Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/FFSDurhVu6ku7y66Bf2pJvO-ZmE.roa
File:                     FFSDurhVu6ku7y66Bf2pJvO-ZmE.roa (raw, json)
Hash identifier:          GwjrBylURopCk0hhqbRGpaa7RxeJthyZ2QQghZlb/ag=
Subject key identifier:   14:54:83:BA:B8:55:BB:A9:2E:EF:2E:BA:05:FD:A9:26:F3:BE:66:61
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       09320E46
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/FFSDurhVu6ku7y66Bf2pJvO-ZmE.roa
Signing time:             Sat 01 Jan 2022 06:00:23 +0000
ROA not before:           Sat 01 Jan 2022 06:00:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        45.147.5.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 154275398 (0x9320e46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 06:00:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=145483bab855bba92eef2eba05fda926f3be6661
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:b9:38:66:9a:d3:34:b4:83:e1:d5:58:06:56:
                    a4:9e:6e:09:ec:22:cf:ac:83:96:9d:d7:f1:42:a4:
                    95:2c:b1:be:da:a9:45:b0:71:32:88:45:a3:e5:24:
                    ba:49:11:62:0e:a2:05:61:ea:18:e3:3f:ce:1e:c9:
                    5e:51:a8:37:3f:fb:ce:3c:4a:4f:9b:da:07:a7:77:
                    89:cf:76:b4:f7:9c:17:fa:4e:58:b8:e5:4b:78:ee:
                    9c:41:cc:c6:5d:83:f2:bc:0a:ce:26:d7:e5:e1:d4:
                    de:a1:cd:2d:51:53:d7:35:88:1b:a3:3d:cb:3b:d4:
                    3a:71:e8:a0:65:be:f2:b0:0f:d4:1d:c5:1c:5f:b7:
                    96:2a:6f:75:16:61:40:1c:83:44:04:bd:cb:c6:8c:
                    26:b7:72:39:49:0e:7e:f6:fe:74:0e:ab:57:6c:36:
                    e3:c0:84:87:a8:37:7f:45:07:0c:43:e8:e6:ad:0d:
                    e5:55:08:eb:fd:5a:a5:02:4c:c6:26:44:17:6c:62:
                    c5:71:bd:1b:6d:12:cd:17:1a:70:b2:66:51:55:04:
                    32:e1:fb:c7:46:7d:db:2b:ad:ae:cb:d2:2b:82:19:
                    86:ed:45:04:6f:82:da:79:2e:b0:04:f5:a5:24:11:
                    e3:5a:9c:e1:6d:77:d6:3d:45:1c:bc:c7:05:d6:8c:
                    0a:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:54:83:BA:B8:55:BB:A9:2E:EF:2E:BA:05:FD:A9:26:F3:BE:66:61
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/FFSDurhVu6ku7y66Bf2pJvO-ZmE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.147.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:c7:e4:0a:ce:64:55:45:f5:dc:64:6b:fe:8e:14:de:ba:b9:
         c6:5a:df:f2:69:d3:22:14:52:ee:8d:4f:e2:c3:f6:bf:96:dd:
         20:6e:f1:ad:df:3f:18:a7:5b:fd:69:3c:25:71:e1:e5:e7:14:
         0f:f2:2d:e9:e9:b9:ca:e5:03:6f:a7:42:d7:f5:b5:3c:e7:f3:
         c3:4e:f7:50:8d:6a:a2:c7:76:86:db:c6:b3:0a:9c:de:36:be:
         49:b6:dd:e5:c4:c5:b8:18:be:b2:55:a6:2f:8b:7c:1b:47:f2:
         8d:30:ba:71:97:c6:fb:fa:f3:15:f5:fc:75:94:57:e8:ff:ff:
         50:e9:ee:9d:73:78:b2:3b:b1:37:7a:e7:4f:b6:a3:b3:ce:51:
         a1:7d:92:da:aa:d7:88:24:d7:d4:fc:81:d7:9b:df:5d:63:18:
         b4:c2:4e:08:8a:38:32:19:fb:38:92:dd:2b:98:bf:a9:23:52:
         a3:5e:d1:90:e1:66:47:3a:82:67:f9:c1:15:3c:4c:cf:4a:ac:
         c6:fb:75:b5:e6:2d:2c:55:14:51:65:aa:05:4f:fd:73:d1:ae:
         b0:52:40:2e:ed:ec:29:4e:2e:9f:35:28:56:32:ce:27:b3:71:
         54:94:74:ad:75:84:7a:52:89:dd:06:6b:1a:8b:2c:31:1a:35:
         43:69:df:9a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECTIORjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjA0MTViZmM0M2IzOGU5Y2ZkMWExMjk5NTIwMmU4NzYzNzUyZmRlMB4XDTIyMDEw
MTA2MDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQ1NDgzYmFiODU1
YmJhOTJlZWYyZWJhMDVmZGE5MjZmM2JlNjY2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKu5OGaa0zS0g+HVWAZWpJ5uCewiz6yDlp3X8UKklSyxvtqp
RbBxMohFo+UkukkRYg6iBWHqGOM/zh7JXlGoNz/7zjxKT5vaB6d3ic92tPecF/pO
WLjlS3junEHMxl2D8rwKzibX5eHU3qHNLVFT1zWIG6M9yzvUOnHooGW+8rAP1B3F
HF+3lipvdRZhQByDRAS9y8aMJrdyOUkOfvb+dA6rV2w248CEh6g3f0UHDEPo5q0N
5VUI6/1apQJMxiZEF2xixXG9G20SzRcacLJmUVUEMuH7x0Z92yutrsvSK4IZhu1F
BG+C2nkusAT1pSQR41qc4W131j1FHLzHBdaMCgECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQUVIO6uFW7qS7vLroF/akm875mYTAfBgNVHSMEGDAWgBQbBBW/xDs46c/R
oSmVIC6HY3Uv3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8x
L0ZGU0R1cmhWdTZrdTd5NjZCZjJwSnZPLVptRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8xL0d3UVZ2OFE3T09u
UDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2TBTANBgkqhkiG9w0BAQsFAAOC
AQEAjcfkCs5kVUX13GRr/o4U3rq5xlrf8mnTIhRS7o1P4sP2v5bdIG7xrd8/GKdb
/Wk8JXHh5ecUD/It6em5yuUDb6dC1/W1POfzw073UI1qosd2htvGswqc3ja+Sbbd
5cTFuBi+slWmL4t8G0fyjTC6cZfG+/rzFfX8dZRX6P//UOnunXN4sjuxN3rnT7aj
s85RoX2S2qrXiCTX1PyB15vfXWMYtMJOCIo4Mhn7OJLdK5i/qSNSo17RkOFmRzqC
Z/nBFTxMz0qsxvt1teYtLFUUUWWqBU/9c9GusFJALu3sKU4unzUoVjLOJ7NxVJR0
rXWEelKJ3QZrGossMRo1Q2nfmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org