Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/S-iHXqy_-18SPULgc0f0AKy0JTA.roa
File:                     S-iHXqy_-18SPULgc0f0AKy0JTA.roa (raw, json)
Hash identifier:          YhOP2xrafwm3VB4Ncu8j57jEJ1LorulA760+0bK37fM=
Subject key identifier:   4B:E8:87:5E:AC:BF:FB:5F:12:3D:42:E0:73:47:F4:00:AC:B4:25:30
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       09357F92
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/S-iHXqy_-18SPULgc0f0AKy0JTA.roa
Signing time:             Sat 01 Jan 2022 06:00:25 +0000
ROA not before:           Sat 01 Jan 2022 06:00:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30475
IP address blocks:        45.135.148.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 154501010 (0x9357f92)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 06:00:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4be8875eacbffb5f123d42e07347f400acb42530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:23:83:58:2f:81:e4:64:11:ca:33:f6:a7:29:
                    5b:b2:ba:d7:66:3f:89:25:48:27:db:45:c3:db:97:
                    44:61:4e:47:48:cd:a4:ef:b2:9c:c3:1f:4b:a0:c6:
                    03:64:cf:72:49:24:34:20:ad:70:3d:e9:97:93:8c:
                    b4:fc:82:77:ec:52:5d:db:aa:ac:27:c6:d5:54:7f:
                    6d:d7:da:83:c2:2a:48:69:59:7d:0c:5f:40:74:7a:
                    c1:35:f1:dd:ac:52:9a:92:68:52:ae:f7:62:84:7f:
                    0e:48:cf:e4:b7:98:08:8b:f6:ee:2a:b0:85:b3:cb:
                    16:b0:b4:8b:7b:6d:1d:db:46:48:dd:a4:43:fa:ef:
                    ff:78:ee:15:f2:1a:b2:6f:1d:44:7f:51:6b:f0:d4:
                    66:ec:58:ab:fa:4c:ba:c9:8f:07:a6:aa:e3:c9:91:
                    c4:88:c2:0b:24:22:f1:76:c0:5b:68:88:65:9f:3a:
                    78:35:f8:c1:05:b6:ad:28:d7:7a:b3:55:db:17:3b:
                    89:69:33:ca:0c:eb:dd:1f:d8:80:71:f1:55:f7:0c:
                    28:51:2e:2b:93:67:bb:e4:6a:aa:8f:81:5f:69:bd:
                    35:ab:ec:4d:6e:97:10:ee:ca:89:2a:d6:e7:b8:aa:
                    5a:40:8e:58:2c:2e:94:39:2a:74:30:4a:16:5e:02:
                    b2:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:E8:87:5E:AC:BF:FB:5F:12:3D:42:E0:73:47:F4:00:AC:B4:25:30
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/S-iHXqy_-18SPULgc0f0AKy0JTA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.135.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:7c:ea:f2:26:38:6c:5e:95:e4:c7:1c:26:0d:62:6d:e1:79:
         9e:01:e9:f4:bd:a5:5c:f2:da:6b:c1:de:86:06:50:4b:4d:2d:
         da:1b:f5:52:89:cb:46:dd:c5:98:21:6a:25:c8:9b:ec:ef:ce:
         af:f7:b7:5f:89:22:fe:bd:d2:a9:ab:d0:43:86:72:44:2a:bf:
         b7:1d:79:63:72:2d:3d:2a:9c:6e:cd:d3:0b:86:b1:c2:9d:a2:
         70:f6:af:25:63:40:3e:30:cd:7b:b7:6d:1d:4f:1d:c4:46:0b:
         0d:17:0e:13:15:7b:b7:32:d2:d0:e2:53:95:ca:de:1f:28:93:
         d5:9a:88:85:97:a0:7c:9f:9e:18:16:a9:8e:39:be:07:0e:e9:
         26:cd:64:8f:cf:40:ec:03:a2:af:2e:de:6a:45:e5:69:8b:86:
         96:69:c1:e5:02:57:86:2b:5d:30:02:8e:70:a7:6c:30:d4:96:
         6c:cf:14:71:af:14:99:82:7f:48:0e:e7:08:32:e3:d4:0a:08:
         b4:7a:67:b2:7f:19:a7:0f:02:a0:71:61:56:5b:ff:43:56:39:
         8c:ec:d5:be:08:f2:a2:10:8a:c1:23:1b:70:c6:f4:05:92:45:
         77:e5:17:e7:93:26:85:72:ba:d3:f9:5d:67:d4:8d:75:a5:fd:
         67:2a:90:ee
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECTV/kjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjA0MTViZmM0M2IzOGU5Y2ZkMWExMjk5NTIwMmU4NzYzNzUyZmRlMB4XDTIyMDEw
MTA2MDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJlODg3NWVhY2Jm
ZmI1ZjEyM2Q0MmUwNzM0N2Y0MDBhY2I0MjUzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO8jg1gvgeRkEcoz9qcpW7K612Y/iSVIJ9tFw9uXRGFOR0jN
pO+ynMMfS6DGA2TPckkkNCCtcD3pl5OMtPyCd+xSXduqrCfG1VR/bdfag8IqSGlZ
fQxfQHR6wTXx3axSmpJoUq73YoR/DkjP5LeYCIv27iqwhbPLFrC0i3ttHdtGSN2k
Q/rv/3juFfIasm8dRH9Ra/DUZuxYq/pMusmPB6aq48mRxIjCCyQi8XbAW2iIZZ86
eDX4wQW2rSjXerNV2xc7iWkzygzr3R/YgHHxVfcMKFEuK5Nnu+Rqqo+BX2m9Navs
TW6XEO7KiSrW57iqWkCOWCwulDkqdDBKFl4Csj0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRL6IderL/7XxI9QuBzR/QArLQlMDAfBgNVHSMEGDAWgBQbBBW/xDs46c/R
oSmVIC6HY3Uv3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8x
L1MtaUhYcXlfLTE4U1BVTGdjMGYwQUt5MEpUQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8xL0d3UVZ2OFE3T09u
UDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2HlDANBgkqhkiG9w0BAQsFAAOC
AQEAYHzq8iY4bF6V5MccJg1ibeF5ngHp9L2lXPLaa8HehgZQS00t2hv1UonLRt3F
mCFqJcib7O/Or/e3X4ki/r3SqavQQ4ZyRCq/tx15Y3ItPSqcbs3TC4axwp2icPav
JWNAPjDNe7dtHU8dxEYLDRcOExV7tzLS0OJTlcreHyiT1ZqIhZegfJ+eGBapjjm+
Bw7pJs1kj89A7AOiry7eakXlaYuGlmnB5QJXhitdMAKOcKdsMNSWbM8Uca8UmYJ/
SA7nCDLj1AoItHpnsn8Zpw8CoHFhVlv/Q1Y5jOzVvgjyohCKwSMbcMb0BZJFd+UX
55MmhXK60/ldZ9SNdaX9ZyqQ7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org