Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/9nxTPooTuHvhGwrT8Y5MZXVtDIY.roa
File:                     9nxTPooTuHvhGwrT8Y5MZXVtDIY.roa (raw, json)
Hash identifier:          r6DBY26kSy5ODb1kVXpgPL2aojYYRcGQRhwo9E8fnYQ=
Subject key identifier:   F6:7C:53:3E:8A:13:B8:7B:E1:1B:0A:D3:F1:8E:4C:65:75:6D:0C:86
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       09505E84
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/9nxTPooTuHvhGwrT8Y5MZXVtDIY.roa
Signing time:             Sat 01 Jan 2022 06:00:41 +0000
ROA not before:           Sat 01 Jan 2022 06:00:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     395681
IP address blocks:        45.135.149.0/24 maxlen: 24
                          45.137.202.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 156262020 (0x9505e84)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 06:00:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f67c533e8a13b87be11b0ad3f18e4c65756d0c86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:83:14:1b:43:19:24:04:42:81:67:5c:4b:82:
                    f9:3c:46:10:40:16:14:e6:b2:9e:1e:c9:ee:54:33:
                    a1:fd:b7:90:92:e1:26:9a:4e:6d:c9:40:45:0a:ed:
                    99:ab:c1:6c:98:a6:89:45:6f:6c:b5:a7:c0:6a:45:
                    a4:e6:78:ea:18:6c:2a:82:29:e8:99:f7:ae:31:cf:
                    38:43:0d:0a:d6:b3:18:10:4c:34:a9:53:81:d9:af:
                    b6:b4:12:1f:0c:08:e6:6b:48:60:1e:37:3e:ee:72:
                    f4:76:55:93:57:55:aa:f4:96:6a:d2:ea:98:ac:73:
                    4c:0f:d9:4c:22:f2:e2:94:1d:5a:71:e5:ac:23:ca:
                    e0:52:87:5d:81:e4:a3:e7:6e:fb:ad:13:79:c9:d7:
                    8a:45:f3:b2:b9:51:20:fb:58:70:e2:5c:2e:48:b9:
                    20:21:9d:f3:ce:3a:0f:6f:ed:2c:88:11:c3:2e:cd:
                    8b:8f:56:73:e8:0d:5f:66:cf:3d:4a:9c:c7:19:43:
                    f4:d3:7d:78:61:e8:a5:17:ef:14:b7:6b:e5:13:15:
                    85:46:3a:cf:8e:85:01:1b:f6:dd:9a:fc:d3:1a:1d:
                    8e:b5:8b:9a:d3:9f:c0:ab:95:f8:a3:53:ce:4c:70:
                    79:06:e8:d8:47:23:f5:9d:27:56:a5:87:a7:c2:b1:
                    33:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:7C:53:3E:8A:13:B8:7B:E1:1B:0A:D3:F1:8E:4C:65:75:6D:0C:86
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/9nxTPooTuHvhGwrT8Y5MZXVtDIY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.135.149.0/24
                  45.137.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:f4:67:67:37:e3:da:94:a4:6a:11:d7:00:71:f0:fa:44:5a:
         c2:61:8e:57:2e:92:9f:b8:4e:2f:c9:5b:7a:6b:de:ab:16:1d:
         cb:35:45:77:71:05:f3:42:04:ff:2e:bd:70:ea:b1:76:ed:06:
         b3:22:4a:6b:be:5a:e7:74:84:69:30:b3:f5:57:29:08:69:0c:
         f9:0e:71:3f:14:af:35:85:34:e7:1a:63:1a:fb:85:6b:ba:d4:
         cc:e4:3a:d4:23:00:1b:e2:8c:50:5b:9e:03:0b:4a:68:64:56:
         d2:e4:ef:9e:bb:f2:8e:1e:12:7b:f9:84:a6:d7:18:dc:99:c0:
         f9:58:b8:22:67:d0:5f:d3:84:a7:50:49:1a:ca:2f:0a:06:64:
         33:84:77:c2:ee:52:87:55:d3:5b:e9:fd:b5:b4:c9:93:b7:eb:
         3c:eb:d5:fc:10:e3:8d:41:37:2e:3c:db:f6:85:01:ea:71:63:
         71:0a:eb:2e:3b:0e:af:e3:60:8c:b3:2a:38:a2:eb:c5:e3:dd:
         e0:83:01:58:21:0b:a3:a9:45:28:7c:72:54:ed:13:26:e1:df:
         cf:d4:b0:4b:03:67:2a:dd:d9:e2:50:80:ca:3d:0e:23:eb:f6:
         a7:ab:2b:e3:9b:fc:00:36:ce:1d:6f:14:25:a9:9f:b7:d6:16:
         54:d4:f7:3f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECVBehDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjA0MTViZmM0M2IzOGU5Y2ZkMWExMjk5NTIwMmU4NzYzNzUyZmRlMB4XDTIyMDEw
MTA2MDA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjY3YzUzM2U4YTEz
Yjg3YmUxMWIwYWQzZjE4ZTRjNjU3NTZkMGM4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOiDFBtDGSQEQoFnXEuC+TxGEEAWFOaynh7J7lQzof23kJLh
JppObclARQrtmavBbJimiUVvbLWnwGpFpOZ46hhsKoIp6Jn3rjHPOEMNCtazGBBM
NKlTgdmvtrQSHwwI5mtIYB43Pu5y9HZVk1dVqvSWatLqmKxzTA/ZTCLy4pQdWnHl
rCPK4FKHXYHko+du+60TecnXikXzsrlRIPtYcOJcLki5ICGd8846D2/tLIgRwy7N
i49Wc+gNX2bPPUqcxxlD9NN9eGHopRfvFLdr5RMVhUY6z46FARv23Zr80xodjrWL
mtOfwKuV+KNTzkxweQbo2Ecj9Z0nVqWHp8KxMysCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT2fFM+ihO4e+EbCtPxjkxldW0MhjAfBgNVHSMEGDAWgBQbBBW/xDs46c/R
oSmVIC6HY3Uv3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8x
LzlueFRQb29UdUh2aEd3clQ4WTVNWlhWdERJWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8xL0d3UVZ2OFE3T09u
UDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2HlQMEAC2JyjANBgkqhkiG9w0B
AQsFAAOCAQEAQPRnZzfj2pSkahHXAHHw+kRawmGOVy6Sn7hOL8lbemveqxYdyzVF
d3EF80IE/y69cOqxdu0GsyJKa75a53SEaTCz9VcpCGkM+Q5xPxSvNYU05xpjGvuF
a7rUzOQ61CMAG+KMUFueAwtKaGRW0uTvnrvyjh4Se/mEptcY3JnA+Vi4ImfQX9OE
p1BJGsovCgZkM4R3wu5Sh1XTW+n9tbTJk7frPOvV/BDjjUE3Ljzb9oUB6nFjcQrr
LjsOr+NgjLMqOKLrxePd4IMBWCELo6lFKHxyVO0TJuHfz9SwSwNnKt3Z4lCAyj0O
I+v2p6sr45v8ADbOHW8UJamft9YWVNT3Pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org