Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H-GctaIKsz0BdCUOfRYwRVDyR3s.roa
File:                     H-GctaIKsz0BdCUOfRYwRVDyR3s.roa (raw, json)
Hash identifier:          pgBOKZGpx2hcGwROfMomw6x1ZzjXwDrANvUZEoVIKjs=
Subject key identifier:   1F:E1:9C:B5:A2:0A:B3:3D:01:74:25:0E:7D:16:30:45:50:F2:47:7B
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018415E61F36A131E5FA757F5538A3E02AAD
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H-GctaIKsz0BdCUOfRYwRVDyR3s.roa
Signing time:             Wed 26 Oct 2022 20:05:13 +0000
ROA not before:           Wed 26 Oct 2022 20:05:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61977
IP address blocks:        45.90.145.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:15:e6:1f:36:a1:31:e5:fa:75:7f:55:38:a3:e0:2a:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Oct 26 20:05:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1fe19cb5a20ab33d0174250e7d16304550f2477b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e1:1f:14:4e:52:66:7e:e5:c6:65:45:b0:e1:
                    fd:c8:c9:e0:c0:33:87:12:60:db:e1:2f:e4:b6:35:
                    e6:58:32:a8:ea:1c:f6:d8:45:b0:83:2e:e4:81:60:
                    d3:6b:ed:18:73:5f:ae:5b:3b:03:6f:27:18:27:0b:
                    9e:65:f2:10:1d:40:12:60:30:42:d1:7f:d0:1d:42:
                    12:b8:a1:de:0c:13:9b:dd:f0:4d:95:21:2d:ff:21:
                    b4:50:f7:ee:c2:47:4d:d7:cc:b2:8c:ad:66:f3:75:
                    17:31:f9:45:e7:32:3f:0e:b1:c8:7d:d6:63:de:2f:
                    6f:e7:76:0a:8e:c9:ac:a3:e8:3f:07:11:3d:1b:77:
                    ee:de:b0:bf:d7:63:0e:09:a6:71:20:d5:f0:b6:c5:
                    18:78:e6:da:0b:75:fa:b4:7a:68:44:45:eb:43:f3:
                    58:d6:46:8d:24:33:e0:c7:2f:71:4e:8c:14:fa:f9:
                    90:8c:4e:cd:ae:50:17:20:41:01:cd:88:86:90:03:
                    80:63:63:c8:ef:b4:d3:45:32:24:23:36:21:04:81:
                    f1:dd:e9:cf:da:33:50:dd:5c:e5:30:4a:97:d0:9c:
                    61:cd:b4:20:07:20:80:1f:cc:83:55:9d:68:19:e5:
                    da:74:43:c1:14:8b:e8:a6:51:77:25:5c:a5:35:6f:
                    f0:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:E1:9C:B5:A2:0A:B3:3D:01:74:25:0E:7D:16:30:45:50:F2:47:7B
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H-GctaIKsz0BdCUOfRYwRVDyR3s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:d1:32:4f:1b:d4:d2:ce:b9:87:21:62:02:d3:4b:73:fe:6d:
         39:f6:1c:1f:dd:c4:75:84:b2:0a:0c:47:db:29:b3:38:4f:0a:
         43:ea:5e:cf:30:52:00:cc:d7:1b:58:c1:e7:95:62:8d:9c:09:
         27:d0:5f:cb:dd:f4:04:4c:b4:d0:db:2e:85:c9:1e:c6:14:fa:
         98:96:83:63:a2:b5:d7:9e:90:f8:95:c6:b6:d2:78:7e:77:7f:
         d0:e6:96:6b:e6:2d:8a:52:99:87:40:4d:49:0f:b3:72:63:ae:
         a1:89:25:0f:41:fa:1b:5a:51:0a:8b:9a:1a:d7:71:74:d1:f7:
         6e:09:bc:0e:36:0c:87:b9:3d:6d:4b:a4:6c:1a:6a:96:db:2c:
         dd:80:81:2b:0a:4f:2a:a8:9f:ba:a8:74:c8:15:2f:1a:78:cb:
         f1:51:c0:ea:4b:21:16:48:9f:00:97:40:82:04:f9:81:95:fd:
         86:fa:5e:96:6a:79:43:0e:d9:79:fb:5a:4b:62:95:d9:16:bf:
         33:fe:1c:91:b2:ac:b4:8b:fa:9e:e1:d8:38:b1:7d:2e:3e:df:
         2a:5d:3f:4d:16:8d:ad:52:16:f1:29:11:61:ed:38:c9:ca:e0:
         85:29:44:35:4c:a2:b7:df:f3:8b:bd:57:be:b3:ff:74:b5:d7:
         c6:20:e6:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQV5h82oTHl+nV/VTij4CqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMDI2MjAwNTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmUxOWNiNWEyMGFiMzNkMDE3NDI1MGU3ZDE2MzA0NTUwZjI0NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleEfFE5SZn7lxmVFsOH9yMngwDOH
EmDb4S/ktjXmWDKo6hz22EWwgy7kgWDTa+0Yc1+uWzsDbycYJwueZfIQHUASYDBC
0X/QHUISuKHeDBOb3fBNlSEt/yG0UPfuwkdN18yyjK1m83UXMflF5zI/DrHIfdZj
3i9v53YKjsmso+g/BxE9G3fu3rC/12MOCaZxINXwtsUYeObaC3X6tHpoREXrQ/NY
1kaNJDPgxy9xTowU+vmQjE7NrlAXIEEBzYiGkAOAY2PI77TTRTIkIzYhBIHx3enP
2jNQ3VzlMEqX0JxhzbQgByCAH8yDVZ1oGeXadEPBFIvoplF3JVylNW/wwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/hnLWiCrM9AXQlDn0WMEVQ8kd7MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSC1HY3RhSUtzejBCZENVT2ZSWXdSVkR5UjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVqRMA0G
CSqGSIb3DQEBCwUAA4IBAQCU0TJPG9TSzrmHIWIC00tz/m059hwf3cR1hLIKDEfb
KbM4TwpD6l7PMFIAzNcbWMHnlWKNnAkn0F/L3fQETLTQ2y6FyR7GFPqYloNjorXX
npD4lca20nh+d3/Q5pZr5i2KUpmHQE1JD7NyY66hiSUPQfobWlEKi5oa13F00fdu
CbwONgyHuT1tS6RsGmqW2yzdgIErCk8qqJ+6qHTIFS8aeMvxUcDqSyEWSJ8Al0CC
BPmBlf2G+l6WanlDDtl5+1pLYpXZFr8z/hyRsqy0i/qe4dg4sX0uPt8qXT9NFo2t
UhbxKRFh7TjJyuCFKUQ1TKK33/OLvVe+s/90tdfGIOYD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org