Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/kgP0AxdAWx82aZ3u6sPAfBN_Ubg.roa
File:                     kgP0AxdAWx82aZ3u6sPAfBN_Ubg.roa (raw, json)
Hash identifier:          mo+9r+5ZscNlf7YSyhBnd3fchAHTLGDRerkpkgIr5N4=
Subject key identifier:   92:03:F4:03:17:40:5B:1F:36:69:9D:EE:EA:C3:C0:7C:13:7F:51:B8
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       093A760F
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/kgP0AxdAWx82aZ3u6sPAfBN_Ubg.roa
Signing time:             Sat 01 Jan 2022 06:00:29 +0000
ROA not before:           Sat 01 Jan 2022 06:00:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     38001
IP address blocks:        45.67.136.0/24 maxlen: 24
                          45.67.137.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 154826255 (0x93a760f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 06:00:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9203f40317405b1f36699deeeac3c07c137f51b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:69:09:2a:6d:c1:02:51:a0:36:cd:97:13:77:
                    f0:e7:00:5d:55:0c:93:3c:5e:ad:bb:92:76:e9:52:
                    d1:88:0a:35:6e:8e:c8:7c:69:e9:74:9a:d7:61:fc:
                    9e:79:db:27:b9:cc:24:26:eb:85:a0:96:2f:f9:ac:
                    13:db:3e:57:8c:02:50:76:2c:bd:ff:4e:49:9c:0b:
                    63:dc:f5:a6:25:80:51:ef:5d:70:e3:a2:82:97:b9:
                    2b:96:d3:de:33:97:9f:4e:96:c5:8a:81:ac:02:08:
                    da:15:7a:ab:f3:9e:90:c0:c1:40:bc:7e:85:99:c8:
                    1c:81:4f:de:50:86:a6:22:a9:16:c2:80:b1:b0:10:
                    2b:51:84:96:5b:26:94:dc:8b:8d:f4:e5:bf:53:12:
                    38:63:48:e9:dd:b3:c1:f7:f0:ed:6e:5c:36:71:2c:
                    fb:38:c0:7f:b6:9b:1d:f5:c7:28:09:a6:47:50:56:
                    dc:6b:20:06:78:81:58:24:c5:ec:a7:5f:43:aa:9b:
                    89:e9:89:43:1d:5a:c1:c6:00:0b:a8:66:a5:ac:62:
                    59:8a:8f:e1:c6:38:68:e7:79:32:90:38:30:29:32:
                    f6:f6:1a:82:37:46:16:16:14:9f:40:c5:d4:cd:03:
                    e9:14:e4:37:1f:cf:03:30:af:57:85:cc:4a:b5:5d:
                    47:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:03:F4:03:17:40:5B:1F:36:69:9D:EE:EA:C3:C0:7C:13:7F:51:B8
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/kgP0AxdAWx82aZ3u6sPAfBN_Ubg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         19:bb:b8:4c:10:8e:f8:8e:6c:f9:4f:bc:85:51:51:95:3b:19:
         1c:41:53:ef:b4:67:88:97:5a:05:74:82:23:8f:b8:f2:67:91:
         31:97:ef:f9:b0:62:99:3c:f7:1a:73:d3:cd:c3:cb:37:a5:54:
         04:df:15:3e:ac:74:a5:1c:05:0d:1c:42:8e:4a:77:bd:d1:11:
         91:61:87:af:9f:1c:6d:c0:62:7d:16:10:c5:ce:04:73:6d:56:
         82:31:40:40:7f:d9:e2:3b:4b:1b:92:c5:83:3e:15:1a:f4:4d:
         49:2e:f3:f9:6e:91:1c:77:1b:be:07:7a:6f:2e:c0:b7:c0:4c:
         01:05:63:7d:58:9b:d4:fa:3f:37:30:ba:b8:87:58:45:d7:ca:
         88:07:ca:2c:c8:80:47:02:f0:8e:17:07:1c:c4:53:b5:bd:c3:
         8e:19:45:26:69:37:02:7a:6f:76:c3:08:24:63:0b:24:97:99:
         63:18:46:8c:a7:07:3e:5d:a1:e8:af:ec:a6:81:23:e9:3d:9c:
         38:a0:a7:0b:41:7b:af:44:2e:b6:a0:e3:91:a4:43:b0:e8:0b:
         35:dd:c6:5b:92:bc:66:e8:ed:b0:6e:09:a7:f6:30:06:f9:1b:
         5d:62:9e:71:ba:fe:b8:ba:2a:33:be:1b:62:8a:46:67:af:14:
         1a:71:0c:bb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECTp2DzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjA0MTViZmM0M2IzOGU5Y2ZkMWExMjk5NTIwMmU4NzYzNzUyZmRlMB4XDTIyMDEw
MTA2MDAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIwM2Y0MDMxNzQw
NWIxZjM2Njk5ZGVlZWFjM2MwN2MxMzdmNTFiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANdpCSptwQJRoDbNlxN38OcAXVUMkzxerbuSdulS0YgKNW6O
yHxp6XSa12H8nnnbJ7nMJCbrhaCWL/msE9s+V4wCUHYsvf9OSZwLY9z1piWAUe9d
cOOigpe5K5bT3jOXn06WxYqBrAII2hV6q/OekMDBQLx+hZnIHIFP3lCGpiKpFsKA
sbAQK1GEllsmlNyLjfTlv1MSOGNI6d2zwffw7W5cNnEs+zjAf7abHfXHKAmmR1BW
3GsgBniBWCTF7KdfQ6qbiemJQx1awcYAC6hmpaxiWYqP4cY4aOd5MpA4MCky9vYa
gjdGFhYUn0DF1M0D6RTkNx/PAzCvV4XMSrVdR4UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSSA/QDF0BbHzZpne7qw8B8E39RuDAfBgNVHSMEGDAWgBQbBBW/xDs46c/R
oSmVIC6HY3Uv3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8x
L2tnUDBBeGRBV3g4MmFaM3U2c1BBZkJOX1ViZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8xL0d3UVZ2OFE3T09u
UDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1DiDANBgkqhkiG9w0BAQsFAAOC
AQEAGbu4TBCO+I5s+U+8hVFRlTsZHEFT77RniJdaBXSCI4+48meRMZfv+bBimTz3
GnPTzcPLN6VUBN8VPqx0pRwFDRxCjkp3vdERkWGHr58cbcBifRYQxc4Ec21WgjFA
QH/Z4jtLG5LFgz4VGvRNSS7z+W6RHHcbvgd6by7At8BMAQVjfVib1Po/NzC6uIdY
RdfKiAfKLMiARwLwjhcHHMRTtb3DjhlFJmk3AnpvdsMIJGMLJJeZYxhGjKcHPl2h
6K/spoEj6T2cOKCnC0F7r0QutqDjkaRDsOgLNd3GW5K8ZujtsG4Jp/YwBvkbXWKe
cbr+uLoqM74bYopGZ68UGnEMuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org