Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/DQzbdcsU4I-2JEzo9jrZyQCUDpw.roa
File:                     DQzbdcsU4I-2JEzo9jrZyQCUDpw.roa (raw, json)
Hash identifier:          JxrIh+RKoJVyQLOi+mPAWebE9NmxzMVSJCw6atITJ8c=
Subject key identifier:   0D:0C:DB:75:CB:14:E0:8F:B6:24:4C:E8:F6:3A:D9:C9:00:94:0E:9C
Certificate issuer:       /CN=f541d46893aaa164fe2673990d07aa6c071003c0
Certificate serial:       01820256A91338522FB329E246350E8661FF
Authority key identifier: F5:41:D4:68:93:AA:A1:64:FE:26:73:99:0D:07:AA:6C:07:10:03:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/DQzbdcsU4I-2JEzo9jrZyQCUDpw.roa
Signing time:             Fri 15 Jul 2022 14:50:09 +0000
ROA not before:           Fri 15 Jul 2022 14:50:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44084
IP address blocks:        217.115.16.0/20 maxlen: 24
                          45.67.124.0/23 maxlen: 24
                          45.67.126.0/24 maxlen: 24
                          2a09:6240::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:02:56:a9:13:38:52:2f:b3:29:e2:46:35:0e:86:61:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f541d46893aaa164fe2673990d07aa6c071003c0
        Validity
            Not Before: Jul 15 14:50:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0d0cdb75cb14e08fb6244ce8f63ad9c900940e9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e2:f8:83:d4:8b:ea:9d:b1:c1:cd:e2:77:38:
                    c3:a1:10:bc:94:87:58:11:ea:c2:2e:f2:1c:b0:f9:
                    4a:1c:80:d5:6b:28:df:8a:25:ff:5c:87:ac:f6:f3:
                    1f:76:4a:ea:da:28:6d:65:9e:29:54:bc:62:8d:4c:
                    50:8d:a1:02:36:40:d9:a4:84:65:7e:ec:8c:02:ae:
                    97:34:92:d0:76:a1:d9:35:d9:4c:cb:11:94:55:21:
                    a2:6f:26:04:ec:3c:5b:cb:6e:fd:66:ad:98:06:de:
                    c6:83:c1:5c:72:9c:24:29:ce:5f:ca:54:b5:c4:92:
                    51:ed:72:25:05:77:e0:05:ab:a6:5e:3d:d4:03:cb:
                    87:60:0a:57:70:da:3e:c2:c1:a5:aa:f7:c0:3f:1d:
                    6a:ce:1c:9c:71:36:c6:31:90:1e:a5:de:58:b8:0f:
                    e5:42:85:53:54:43:60:eb:cb:a1:08:42:cf:06:6b:
                    bf:fb:d9:f3:dd:a7:33:7e:52:36:02:8f:53:97:56:
                    eb:d2:cb:cd:30:4f:3f:ae:ec:c5:e4:d7:fc:ff:c2:
                    6e:7a:d5:fa:2b:a3:6e:e9:65:34:0c:6e:c0:13:01:
                    c7:79:94:9e:9c:38:53:e4:62:ad:33:6d:ea:2d:62:
                    91:cd:bd:4e:13:75:79:47:57:8b:85:ea:61:f7:85:
                    c6:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:0C:DB:75:CB:14:E0:8F:B6:24:4C:E8:F6:3A:D9:C9:00:94:0E:9C
            X509v3 Authority Key Identifier:
                keyid:F5:41:D4:68:93:AA:A1:64:FE:26:73:99:0D:07:AA:6C:07:10:03:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/DQzbdcsU4I-2JEzo9jrZyQCUDpw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/9UHUaJOqoWT-JnOZDQeqbAcQA8A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.124.0-45.67.126.255
