Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/_gM4atwLBEfWOsbmjAIr6vb5KA4.roa
File:                     _gM4atwLBEfWOsbmjAIr6vb5KA4.roa (raw, json)
Hash identifier:          5cgfMg2RravfUZPUeIjNfCE+sal0bQgNnEBeR30tGL0=
Subject key identifier:   FE:03:38:6A:DC:0B:04:47:D6:3A:C6:E6:8C:02:2B:EA:F6:F9:28:0E
Certificate issuer:       /CN=87f45e3a4069d4f5ebd5f6e6421d8d3cabe30921
Certificate serial:       018345DC46A65359E14C27DD7E89DCFA3528
Authority key identifier: 87:F4:5E:3A:40:69:D4:F5:EB:D5:F6:E6:42:1D:8D:3C:AB:E3:09:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h_ReOkBp1PXr1fbmQh2NPKvjCSE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/_gM4atwLBEfWOsbmjAIr6vb5KA4.roa
Signing time:             Fri 16 Sep 2022 10:33:27 +0000
ROA not before:           Fri 16 Sep 2022 10:33:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60781
IP address blocks:        45.159.204.0/22 maxlen: 24
                          2a09:db40::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:45:dc:46:a6:53:59:e1:4c:27:dd:7e:89:dc:fa:35:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87f45e3a4069d4f5ebd5f6e6421d8d3cabe30921
        Validity
            Not Before: Sep 16 10:33:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fe03386adc0b0447d63ac6e68c022beaf6f9280e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d7:27:ec:14:62:78:f4:f4:c6:66:dc:31:fc:
                    40:ef:bc:e6:47:f9:14:4c:70:a5:74:49:8d:8b:49:
                    68:5f:43:9d:39:81:1d:3a:79:2e:bd:e8:42:29:22:
                    55:5e:4c:d0:d3:bc:fc:f9:13:b1:7b:67:99:2b:dd:
                    05:7f:2d:82:53:a2:20:5c:c3:7a:d4:83:6a:82:9e:
                    b0:72:ae:d1:ad:13:e1:47:21:01:bf:ad:21:66:74:
                    49:d9:be:9e:fe:72:e1:69:b3:71:d6:bf:a2:ad:71:
                    26:37:2f:05:60:14:3c:9d:26:04:e7:c6:5b:7b:33:
                    a6:76:b7:be:49:40:83:fb:ad:c6:bd:bb:ed:71:2e:
                    b8:49:48:d3:e4:e5:5a:9c:7b:7c:2b:40:b0:30:d5:
                    7d:cf:c0:c1:e0:d5:46:b8:05:66:b0:47:27:99:6d:
                    56:9b:58:e8:e6:f9:9b:f9:7f:2a:a0:64:e6:04:7e:
                    a5:84:a3:14:7a:b6:8d:a2:a2:0a:3b:6c:80:f7:15:
                    e4:18:f8:3d:91:56:46:e7:1b:57:c8:d4:57:77:c6:
                    78:b2:ef:0f:4e:21:58:e2:78:0b:32:5e:fd:f0:76:
                    12:8f:7d:65:68:3a:32:0b:29:a7:7d:2c:b1:72:1c:
                    4c:ea:e9:16:c3:34:5f:f6:f3:c3:e0:ba:ce:a7:2a:
                    8d:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:03:38:6A:DC:0B:04:47:D6:3A:C6:E6:8C:02:2B:EA:F6:F9:28:0E
            X509v3 Authority Key Identifier:
                keyid:87:F4:5E:3A:40:69:D4:F5:EB:D5:F6:E6:42:1D:8D:3C:AB:E3:09:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_ReOkBp1PXr1fbmQh2NPKvjCSE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/_gM4atwLBEfWOsbmjAIr6vb5KA4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.204.0/22
