:09:66:64:0a:d1:44:c2:b0:d8:db:
         4e:5b:35:35:60:c7:ca:80:9b:43:bb:3d:18:20:5e:59:ce:07:
         d7:0f:83:a8:fb:8b:a9:8b:82:d1:de:39:f6:84:74:22:ff:05:
         5b:b5:50:03:07:71:d7:a1:f9:40:83:db:a0:0e:79:32:87:bc:
         36:a2:de:bc:2f:9d:a3:b4:23:a1:20:94:0e:78:dd:6a:32:5b:
         96:b1:a0:8f:59:09:7d:a3:c5:22:a9:0d:25:4f:95:9d:e7:d1:
         ee:ea:2f:1f:2c:c7:af:0e:c5:b5:a7:6a:00:e7:ee:8d:fd:d6:
         85:af:34:1a:e5:f3:09:15:12:12:88:5e:8d:8e:6d:dd:08:44:
         b6:b9:6a:d3:c2:d2:d5:02:11:ed:ca:dd:f8:c7:ea:98:6d:3b:
         41:c2:53:82:27:7c:02:1a:4c:0f:4b:14:a1:0c:e6:4e:8c:33:
         3c:0d:0e:18:ec:84:71:a3:a1:dc:5b:51:f3:4e:dd:d2:4a:d1:
         dd:2e:58:88
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXQDezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjJmY2NkYTI5YmU2NjZkZWVmOGVjNjJkNmJjMWU2Y2QwNjdjMzVmMB4XDTIyMDEw
MTA1NTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzA5MDYyZDlmYmVi
ZTI1NzExMDAwN2EyM2NkN2JmMjg4ZTVlNjE3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvZj2KRa6xUqQudNlcKJSNxtymTTMxFKF6E2CCoDK1nlcwD
xwStRSRADIWNrO7RFBwPWgpASeuyahGGml9f2ZEZREiHFlDE2XqjLUR/bM6+gXBN
H4zteccPEDTYlH4ZigwDdZpbFsdyezmnyMX1Q48RTPhQGAud8jkuhos1b7jJnjIY
2UKj+s34KzNj5ObsumBZDKRakFI1NAJRGNMJXQRtyhTT3v0ktI2RoD35s/VFLcr3
b7BFUUEkOWSyGl32dDUvMAlnZgPHygctfv9v0fHLlRWrmuHk/z/6w+C3FIBoDdO9
KYzyDARGXfdcAnorPHA8FbZWHosRlpzqhhcCacsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTAkGLZ++viVxEAB6I8178ojl5hejAfBgNVHSMEGDAWgBS2L8zaKb5mbe74
7GLWvB5s0GfDXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RpX00yaW0tWm0zdS1PeGkxcndlYk5CbncxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOWZmNjQ1LWUwZjEtNGIxOC05ODBmLWVkYTU5YmM5Y2EyYy8x
L3dKQmkyZnZyNGxjUkFBZWlQTmVfS0k1ZVlYby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OWZmNjQ1LWUwZjEtNGIxOC05ODBmLWVkYTU5YmM5Y2EyYy8xL3RpX00yaW0tWm0z
dS1PeGkxcndlYk5CbncxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2QIDANBgkqhkiG9w0BAQsFAAOC
AQEAeoLAbnVeOMujR/ncPep+PwvtrUIFhaiQWRaZ78FlvK3j9jGiuv/PpW9+6ic7
kpGqFWsfKB1pVqezLQTz5yAJZmQK0UTCsNjbTls1NWDHyoCbQ7s9GCBeWc4H1w+D
qPuLqYuC0d459oR0Iv8FW7VQAwdx16H5QIPboA55Moe8NqLevC+do7QjoSCUDnjd
ajJblrGgj1kJfaPFIqkNJU+VnefR7uovHyzHrw7FtadqAOfujf3Wha80GuXzCRUS
EohejY5t3QhEtrlq08LS1QIR7crd+MfqmG07QcJTgid8AhpMD0sUoQzmTowzPA0O
GOyEcaOh3FtR807d0krR3S5YiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:23 2024 by rpki-client on console-fra.rpki-client.org