Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/Li3T8m2mdFZIPXIwjOThAC-orSw.roa
File:                     Li3T8m2mdFZIPXIwjOThAC-orSw.roa (raw, json)
Hash identifier:          Nvhk0Yh75h9DDIoHzuXXXyFE4f7Wo08xtKjz5gaVWhg=
Subject key identifier:   2E:2D:D3:F2:6D:A6:74:56:48:3D:72:30:8C:E4:E1:00:2F:A8:AD:2C
Certificate issuer:       /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial:       018564D9EBE373CCAD7EFEF581221FD7A8CA
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/Li3T8m2mdFZIPXIwjOThAC-orSw.roa
Signing time:             Fri 30 Dec 2022 21:04:41 +0000
ROA not before:           Fri 30 Dec 2022 21:04:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34549
IP address blocks:        45.158.226.0/24 maxlen: 24
                          45.158.225.0/24 maxlen: 24
                          45.158.224.0/22 maxlen: 22
                          45.158.224.0/24 maxlen: 24
                          45.158.227.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:64:d9:eb:e3:73:cc:ad:7e:fe:f5:81:22:1f:d7:a8:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
        Validity
            Not Before: Dec 30 21:04:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2e2dd3f26da67456483d72308ce4e1002fa8ad2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:86:79:51:46:1a:f0:a5:5b:4b:ac:41:29:d2:
                    3b:b6:65:bd:14:46:54:5f:e6:1c:83:ec:a8:37:25:
                    37:7f:5d:05:6b:d3:9c:c8:f5:14:e7:2c:95:15:c9:
                    ca:a6:f8:b8:f2:aa:dc:08:a9:7f:16:bf:cc:d4:79:
                    69:55:dc:a2:e3:c3:b5:45:2c:28:00:8c:d0:9c:59:
                    94:ae:a5:ef:8d:51:c4:be:51:a8:5c:b2:f6:d4:15:
                    8e:14:69:0b:e9:c8:30:b0:80:1f:28:e9:65:be:b8:
                    1e:03:8c:3c:b6:f1:06:44:e9:41:1d:5d:d2:79:4c:
                    e9:85:18:cf:57:4c:a6:2a:ad:17:38:52:2d:58:b0:
                    22:10:85:f1:84:49:be:0e:33:3b:ac:98:c2:32:c8:
                    73:d0:ea:06:81:15:42:d2:d0:71:57:f6:91:bb:20:
                    4f:7f:d1:9b:a1:78:69:0d:85:87:63:9c:65:4b:54:
                    2b:a0:64:4d:47:89:bf:81:54:be:5e:ac:af:94:58:
                    c4:93:43:c1:e2:02:fb:7a:83:6d:9b:12:ba:44:d5:
                    55:34:ac:06:d9:42:61:c6:b6:f1:70:bd:88:02:3e:
                    4e:bc:2f:65:77:ca:b4:1d:e0:2a:d5:e3:66:6d:0c:
                    43:67:07:b6:aa:46:a4:2b:b9:8d:a5:4b:98:3d:86:
                    71:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:2D:D3:F2:6D:A6:74:56:48:3D:72:30:8C:E4:E1:00:2F:A8:AD:2C
            X509v3 Authority Key Identifier:
                keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/Li3T8m2mdFZIPXIwjOThAC-orSw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:1d:9a:c8:c8:2a:3e:08:8c:d8:8b:cd:c0:7e:cc:23:cc:83:
         82:9c:88:3b:5e:97:21:82:ec:09:f1:13:71:d5:70:bf:39:66:
         2f:f5:07:6c:e4:1c:cb:2a:0b:53:d1:08:20:e4:b3:23:9d:da:
         fb:5d:f3:c2:e9:97:05:26:8b:2a:6a:8d:31:3c:09:aa:d2:13:
         c3:a1:9d:a5:ff:e6:ec:c4:1f:90:20:32:e5:a9:6a:7f:b6:b1:
         e2:12:bc:4b:6d:d2:8d:97:21:f8:b0:b6:55:49:06:a2:27:01:
         d3:34:8d:22:53:6d:26:1a:c0:7d:dd:4b:c2:a4:2e:3a:35:06:
         1b:b5:e5:3a:a2:52:46:3a:ef:ae:fe:16:7d:1d:21:47:18:b4:
         14:53:99:94:f1:39:98:a0:fb:97:c8:25:d5:5b:84:09:51:ed:
         a6:80:25:3f:6c:09:39:ec:8c:46:03:9f:d9:ec:72:3e:e5:ac:
         65:16:75:4f:fe:6c:9f:d0:ef:7d:e2:58:70:3e:cc:32:b6:b0:
         5a:6e:28:8e:72:02:c9:f5:f5:aa:90:80:de:3b:4f:92:4a:7a:
         93:dc:85:eb:fc:a4:46:ec:15:14:a4:71:56:61:a8:72:c6:3b:
         38:8c:6f:dc:fe:0c:3d:9d:dd:05:76:53:cb:f4:00:75:e7:ce:
         c2:7b:4e:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVk2evjc8ytfv71gSIf16jKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjIxMjMwMjEwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTJkZDNmMjZkYTY3NDU2NDgzZDcyMzA4Y2U0ZTEwMDJmYThhZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YZ5UUYa8KVbS6xBKdI7tmW9FEZU
X+Ycg+yoNyU3f10Fa9OcyPUU5yyVFcnKpvi48qrcCKl/Fr/M1HlpVdyi48O1RSwo
AIzQnFmUrqXvjVHEvlGoXLL21BWOFGkL6cgwsIAfKOllvrgeA4w8tvEGROlBHV3S
eUzphRjPV0ymKq0XOFItWLAiEIXxhEm+DjM7rJjCMshz0OoGgRVC0tBxV/aRuyBP
f9GboXhpDYWHY5xlS1QroGRNR4m/gVS+XqyvlFjEk0PB4gL7eoNtmxK6RNVVNKwG
2UJhxrbxcL2IAj5OvC9ld8q0HeAq1eNmbQxDZwe2qkakK7mNpUuYPYZxCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4t0/JtpnRWSD1yMIzk4QAvqK0sMB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvTGkzVDhtMm1kRlpJUFhJd2pPVGhBQy1vclN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ7gMA0G
CSqGSIb3DQEBCwUAA4IBAQCSHZrIyCo+CIzYi83AfswjzIOCnIg7XpchguwJ8RNx
1XC/OWYv9Qds5BzLKgtT0Qgg5LMjndr7XfPC6ZcFJosqao0xPAmq0hPDoZ2l/+bs
xB+QIDLlqWp/trHiErxLbdKNlyH4sLZVSQaiJwHTNI0iU20mGsB93UvCpC46NQYb
teU6olJGOu+u/hZ9HSFHGLQUU5mU8TmYoPuXyCXVW4QJUe2mgCU/bAk57IxGA5/Z
7HI+5axlFnVP/myf0O994lhwPswytrBabiiOcgLJ9fWqkIDeO0+SSnqT3IXr/KRG
7BUUpHFWYahyxjs4jG/c/gw9nd0FdlPL9AB1587Ce04b
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:27 2024 by rpki-client on console-ams.rpki-client.org