Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/3w4TMYV7_AaunSxk0us1PWJiVKc.roa
File:                     3w4TMYV7_AaunSxk0us1PWJiVKc.roa (raw, json)
Hash identifier:          jK6QjoLC7u95eRjdDIVgTKX99lerIfvkEhOeGanYRIc=
Subject key identifier:   DF:0E:13:31:85:7B:FC:06:AE:9D:2C:64:D2:EB:35:3D:62:62:54:A7
Certificate issuer:       /CN=070483d3d62f19c0835746dcb721c8832c3b7926
Certificate serial:       042D0FB0
Authority key identifier: 07:04:83:D3:D6:2F:19:C0:83:57:46:DC:B7:21:C8:83:2C:3B:79:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/3w4TMYV7_AaunSxk0us1PWJiVKc.roa
Signing time:             Mon 27 Jun 2022 05:44:40 +0000
ROA not before:           Mon 27 Jun 2022 05:44:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20454
IP address blocks:        45.85.204.0/22 maxlen: 22
                          45.134.92.0/22 maxlen: 22
                          45.90.48.0/22 maxlen: 22
                          45.131.12.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 70062000 (0x42d0fb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=070483d3d62f19c0835746dcb721c8832c3b7926
        Validity
            Not Before: Jun 27 05:44:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=df0e1331857bfc06ae9d2c64d2eb353d626254a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:02:5c:70:65:da:22:e6:30:18:55:66:72:a9:
                    7c:3f:97:0a:bc:f9:a6:db:26:e0:f8:e4:29:62:8d:
                    c9:35:48:8a:08:46:75:a2:d5:87:41:04:0f:d4:f2:
                    3f:e6:82:24:33:4b:28:4f:71:34:e0:c5:b2:71:0b:
                    0c:06:49:29:70:31:0e:4f:2b:c0:95:88:86:f2:3c:
                    d8:9e:fb:4c:7e:fb:e9:da:42:99:7d:bf:c7:22:70:
                    c6:a7:7e:d6:1a:04:a6:02:39:72:e2:25:6e:be:e2:
                    13:f6:a7:15:8d:68:7a:26:38:da:83:28:ca:37:ce:
                    e3:97:f4:70:be:ac:ad:e4:19:1d:cd:22:94:20:6d:
                    23:35:0f:66:c0:1e:bf:70:14:84:e3:9b:b6:82:83:
                    f8:2e:7d:25:0c:63:d0:44:37:f7:50:17:16:6e:61:
                    61:d1:58:6a:88:aa:e1:38:9e:09:88:2c:94:30:69:
                    b3:f9:c5:f7:41:a6:a7:41:67:39:42:cc:78:64:eb:
                    01:41:eb:4a:ad:57:f3:c0:e1:83:7c:74:1a:64:05:
                    ea:38:e3:fa:71:e3:97:fd:fd:4f:ca:1a:5b:91:6d:
                    3e:cf:87:68:3a:be:d0:02:88:9c:1c:cb:55:b1:38:
                    63:b6:72:c3:b2:ac:e2:73:02:93:f6:f7:a6:e1:bc:
                    67:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:0E:13:31:85:7B:FC:06:AE:9D:2C:64:D2:EB:35:3D:62:62:54:A7
            X509v3 Authority Key Identifier:
                keyid:07:04:83:D3:D6:2F:19:C0:83:57:46:DC:B7:21:C8:83:2C:3B:79:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/3w4TMYV7_AaunSxk0us1PWJiVKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BwSD09YvGcCDV0bctyHIgyw7eSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.204.0/22