                IPv6:
                  2a09:db40::/29

    Signature Algorithm: sha256WithRSAEncryption
         63:46:71:cc:54:08:cc:6d:3e:75:42:05:0d:29:79:8d:3d:97:
         6e:dc:fc:c6:55:b1:5e:c0:2f:02:d3:72:c6:b8:3a:73:8b:26:
         8d:7e:8a:36:99:59:79:c9:fd:18:f4:23:d2:e4:0b:df:e6:86:
         48:79:12:58:83:02:a2:05:0d:5c:7d:ab:d2:06:e0:9e:b5:ed:
         4c:38:21:2a:8a:68:6a:90:a7:e8:7e:59:da:78:a6:85:cd:f5:
         03:98:1c:97:38:93:8f:96:ba:46:47:4c:2f:45:9d:cf:58:51:
         df:2b:7b:9d:24:a2:d9:cf:73:58:ce:37:20:77:64:15:3e:c9:
         3b:a4:53:61:96:5e:cc:37:ea:27:c9:1a:a3:87:ce:ea:17:50:
         5f:67:33:da:17:6a:e8:0a:b6:3f:44:b5:15:56:b2:6f:bc:63:
         01:a0:40:7c:76:f1:3e:da:95:13:d4:89:c7:a4:2d:74:62:85:
         3d:80:3f:aa:41:da:cd:d9:de:2a:50:c7:9b:b5:32:91:b4:63:
         c4:d3:f9:ec:ba:c0:af:20:a4:27:5b:46:08:78:6a:61:fe:8c:
         8f:6b:b8:2d:ab:be:b4:84:a9:57:b6:94:b2:d8:e0:95:32:5f:
         c0:c9:76:5d:96:1a:4f:f6:66:87:6c:3c:41:08:d6:51:c6:ce:
         0d:68:c2:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNF3EamU1nhTCfdfonc+jUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjQ1ZTNhNDA2OWQ0ZjVlYmQ1ZjZlNjQyMWQ4ZDNjYWJl
MzA5MjEwHhcNMjIwOTE2MTAzMzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTAzMzg2YWRjMGIwNDQ3ZDYzYWM2ZTY4YzAyMmJlYWY2ZjkyODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9cn7BRiePT0xmbcMfxA77zmR/kU
THCldEmNi0loX0OdOYEdOnkuvehCKSJVXkzQ07z8+ROxe2eZK90Ffy2CU6IgXMN6
1INqgp6wcq7RrRPhRyEBv60hZnRJ2b6e/nLhabNx1r+irXEmNy8FYBQ8nSYE58Zb
ezOmdre+SUCD+63GvbvtcS64SUjT5OVanHt8K0CwMNV9z8DB4NVGuAVmsEcnmW1W
m1jo5vmb+X8qoGTmBH6lhKMUeraNoqIKO2yA9xXkGPg9kVZG5xtXyNRXd8Z4su8P
TiFY4ngLMl798HYSj31laDoyCymnfSyxchxM6ukWwzRf9vPD4LrOpyqNuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP4DOGrcCwRH1jrG5owCK+r2+SgOMB8GA1UdIwQY
MBaAFIf0XjpAadT169X25kIdjTyr4wkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9SZU9rQnAxUFhyMWZibVFoMk5QS3ZqQ1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84YmRmZDMtZDVhMS00NWI5LTkyOTYt
NjMxOWJiMDc5YzQ0LzEvX2dNNGF0d0xCRWZXT3NibWpBSXI2dmI1S0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84YmRmZDMtZDVhMS00NWI5LTkyOTYtNjMxOWJiMDc5YzQ0
LzEvaF9SZU9rQnAxUFhyMWZibVFoMk5QS3ZqQ1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ/MMA0E
AgACMAcDBQMqCdtAMA0GCSqGSIb3DQEBCwUAA4IBAQBjRnHMVAjMbT51QgUNKXmN
PZdu3PzGVbFewC8C03LGuDpziyaNfoo2mVl5yf0Y9CPS5Avf5oZIeRJYgwKiBQ1c
favSBuCete1MOCEqimhqkKfoflnaeKaFzfUDmByXOJOPlrpGR0wvRZ3PWFHfK3ud
JKLZz3NYzjcgd2QVPsk7pFNhll7MN+onyRqjh87qF1BfZzPaF2roCrY/RLUVVrJv
vGMBoEB8dvE+2pUT1InHpC10YoU9gD+qQdrN2d4qUMebtTKRtGPE0/nsusCvIKQn
W0YIeGph/oyPa7gtq760hKlXtpSy2OCVMl/AyXZdlhpP9maHbDxBCNZRxs4NaMJc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org