                  217.115.16.0/20
                IPv6:
                  2a09:6240::/29

    Signature Algorithm: sha256WithRSAEncryption
         47:db:4f:81:1e:1f:8a:bf:ee:e3:f7:cc:c2:58:b5:60:61:d8:
         f4:ef:eb:60:b5:3f:cb:79:41:c2:e2:a3:04:d6:3b:d5:aa:1b:
         17:81:9c:78:05:14:92:2b:7e:1b:3d:c4:33:5d:b5:e6:1a:48:
         8b:ac:62:97:da:b6:fb:34:22:00:93:b7:0c:2d:c7:76:9f:45:
         20:73:f7:37:ca:9b:53:17:a7:b7:dd:46:2c:b9:d4:2a:23:e6:
         31:f1:93:8c:98:0e:55:65:61:be:bc:33:f7:62:4b:d5:2b:aa:
         03:f8:c6:f9:6d:e5:f6:14:e3:fd:b5:6a:e6:99:8f:bc:a7:fd:
         3a:5e:ba:67:6b:97:64:3c:3a:65:a0:f4:3b:68:05:b4:11:ae:
         92:f6:b7:d7:1c:70:20:5a:2a:1e:a2:2d:fa:d5:f4:26:c0:e2:
         3c:33:ea:cf:26:6e:48:e3:74:a1:8f:3d:88:fb:d0:41:9d:45:
         cc:8f:69:b8:d5:6a:5b:38:e4:d9:92:56:70:55:64:00:bd:56:
         24:40:33:b0:32:19:80:2e:07:00:51:f6:96:cf:99:22:ab:92:
         26:91:fb:25:de:8f:6f:be:e1:5c:bb:a5:3b:fa:1a:ca:0e:10:
         bc:7b:07:99:fb:0d:30:72:a8:ab:fa:75:45:a8:ec:24:1c:e1:
         08:6b:e8:ea
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYICVqkTOFIvsyniRjUOhmH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NDFkNDY4OTNhYWExNjRmZTI2NzM5OTBkMDdhYTZjMDcx
MDAzYzAwHhcNMjIwNzE1MTQ1MDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDBjZGI3NWNiMTRlMDhmYjYyNDRjZThmNjNhZDljOTAwOTQwZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+L4g9SL6p2xwc3idzjDoRC8lIdY
EerCLvIcsPlKHIDVayjfiiX/XIes9vMfdkrq2ihtZZ4pVLxijUxQjaECNkDZpIRl
fuyMAq6XNJLQdqHZNdlMyxGUVSGibyYE7Dxby279Zq2YBt7Gg8FccpwkKc5fylS1
xJJR7XIlBXfgBaumXj3UA8uHYApXcNo+wsGlqvfAPx1qzhyccTbGMZAepd5YuA/l
QoVTVENg68uhCELPBmu/+9nz3aczflI2Ao9Tl1br0svNME8/ruzF5Nf8/8JuetX6
K6Nu6WU0DG7AEwHHeZSenDhT5GKtM23qLWKRzb1OE3V5R1eLheph94XGLwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFA0M23XLFOCPtiRM6PY62ckAlA6cMB8GA1UdIwQY
MBaAFPVB1GiTqqFk/iZzmQ0HqmwHEAPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVVIVWFKT3FvV1QtSm5PWkRRZXFiQWNRQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yZTk1ZTctNTY0NC00NmYyLThmYTMt
Mzk4YzA0NTE4OWViLzEvRFF6YmRjc1U0SS0ySkV6bzlqclp5UUNVRHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yZTk1ZTctNTY0NC00NmYyLThmYTMtMzk4YzA0NTE4OWVi
LzEvOVVIVWFKT3FvV1QtSm5PWkRRZXFiQWNRQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAItQ3wD
BAAtQ34DBATZcxAwDQQCAAIwBwMFAyoJYkAwDQYJKoZIhvcNAQELBQADggEBAEfb
T4EeH4q/7uP3zMJYtWBh2PTv62C1P8t5QcLiowTWO9WqGxeBnHgFFJIrfhs9xDNd
teYaSIusYpfatvs0IgCTtwwtx3afRSBz9zfKm1MXp7fdRiy51Coj5jHxk4yYDlVl
Yb68M/diS9UrqgP4xvlt5fYU4/21auaZj7yn/Tpeumdrl2Q8OmWg9DtoBbQRrpL2
t9cccCBaKh6iLfrV9CbA4jwz6s8mbkjjdKGPPYj70EGdRcyPabjVals45NmSVnBV
ZAC9ViRAM7AyGYAuBwBR9pbPmSKrkiaR+yXej2++4Vy7pTv6GsoOELx7B5n7DTBy
qKv6dUWo7CQc4Qhr6Oo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:09 2024 by rpki-client on console-ams.rpki-client.org