                  45.90.48.0/22
                  45.131.12.0/22
                  45.134.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         16:52:de:47:f2:fa:e6:e3:56:4a:72:ce:6a:1e:10:1a:17:ac:
         2a:43:06:a7:5d:4a:13:5b:f0:d7:b3:67:47:19:ee:6d:ec:97:
         a1:2b:11:42:43:00:b2:23:c0:e3:f1:0c:14:3e:36:bb:32:c7:
         23:ae:65:cc:86:b4:45:b6:0d:80:40:25:f0:0a:4c:97:28:20:
         d6:92:6e:31:66:e1:8b:ac:2b:31:29:ec:a6:dc:ad:9c:1e:4e:
         c6:6e:9b:dd:45:da:f1:1a:a5:c6:ef:3a:4f:84:b9:d2:60:3d:
         94:2d:a5:37:60:b4:09:5d:2a:dc:b7:ba:d2:24:cf:12:da:2e:
         63:f8:18:b9:2e:fb:a1:2f:c7:ec:fe:e3:90:83:0f:d9:e2:a7:
         da:aa:10:c3:b5:38:af:d4:6e:c9:86:03:a4:c9:cb:64:c2:9d:
         b0:3a:f9:70:08:3c:b2:a4:bc:9c:66:bf:cb:ad:77:fb:02:de:
         56:bb:e5:81:c7:f4:29:9c:f7:c1:e5:fe:f4:03:3b:6f:b9:b3:
         80:17:c3:01:f0:01:51:4a:17:96:f0:cf:71:26:4d:22:82:74:
         fe:21:5d:3d:96:8c:95:f9:5e:e0:aa:28:07:53:6a:c1:df:5e:
         4c:43:a5:94:09:8c:11:65:92:e3:d0:5b:5f:6f:59:62:f7:db:
         9a:4c:27:c7
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBC0PsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NzA0ODNkM2Q2MmYxOWMwODM1NzQ2ZGNiNzIxYzg4MzJjM2I3OTI2MB4XDTIyMDYy
NzA1NDQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGYwZTEzMzE4NTdi
ZmMwNmFlOWQyYzY0ZDJlYjM1M2Q2MjYyNTRhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMCXHBl2iLmMBhVZnKpfD+XCrz5ptsm4PjkKWKNyTVIighG
daLVh0EED9TyP+aCJDNLKE9xNODFsnELDAZJKXAxDk8rwJWIhvI82J77TH776dpC
mX2/xyJwxqd+1hoEpgI5cuIlbr7iE/anFY1oeiY42oMoyjfO45f0cL6sreQZHc0i
lCBtIzUPZsAev3AUhOObtoKD+C59JQxj0EQ391AXFm5hYdFYaoiq4TieCYgslDBp
s/nF90Gmp0FnOULMeGTrAUHrSq1X88Dhg3x0GmQF6jjj+nHjl/39T8oaW5FtPs+H
aDq+0AKInBzLVbE4Y7Zyw7Ks4nMCk/b3puG8Z08CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTfDhMxhXv8Bq6dLGTS6zU9YmJUpzAfBgNVHSMEGDAWgBQHBIPT1i8ZwINX
Rty3IciDLDt5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0J3U0QwOVl2R2NDRFYwYmN0eUhJZ3l3N2VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvNjQ1MWMxLTJiY2QtNDQ2My1hNzAwLWQ0NDJjNGY5ZTliZC8x
LzN3NFRNWVY3X0FhdW5TeGswdXMxUFdKaVZLYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
NjQ1MWMxLTJiY2QtNDQ2My1hNzAwLWQ0NDJjNGY5ZTliZC8xL0J3U0QwOVl2R2ND
RFYwYmN0eUhJZ3l3N2VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAi1VzAMEAi1aMAMEAi2DDAMEAi2G
XDANBgkqhkiG9w0BAQsFAAOCAQEAFlLeR/L65uNWSnLOah4QGhesKkMGp11KE1vw
17NnRxnubeyXoSsRQkMAsiPA4/EMFD42uzLHI65lzIa0RbYNgEAl8ApMlygg1pJu
MWbhi6wrMSnsptytnB5Oxm6b3UXa8Rqlxu86T4S50mA9lC2lN2C0CV0q3Le60iTP
EtouY/gYuS77oS/H7P7jkIMP2eKn2qoQw7U4r9RuyYYDpMnLZMKdsDr5cAg8sqS8
nGa/y613+wLeVrvlgcf0KZz3weX+9AM7b7mzgBfDAfABUUoXlvDPcSZNIoJ0/iFd
PZaMlfle4KooB1Nqwd9eTEOllAmMEWWS49BbX29ZYvfbmkwnxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:02 2024 by rpki-client on console-fra.rpki-client.org