Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e0ddde-cc9f-4807-8fa2-eaf924731218/1/tnq3Ecs6z0Re4q8N8igLg706FB8.roa
File:                     tnq3Ecs6z0Re4q8N8igLg706FB8.roa (raw, json)
Hash identifier:          UhHqHX+dIb/u7110DtUN4ChQvzCGI3BBKtZkkPtRcuk=
Subject key identifier:   B6:7A:B7:11:CB:3A:CF:44:5E:E2:AF:0D:F2:28:0B:83:BD:3A:14:1F
Certificate issuer:       /CN=1704a51d84fba6d0fe218aedca95a894dcce1cd7
Certificate serial:       04335D80
Authority key identifier: 17:04:A5:1D:84:FB:A6:D0:FE:21:8A:ED:CA:95:A8:94:DC:CE:1C:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FwSlHYT7ptD-IYrtypWolNzOHNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/e0ddde-cc9f-4807-8fa2-eaf924731218/1/tnq3Ecs6z0Re4q8N8igLg706FB8.roa
Signing time:             Sat 01 Jan 2022 06:03:25 +0000
ROA not before:           Sat 01 Jan 2022 06:03:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202041
IP address blocks:        185.45.158.0/23 maxlen: 23
                          185.45.156.0/22 maxlen: 22
                          185.45.156.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 70475136 (0x4335d80)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1704a51d84fba6d0fe218aedca95a894dcce1cd7
        Validity
            Not Before: Jan  1 06:03:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b67ab711cb3acf445ee2af0df2280b83bd3a141f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:d4:59:da:7f:eb:de:e5:8e:c1:7f:cf:c7:3c:
                    cf:b9:55:c9:56:14:f8:4a:b1:86:0b:91:5c:83:5e:
                    ea:e9:cd:45:48:58:f7:20:ef:e8:a6:33:07:0e:00:
                    de:3f:b9:9a:b7:ab:fb:bf:da:10:0f:b9:ee:a4:9c:
                    01:cc:61:b9:d8:19:60:cc:27:c8:13:1d:2e:dc:f5:
                    4b:3d:a0:b4:58:5c:50:3a:55:15:d9:8b:2a:24:63:
                    d5:f2:72:28:23:89:aa:02:58:e5:00:f7:b5:cd:99:
                    2e:72:ed:49:48:ed:a9:4b:6b:48:40:4a:51:5d:fc:
                    b7:39:67:50:62:14:0c:bd:81:ea:65:17:32:a8:34:
                    5f:14:a8:c0:ce:de:27:de:ed:6c:a2:84:6d:ee:c8:
                    bf:03:0d:20:00:7e:bd:ad:68:cb:9b:9f:73:14:3e:
                    bc:e3:f2:2c:f8:c3:1d:54:fc:36:14:d0:c8:80:7e:
                    13:b8:ba:c9:83:6f:0b:d8:a3:ee:0f:5c:4f:ea:22:
                    bf:a9:b2:5f:33:5d:42:c9:e0:e7:15:5d:af:7b:e1:
                    e2:d4:b6:04:0c:6d:d3:31:b8:b7:34:12:20:8a:5d:
                    d0:2d:b6:7a:56:e7:44:85:58:68:89:7d:35:7a:4c:
                    a1:27:63:0c:b6:d1:52:93:5b:27:6f:24:77:4a:b4:
                    8c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:7A:B7:11:CB:3A:CF:44:5E:E2:AF:0D:F2:28:0B:83:BD:3A:14:1F
            X509v3 Authority Key Identifier:
                keyid:17:04:A5:1D:84:FB:A6:D0:FE:21:8A:ED:CA:95:A8:94:DC:CE:1C:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwSlHYT7ptD-IYrtypWolNzOHNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e0ddde-cc9f-4807-8fa2-eaf924731218/1/tnq3Ecs6z0Re4q8N8igLg706FB8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e0ddde-cc9f-4807-8fa2-eaf924731218/1/FwSlHYT7ptD-IYrtypWolNzOHNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.45.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5c:91:c7:e0:13:d4:31:3c:54:1c:1c:f4:ab:ec:66:c1:2e:99:
         f8:76:b1:f3:3f:40:42:43:0e:52:a3:29:d5:9e:d8:1c:6a:f0:
         e7:00:9b:5f:f5:49:a8:b7:d5:c2:50:d5:9f:ab:f6:8a:95:df:
         eb:b9:55:ec:6d:1e:69:98:db:8c:d6:88:0b:ec:9c:bd:35:f8:
         f3:9a:18:92:c2:cf:a0:95:73:e5:64:67:42:cb:6e:6c:92:48:
         08:f7:77:d8:63:17:36:2d:81:61:7f:88:f5:d7:04:30:52:23:
         19:24:e8:03:dd:c0:31:eb:2d:65:6b:c6:0d:bb:e0:08:bf:e9:
         92:77:b3:d1:4f:4a:86:7b:fa:76:87:ee:5e:6f:f4:23:99:a9:
         15:8e:29:18:d6:52:93:49:d9:1e:b1:f3:c8:fd:f6:05:be:7d:
         cd:47:9d:8b:1d:c8:5b:e0:05:5a:c0:73:16:5c:52:37:c2:87:
         b0:0a:ff:34:bb:96:55:ad:00:70:f3:98:cd:bd:27:a6:84:d6:
         d2:88:cf:17:97:1a:05:ad:99:3f:cd:c7:98:31:ac:00:93:03:
         47:79:b0:c3:0b:eb:fd:17:85:43:04:1a:dd:cf:42:38:73:54:
         3f:50:f2:f3:05:02:39:0a:d2:de:d4:a8:61:64:19:de:25:cc:
         a3:ad:2a:8a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBDNdgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzA0YTUxZDg0ZmJhNmQwZmUyMThhZWRjYTk1YTg5NGRjY2UxY2Q3MB4XDTIyMDEw
MTA2MDMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY3YWI3MTFjYjNh
Y2Y0NDVlZTJhZjBkZjIyODBiODNiZDNhMTQxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzUWdp/697ljsF/z8c8z7lVyVYU+EqxhguRXINe6unNRUhY
9yDv6KYzBw4A3j+5mrer+7/aEA+57qScAcxhudgZYMwnyBMdLtz1Sz2gtFhcUDpV
FdmLKiRj1fJyKCOJqgJY5QD3tc2ZLnLtSUjtqUtrSEBKUV38tzlnUGIUDL2B6mUX
Mqg0XxSowM7eJ97tbKKEbe7IvwMNIAB+va1oy5ufcxQ+vOPyLPjDHVT8NhTQyIB+
E7i6yYNvC9ij7g9cT+oiv6myXzNdQsng5xVdr3vh4tS2BAxt0zG4tzQSIIpd0C22
elbnRIVYaIl9NXpMoSdjDLbRUpNbJ28kd0q0jEUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS2ercRyzrPRF7irw3yKAuDvToUHzAfBgNVHSMEGDAWgBQXBKUdhPum0P4h
iu3KlaiU3M4c1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z3U2xIWVQ3cHRELUlZcnR5cFdvbE56T0hOYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvZTBkZGRlLWNjOWYtNDgwNy04ZmEyLWVhZjkyNDczMTIxOC8x
L3RucTNFY3M2ejBSZTRxOE44aWdMZzcwNkZCOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
ZTBkZGRlLWNjOWYtNDgwNy04ZmEyLWVhZjkyNDczMTIxOC8xL0Z3U2xIWVQ3cHRE
LUlZcnR5cFdvbE56T0hOYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArktnDANBgkqhkiG9w0BAQsFAAOC
AQEAXJHH4BPUMTxUHBz0q+xmwS6Z+Hax8z9AQkMOUqMp1Z7YHGrw5wCbX/VJqLfV
wlDVn6v2ipXf67lV7G0eaZjbjNaIC+ycvTX485oYksLPoJVz5WRnQstubJJICPd3
2GMXNi2BYX+I9dcEMFIjGSToA93AMestZWvGDbvgCL/pknez0U9Khnv6dofuXm/0
I5mpFY4pGNZSk0nZHrHzyP32Bb59zUedix3IW+AFWsBzFlxSN8KHsAr/NLuWVa0A
cPOYzb0npoTW0ojPF5caBa2ZP83HmDGsAJMDR3mwwwvr/ReFQwQa3c9COHNUP1Dy
8wUCOQrS3tSoYWQZ3iXMo60qig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:22 2024 by rpki-client on console-ams.rpki-client.org