Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Qp8wK2_YdtVadD7GayQL97SR8yI.roa
File:                     Qp8wK2_YdtVadD7GayQL97SR8yI.roa (raw, json)
Hash identifier:          Lz+bftlx/+8HnldlXcSpTjS32g6cDqONAj6CzoprM6M=
Subject key identifier:   42:9F:30:2B:6F:D8:76:D5:5A:74:3E:C6:6B:24:0B:F7:B4:91:F3:22
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       0A045830
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Qp8wK2_YdtVadD7GayQL97SR8yI.roa
Signing time:             Tue 08 Mar 2022 16:25:55 +0000
ROA not before:           Tue 08 Mar 2022 16:25:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     46573
IP address blocks:        45.11.231.0/24 maxlen: 24
                          45.11.230.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 168056880 (0xa045830)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Mar  8 16:25:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=429f302b6fd876d55a743ec66b240bf7b491f322
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:56:55:87:37:51:e1:51:85:06:07:16:87:90:
                    ba:61:98:23:50:ff:1d:97:b1:35:09:06:7c:d7:e7:
                    80:a9:aa:59:e9:bd:5c:15:5f:79:e1:a9:69:2e:f3:
                    2c:09:6b:2b:6c:e5:78:c0:1d:57:ae:d8:11:c8:36:
                    f2:2b:73:27:d0:96:cc:aa:52:29:f7:92:71:e6:fb:
                    2b:14:de:80:f4:40:d5:d1:b3:aa:74:c0:c1:31:75:
                    c3:96:5a:af:e5:5c:af:03:bb:1a:81:f1:ea:ea:19:
                    5c:3c:50:d0:51:03:33:72:f8:7d:da:41:3c:b9:b1:
                    a5:45:33:b2:fe:db:c2:5d:db:bf:8f:95:37:d5:77:
                    11:f4:8d:74:40:a1:24:55:42:56:f0:97:4e:9d:bd:
                    08:2e:8e:ee:44:a8:8c:e3:45:7c:19:53:4d:d7:ae:
                    e6:cc:65:d4:1c:96:63:2a:a7:f9:fa:40:1f:e5:5f:
                    36:c7:15:a2:1e:9f:63:6c:b3:00:79:17:fc:b6:69:
                    04:c7:77:cd:55:21:fe:92:71:19:88:1e:3b:44:19:
                    9b:cb:14:26:c0:5a:ee:be:2b:98:2a:9b:43:b6:66:
                    31:f9:87:1c:50:44:66:fe:64:5a:71:c5:b6:c0:73:
                    93:52:36:7c:2b:69:98:32:58:75:76:16:72:18:68:
                    dd:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:9F:30:2B:6F:D8:76:D5:5A:74:3E:C6:6B:24:0B:F7:B4:91:F3:22
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Qp8wK2_YdtVadD7GayQL97SR8yI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:83:a0:33:98:39:5f:cf:0f:6f:b1:f5:7e:58:c9:3c:ff:6e:
         32:d5:28:d3:f3:e0:cb:86:aa:e7:20:d0:0f:df:6d:a5:77:35:
         29:8a:de:38:c2:96:7b:3b:e7:7e:75:86:dd:2b:92:3d:4e:7f:
         7d:b3:6b:3e:b4:10:e8:f4:fd:e9:15:97:3a:04:eb:1c:36:2e:
         eb:89:4b:a2:cc:6c:4b:3b:2c:a2:69:c5:9f:c7:a7:54:12:70:
         fe:e8:5f:03:80:3c:fe:8e:db:be:d1:75:be:8c:8b:ca:4a:d3:
         3d:0a:f4:bb:26:44:ef:57:f7:f3:07:f9:49:18:75:84:a7:cc:
         89:0c:f2:63:ad:83:74:ae:7d:d9:c7:6a:ef:fd:34:6b:44:e0:
         85:96:3e:f9:12:be:ca:ae:ef:49:16:e0:50:b9:aa:15:77:48:
         bf:91:95:b1:58:8d:43:e6:99:21:cb:8b:47:53:de:31:7a:e5:
         d3:2a:00:ad:98:d4:14:5c:f7:80:ec:5c:c4:4b:2e:40:6f:8a:
         6c:eb:29:8f:ba:bd:0b:50:e2:43:1a:7b:ea:4a:b0:a6:83:6f:
         e5:96:b1:69:c9:9b:a6:13:f6:e8:60:bc:b9:ec:d7:9b:a1:cd:
         cf:d6:c4:73:19:46:ac:39:e4:ef:34:78:3d:03:fa:2f:82:3e:
         50:2c:32:cc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECgRYMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjA0MTViZmM0M2IzOGU5Y2ZkMWExMjk5NTIwMmU4NzYzNzUyZmRlMB4XDTIyMDMw
ODE2MjU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI5ZjMwMmI2ZmQ4
NzZkNTVhNzQzZWM2NmIyNDBiZjdiNDkxZjMyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJWVYc3UeFRhQYHFoeQumGYI1D/HZexNQkGfNfngKmqWem9
XBVfeeGpaS7zLAlrK2zleMAdV67YEcg28itzJ9CWzKpSKfeSceb7KxTegPRA1dGz
qnTAwTF1w5Zar+VcrwO7GoHx6uoZXDxQ0FEDM3L4fdpBPLmxpUUzsv7bwl3bv4+V
N9V3EfSNdEChJFVCVvCXTp29CC6O7kSojONFfBlTTdeu5sxl1ByWYyqn+fpAH+Vf
NscVoh6fY2yzAHkX/LZpBMd3zVUh/pJxGYgeO0QZm8sUJsBa7r4rmCqbQ7ZmMfmH
HFBEZv5kWnHFtsBzk1I2fCtpmDJYdXYWchho3Q0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRCnzArb9h21Vp0PsZrJAv3tJHzIjAfBgNVHSMEGDAWgBQbBBW/xDs46c/R
oSmVIC6HY3Uv3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8x
L1FwOHdLMl9ZZHRWYWREN0dheVFMOTdTUjh5SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8xL0d3UVZ2OFE3T09u
UDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS0L5jANBgkqhkiG9w0BAQsFAAOC
AQEASYOgM5g5X88Pb7H1fljJPP9uMtUo0/Pgy4aq5yDQD99tpXc1KYreOMKWezvn
fnWG3SuSPU5/fbNrPrQQ6PT96RWXOgTrHDYu64lLosxsSzssomnFn8enVBJw/uhf
A4A8/o7bvtF1voyLykrTPQr0uyZE71f38wf5SRh1hKfMiQzyY62DdK592cdq7/00
a0TghZY++RK+yq7vSRbgULmqFXdIv5GVsViNQ+aZIcuLR1PeMXrl0yoArZjUFFz3
gOxcxEsuQG+KbOspj7q9C1DiQxp76kqwpoNv5ZaxacmbphP26GC8uezXm6HNz9bE
cxlGrDnk7zR4PQP6L4I+UCwyzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org