Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/PVkJ7MHzv4wun_LWBE8IO_I1N4U.roa
File:                     PVkJ7MHzv4wun_LWBE8IO_I1N4U.roa (raw, json)
Hash identifier:          BoXrycN8s85F/VINCXMy8LkMYYuuWcGfJc0+SxY8fJM=
Subject key identifier:   3D:59:09:EC:C1:F3:BF:8C:2E:9F:F2:D6:04:4F:08:3B:F2:35:37:85
Certificate issuer:       /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial:       0184C094060BC7917E221A963987F5EC4EE8
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/PVkJ7MHzv4wun_LWBE8IO_I1N4U.roa
Signing time:             Mon 28 Nov 2022 23:30:37 +0000
ROA not before:           Mon 28 Nov 2022 23:30:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206804
IP address blocks:        45.138.84.0/22 maxlen: 24
                          193.36.116.0/22 maxlen: 24
                          45.133.192.0/22 maxlen: 24
                          141.98.212.0/22 maxlen: 24
                          45.146.220.0/22 maxlen: 24
                          195.80.148.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c0:94:06:0b:c7:91:7e:22:1a:96:39:87:f5:ec:4e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
        Validity
            Not Before: Nov 28 23:30:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d5909ecc1f3bf8c2e9ff2d6044f083bf2353785
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:88:de:a8:42:ce:ed:8a:bc:1d:49:7e:98:40:
                    03:5a:d7:52:3b:4e:82:b8:e1:fd:6e:36:7f:03:fd:
                    45:4c:c4:cb:2d:9a:0b:89:9a:c6:ae:05:7b:0e:f2:
                    13:2f:87:b2:e2:7d:03:99:44:80:bf:a1:47:50:b1:
                    b2:27:9d:60:bf:dc:57:21:1f:90:32:b8:60:d8:94:
                    bd:72:15:0c:4c:5b:a8:83:83:73:1b:fe:ef:aa:ad:
                    a8:4a:d0:db:ba:ff:b6:cf:2c:ff:cd:2a:2e:1f:1e:
                    5e:a9:a7:55:50:78:de:ff:d8:46:99:5b:70:c9:8e:
                    31:d7:3d:ec:7c:d0:4c:f1:02:01:57:e0:48:25:e2:
                    0e:5a:a3:b0:87:e9:cc:85:9b:11:dd:fa:17:32:5f:
                    f2:d3:e2:8f:b3:fd:11:f5:67:5b:ea:7f:61:57:34:
                    78:83:7a:b0:36:c3:c9:36:03:1a:c8:14:d9:65:ad:
                    de:93:ed:16:d3:0b:98:36:2b:38:e7:87:c3:60:17:
                    d3:b7:44:b2:94:87:ec:78:09:14:b9:62:1b:75:5e:
                    a9:89:8b:59:48:29:14:ba:f2:ef:2b:02:58:b7:f2:
                    24:c8:bf:48:45:9f:a0:3b:c2:a0:6b:86:92:ff:e0:
                    15:ac:ea:0f:41:b7:f7:3a:4f:d9:c8:c5:b1:2f:17:
                    c0:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:59:09:EC:C1:F3:BF:8C:2E:9F:F2:D6:04:4F:08:3B:F2:35:37:85
            X509v3 Authority Key Identifier:
                keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/PVkJ7MHzv4wun_LWBE8IO_I1N4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.192.0/22
                  45.138.84.0/22
                  45.146.220.0/22
                  141.98.212.0/22
                  193.36.116.0/22
                  195.80.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:82:2f:24:19:02:36:e7:6d:b3:07:f1:e8:73:8c:f6:fb:bf:
         7f:9c:64:1a:2a:8b:be:ef:50:fe:67:c1:75:1c:21:77:7d:ea:
         32:69:86:bc:2c:82:73:07:2d:1d:3f:9e:c9:0d:b1:06:35:41:
         41:19:cd:b5:34:2c:3b:ad:3d:5e:7c:1c:9d:6d:5b:cf:53:f3:
         f6:ee:82:04:85:1b:ea:4b:4e:54:24:c8:50:38:ff:b3:4c:8d:
         54:79:f8:ad:d6:39:26:af:a4:8b:c6:61:6f:b5:4e:94:84:9f:
         b5:c7:0d:4c:1a:a7:f2:a0:88:f8:d7:2c:23:36:2c:3d:32:96:
         17:96:1a:d8:b7:26:9e:d4:d9:89:92:46:ee:4a:d2:65:44:a1:
         4c:3f:47:e3:fc:e8:30:a2:bc:36:12:de:47:7c:1a:4d:55:32:
         c8:b0:05:7c:f6:df:d5:54:82:a8:77:70:32:27:88:d7:2b:9f:
         5d:95:e2:eb:70:76:46:de:5c:b7:ea:5a:0d:ab:54:fe:98:5c:
         06:38:64:7a:0c:39:a3:6f:d1:cf:97:8e:9a:a8:a0:c6:5b:e2:
         72:0f:ff:f5:b0:8c:bb:4b:86:86:d7:6d:f9:dc:71:5c:06:9a:
         b3:13:45:cd:11:b9:d3:c4:44:6d:85:a9:da:34:f4:d7:1a:d6:
         23:1d:21:d1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTAlAYLx5F+IhqWOYf17E7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjIxMTI4MjMzMDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDU5MDllY2MxZjNiZjhjMmU5ZmYyZDYwNDRmMDgzYmYyMzUzNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ojeqELO7Yq8HUl+mEADWtdSO06C
uOH9bjZ/A/1FTMTLLZoLiZrGrgV7DvITL4ey4n0DmUSAv6FHULGyJ51gv9xXIR+Q
Mrhg2JS9chUMTFuog4NzG/7vqq2oStDbuv+2zyz/zSouHx5eqadVUHje/9hGmVtw
yY4x1z3sfNBM8QIBV+BIJeIOWqOwh+nMhZsR3foXMl/y0+KPs/0R9Wdb6n9hVzR4
g3qwNsPJNgMayBTZZa3ek+0W0wuYNis454fDYBfTt0SylIfseAkUuWIbdV6piYtZ
SCkUuvLvKwJYt/IkyL9IRZ+gO8Kga4aS/+AVrOoPQbf3Ok/ZyMWxLxfA+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD1ZCezB87+MLp/y1gRPCDvyNTeFMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvUFZrSjdNSHp2NHd1bl9MV0JFOElPX0kxTjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLYXAAwQC
LYpUAwQCLZLcAwQCjWLUAwQCwSR0AwQCw1CUMA0GCSqGSIb3DQEBCwUAA4IBAQA8
gi8kGQI2522zB/Hoc4z2+79/nGQaKou+71D+Z8F1HCF3feoyaYa8LIJzBy0dP57J
DbEGNUFBGc21NCw7rT1efBydbVvPU/P27oIEhRvqS05UJMhQOP+zTI1Uefit1jkm
r6SLxmFvtU6UhJ+1xw1MGqfyoIj41ywjNiw9MpYXlhrYtyae1NmJkkbuStJlRKFM
P0fj/Ogworw2Et5HfBpNVTLIsAV89t/VVIKod3AyJ4jXK59dleLrcHZG3ly36loN
q1T+mFwGOGR6DDmjb9HPl46aqKDGW+JyD//1sIy7S4aG12353HFcBpqzE0XNEbnT
xERthanaNPTXGtYjHSHR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org