Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/jh3B80INKnhJ5RRKyxfmuKTfaiQ.roa
File:                     jh3B80INKnhJ5RRKyxfmuKTfaiQ.roa (raw, json)
Hash identifier:          BOiFGXNUbTpriOlw0ahVv2qrAM+KmleyQmekIpP5cvw=
Subject key identifier:   8E:1D:C1:F3:42:0D:2A:78:49:E5:14:4A:CB:17:E6:B8:A4:DF:6A:24
Certificate issuer:       /CN=36900183cf08a6e5bc807846294a46062e190e3b
Certificate serial:       37FD40
Authority key identifier: 36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/jh3B80INKnhJ5RRKyxfmuKTfaiQ.roa
Signing time:             Sat 01 Jan 2022 00:55:42 +0000
ROA not before:           Sat 01 Jan 2022 00:55:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     138195
IP address blocks:        45.11.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3669312 (0x37fd40)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36900183cf08a6e5bc807846294a46062e190e3b
        Validity
            Not Before: Jan  1 00:55:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8e1dc1f3420d2a7849e5144acb17e6b8a4df6a24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:69:9d:ba:98:8f:bc:84:9f:1f:25:df:ae:51:
                    7f:72:b0:ed:9d:23:ac:a8:b2:cc:3f:3c:71:0b:0e:
                    5a:ee:ce:f9:68:80:90:fc:d8:09:89:e1:7c:81:e1:
                    8b:13:be:9a:fb:11:17:4b:bd:f8:ba:c8:52:71:06:
                    8c:ef:71:61:55:9c:33:52:5a:f0:a0:95:ad:c1:8b:
                    cf:01:62:db:11:13:ed:44:51:09:2c:89:2b:44:0d:
                    56:46:8f:0f:9d:56:bb:66:28:06:0e:e8:69:18:f0:
                    fb:2a:28:0e:4e:91:f7:d4:8a:34:f2:a9:1c:5a:1c:
                    d0:e6:76:05:fa:ce:73:4b:b6:7d:81:c0:84:e3:25:
                    33:a1:be:aa:c8:28:2f:98:36:08:ce:c2:7f:01:8e:
                    22:1f:00:2b:9f:ef:aa:97:2e:a6:e1:cb:d9:05:3f:
                    5d:eb:84:cd:99:90:d8:4a:2f:95:96:ef:9c:a0:53:
                    2f:fd:c2:e4:3f:17:13:9b:7e:30:bd:03:0b:0f:17:
                    da:af:06:ce:71:fe:5f:47:62:36:e3:21:dc:6a:ad:
                    f5:a9:70:73:e9:a4:d3:61:f7:32:7b:a5:19:ba:83:
                    75:d4:13:c4:95:d3:43:4d:f7:ce:6e:88:e5:cb:e7:
                    02:dc:46:64:64:e4:33:cf:f8:70:80:75:57:19:67:
                    75:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:1D:C1:F3:42:0D:2A:78:49:E5:14:4A:CB:17:E6:B8:A4:DF:6A:24
            X509v3 Authority Key Identifier:
                keyid:36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/jh3B80INKnhJ5RRKyxfmuKTfaiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/NpABg88IpuW8gHhGKUpGBi4ZDjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d3:22:55:4c:f8:b7:88:3f:1a:e3:5f:1b:06:0a:cb:09:69:8f:
         99:c3:cc:20:22:09:37:d4:03:0f:32:2f:bf:47:98:30:6e:92:
         fb:d0:2c:77:a1:68:31:d5:cd:e9:af:fe:97:ea:ce:55:a6:d8:
         c0:9a:a3:9e:e8:02:ef:3e:2c:d5:32:61:c8:6b:c0:a6:07:6e:
         7f:45:10:bb:fa:a8:70:dd:19:92:eb:02:84:03:54:42:41:6e:
         6b:5e:4a:2c:35:71:12:10:55:cc:10:c4:aa:d8:02:56:8f:0c:
         67:b7:d3:ab:9b:d8:85:53:8c:4e:01:31:ed:ae:49:32:81:d7:
         c6:84:95:e5:4c:e0:95:ce:97:95:9a:db:68:cf:e1:8f:9a:99:
         32:6c:23:ae:3d:1f:25:a4:a0:41:9b:0b:ee:bb:33:ec:80:8c:
         f3:13:fd:a6:24:f2:da:6b:0c:64:f7:11:df:9b:22:cf:7e:2b:
         8b:c3:88:8a:0e:63:02:89:44:7e:75:de:b5:ba:23:f5:dd:bf:
         08:8f:db:70:3d:12:1a:80:05:f9:5e:d3:e3:cd:af:0e:78:3a:
         e4:18:a3:3a:b2:82:f5:84:e5:7c:b3:12:f1:5b:17:9e:a9:d1:
         f4:9a:0e:b1:ea:5a:bd:3f:50:23:ce:76:ea:01:03:a4:2f:18:
         db:15:7b:b9
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDN/1AMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM2
OTAwMTgzY2YwOGE2ZTViYzgwNzg0NjI5NGE0NjA2MmUxOTBlM2IwHhcNMjIwMTAx
MDA1NTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4ZTFkYzFmMzQyMGQy
YTc4NDllNTE0NGFjYjE3ZTZiOGE0ZGY2YTI0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAommdupiPvISfHyXfrlF/crDtnSOsqLLMPzxxCw5a7s75aICQ
/NgJieF8geGLE76a+xEXS734ushScQaM73FhVZwzUlrwoJWtwYvPAWLbERPtRFEJ
LIkrRA1WRo8PnVa7ZigGDuhpGPD7KigOTpH31Io08qkcWhzQ5nYF+s5zS7Z9gcCE
4yUzob6qyCgvmDYIzsJ/AY4iHwArn++qly6m4cvZBT9d64TNmZDYSi+Vlu+coFMv
/cLkPxcTm34wvQMLDxfarwbOcf5fR2I24yHcaq31qXBz6aTTYfcye6UZuoN11BPE
ldNDTffObojly+cC3EZkZOQzz/hwgHVXGWd1TwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFI4dwfNCDSp4SeUUSssX5rik32okMB8GA1UdIwQYMBaAFDaQAYPPCKblvIB4
RilKRgYuGQ47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TnBBQmc4OElwdVc4Z0hoR0tVcEdCaTRaRGpzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xMC81YTMyYmMtMDgzNi00N2VjLWI1YjMtMmY1YjZhODNmYWYzLzEv
amgzQjgwSU5LbmhKNVJSS3l4Zm11S1RmYWlRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81
YTMyYmMtMDgzNi00N2VjLWI1YjMtMmY1YjZhODNmYWYzLzEvTnBBQmc4OElwdVc4
Z0hoR0tVcEdCaTRaRGpzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu4MA0GCSqGSIb3DQEBCwUAA4IB
AQDTIlVM+LeIPxrjXxsGCssJaY+Zw8wgIgk31AMPMi+/R5gwbpL70Cx3oWgx1c3p
r/6X6s5VptjAmqOe6ALvPizVMmHIa8CmB25/RRC7+qhw3RmS6wKEA1RCQW5rXkos
NXESEFXMEMSq2AJWjwxnt9Orm9iFU4xOATHtrkkygdfGhJXlTOCVzpeVmttoz+GP
mpkybCOuPR8lpKBBmwvuuzPsgIzzE/2mJPLaawxk9xHfmyLPfiuLw4iKDmMCiUR+
dd61uiP13b8Ij9twPRIagAX5XtPjza8OeDrkGKM6soL1hOV8sxLxWxeeqdH0mg6x
6lq9P1AjznbqAQOkLxjbFXu5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:52 2024 by rpki-client on console-ams.rpki-client.org