Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Z3yib5d3i9UyH54471pdnQQG7Jw.roa
File:                     Z3yib5d3i9UyH54471pdnQQG7Jw.roa (raw, json)
Hash identifier:          ujiEL4EJ9l9mS3D2FyPkkdyE35dGHG2ywiAJ72JUsLA=
Subject key identifier:   67:7C:A2:6F:97:77:8B:D5:32:1F:9E:38:EF:5A:5D:9D:04:06:EC:9C
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       018341D3161321B9B008F08CB9680ACF82B1
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Z3yib5d3i9UyH54471pdnQQG7Jw.roa
Signing time:             Thu 15 Sep 2022 15:44:56 +0000
ROA not before:           Thu 15 Sep 2022 15:44:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        45.86.153.0/24 maxlen: 24
                          45.13.226.0/24 maxlen: 24
                          45.137.69.0/24 maxlen: 24
                          45.84.197.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:41:d3:16:13:21:b9:b0:08:f0:8c:b9:68:0a:cf:82:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Sep 15 15:44:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=677ca26f97778bd5321f9e38ef5a5d9d0406ec9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:06:e7:03:42:e5:1c:34:ec:99:67:1e:34:13:
                    fc:da:02:a8:6f:b2:57:8e:b9:a0:67:41:75:2e:e2:
                    a7:bc:00:76:e8:1b:79:ec:00:c9:50:9e:fa:01:93:
                    33:7d:b7:f0:c2:39:13:1c:0f:79:54:84:0a:f4:a5:
                    fc:73:71:15:20:d0:31:3a:2b:7b:db:a2:09:3c:64:
                    d4:df:2a:67:47:fb:b7:8b:b5:c5:de:bc:86:a7:3f:
                    37:91:42:63:b6:af:20:3f:38:d0:ca:95:51:14:e7:
                    5b:7d:ba:e3:ba:d0:0a:e7:b4:66:59:a3:56:5d:99:
                    70:cc:82:9b:5e:1f:f2:50:01:cd:47:a7:17:9f:b9:
                    12:3e:a3:5f:49:0c:7f:cb:a1:d2:16:c3:2e:c2:f5:
                    21:2a:26:62:d8:a5:22:d5:17:35:b5:0a:03:9f:db:
                    fc:2a:08:ec:56:c0:6f:27:ef:ea:d4:4a:2e:bc:52:
                    2b:86:b8:0b:71:a7:00:bd:3c:07:91:9d:ff:02:4d:
                    39:cf:b3:9f:be:0f:d2:c2:2c:3c:79:13:d0:00:08:
                    bb:d7:6c:dd:c9:4b:97:d4:d1:c8:84:07:51:9f:ad:
                    af:d0:33:cb:04:f2:df:5b:d2:d5:76:34:8c:b5:11:
                    39:2c:8b:05:57:47:7f:eb:33:f7:c5:3c:8c:36:64:
                    82:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:7C:A2:6F:97:77:8B:D5:32:1F:9E:38:EF:5A:5D:9D:04:06:EC:9C
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Z3yib5d3i9UyH54471pdnQQG7Jw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.226.0/24
                  45.84.197.0/24
                  45.86.153.0/24
                  45.137.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:d8:55:e0:06:00:5a:10:84:f7:ac:68:0a:70:3a:8d:13:5d:
         da:25:0e:72:87:25:b7:3b:eb:74:c1:c3:65:84:bb:6e:c2:7e:
         0f:1d:a9:59:0b:31:29:9b:0a:7c:bc:17:06:33:8f:08:e3:21:
         20:18:f5:04:47:a5:6a:0c:9c:d8:b2:bf:24:c4:d0:77:38:43:
         a5:d5:34:8c:86:7e:00:78:0b:f2:8f:55:61:a7:96:e6:04:c3:
         99:34:0b:19:d9:63:ec:17:1b:a2:d2:f0:37:55:08:6d:35:40:
         14:66:d2:20:d1:4a:7f:e7:e5:bb:90:5c:3d:b5:3e:11:5f:aa:
         62:53:55:ce:f4:41:b9:00:7a:36:bd:55:ad:dd:50:c3:b5:cf:
         f8:94:44:72:be:02:bd:47:f7:2f:3c:82:c9:5e:9a:f2:d4:c8:
         b5:06:a5:40:b9:ee:9c:26:ad:93:cc:5d:87:6f:8b:72:16:04:
         5d:f1:c9:fd:9e:dc:3f:d0:b3:fa:48:f9:94:e3:2b:cc:4f:ec:
         2e:65:83:38:d7:66:75:ff:f5:74:e8:62:7f:f0:db:f7:82:d2:
         f6:9a:db:eb:ed:64:29:2b:9f:cb:fc:9a:81:2c:f6:79:13:ee:
         8d:3c:7e:14:f5:22:c6:25:e9:a4:1e:0c:55:db:d5:28:18:28:
         a0:54:c1:be
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYNB0xYTIbmwCPCMuWgKz4KxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwOTE1MTU0NDU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzdjYTI2Zjk3Nzc4YmQ1MzIxZjllMzhlZjVhNWQ5ZDA0MDZlYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gbnA0LlHDTsmWceNBP82gKob7JX
jrmgZ0F1LuKnvAB26Bt57ADJUJ76AZMzfbfwwjkTHA95VIQK9KX8c3EVINAxOit7
26IJPGTU3ypnR/u3i7XF3ryGpz83kUJjtq8gPzjQypVRFOdbfbrjutAK57RmWaNW
XZlwzIKbXh/yUAHNR6cXn7kSPqNfSQx/y6HSFsMuwvUhKiZi2KUi1Rc1tQoDn9v8
KgjsVsBvJ+/q1EouvFIrhrgLcacAvTwHkZ3/Ak05z7Ofvg/Swiw8eRPQAAi712zd
yUuX1NHIhAdRn62v0DPLBPLfW9LVdjSMtRE5LIsFV0d/6zP3xTyMNmSC1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGd8om+Xd4vVMh+eOO9aXZ0EBuycMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvWjN5aWI1ZDNpOVV5SDU0NDcxcGRuUVFHN0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ3iAwQA
LVTFAwQALVaZAwQALYlFMA0GCSqGSIb3DQEBCwUAA4IBAQAX2FXgBgBaEIT3rGgK
cDqNE13aJQ5yhyW3O+t0wcNlhLtuwn4PHalZCzEpmwp8vBcGM48I4yEgGPUER6Vq
DJzYsr8kxNB3OEOl1TSMhn4AeAvyj1Vhp5bmBMOZNAsZ2WPsFxui0vA3VQhtNUAU
ZtIg0Up/5+W7kFw9tT4RX6piU1XO9EG5AHo2vVWt3VDDtc/4lERyvgK9R/cvPILJ
Xpry1Mi1BqVAue6cJq2TzF2Hb4tyFgRd8cn9ntw/0LP6SPmU4yvMT+wuZYM412Z1
//V06GJ/8Nv3gtL2mtvr7WQpK5/L/JqBLPZ5E+6NPH4U9SLGJemkHgxV29UoGCig
VMG+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org