Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/40427e-74fa-4a66-837d-a523bacdc2be/1/DSPn4uFSVGq6bTfcpWdBG4sCyOE.roa
File:                     DSPn4uFSVGq6bTfcpWdBG4sCyOE.roa (raw, json)
Hash identifier:          o5fjGR45NiVgxAGPZVgR4UNOTrEJl5CA1tMSFHArXzU=
Subject key identifier:   0D:23:E7:E2:E1:52:54:6A:BA:6D:37:DC:A5:67:41:1B:8B:02:C8:E1
Certificate issuer:       /CN=4def5b8ffbaf7d56af5d39f2f94c946d72f770f3
Certificate serial:       031804C4
Authority key identifier: 4D:EF:5B:8F:FB:AF:7D:56:AF:5D:39:F2:F9:4C:94:6D:72:F7:70:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Te9bj_uvfVavXTny-UyUbXL3cPM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/40427e-74fa-4a66-837d-a523bacdc2be/1/DSPn4uFSVGq6bTfcpWdBG4sCyOE.roa
Signing time:             Sat 01 Jan 2022 10:58:40 +0000
ROA not before:           Sat 01 Jan 2022 10:58:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208607
IP address blocks:        45.93.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51905732 (0x31804c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4def5b8ffbaf7d56af5d39f2f94c946d72f770f3
        Validity
            Not Before: Jan  1 10:58:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0d23e7e2e152546aba6d37dca567411b8b02c8e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c4:20:36:c9:39:d9:6d:f4:7c:48:d9:bf:21:
                    b2:8e:a1:de:63:81:12:23:33:9f:f6:21:e3:5e:64:
                    fe:70:cf:03:17:e2:c1:7f:b9:b3:0b:4d:6f:1c:b2:
                    8c:53:56:75:20:59:7e:85:36:a4:e1:d5:68:4e:a8:
                    a1:32:b8:60:ff:24:01:0d:8f:33:b2:4c:13:4b:cd:
                    1d:f9:bc:6b:8f:2a:f6:5b:64:d9:af:d5:9b:c4:61:
                    bb:e1:07:77:01:a1:c0:f4:3f:cf:cc:86:c1:c8:b0:
                    4e:80:a3:56:0e:d6:9b:2c:3f:29:36:3a:b4:45:39:
                    93:25:6c:d8:d6:d2:04:90:72:3d:02:c0:ba:dc:8e:
                    7d:05:f1:52:00:99:2e:ee:fd:11:7f:b5:26:b2:c5:
                    8b:a6:fa:ce:11:3e:92:e6:4a:5a:fe:a9:12:55:a6:
                    bf:99:84:27:da:49:e6:73:9c:22:b4:4d:67:80:63:
                    b6:96:61:97:8d:a0:b7:77:de:5d:d9:2c:a4:58:61:
                    82:0c:c0:d6:23:7c:1f:55:86:fb:20:49:e8:41:57:
                    dd:de:58:2d:35:5e:0d:c5:85:22:5c:b8:37:94:2c:
                    d5:e4:36:ff:3f:4d:9f:d3:77:93:02:1a:74:72:37:
                    0b:e1:0a:91:0e:f2:0c:14:f0:24:2e:76:00:85:21:
                    e8:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:23:E7:E2:E1:52:54:6A:BA:6D:37:DC:A5:67:41:1B:8B:02:C8:E1
            X509v3 Authority Key Identifier:
                keyid:4D:EF:5B:8F:FB:AF:7D:56:AF:5D:39:F2:F9:4C:94:6D:72:F7:70:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Te9bj_uvfVavXTny-UyUbXL3cPM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/40427e-74fa-4a66-837d-a523bacdc2be/1/DSPn4uFSVGq6bTfcpWdBG4sCyOE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/40427e-74fa-4a66-837d-a523bacdc2be/1/Te9bj_uvfVavXTny-UyUbXL3cPM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.93.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:67:b0:15:df:f2:3e:90:ba:6d:a6:52:a2:6f:63:0b:15:13:
         b1:20:ad:3e:c0:98:5a:5d:c8:87:28:78:80:0b:e8:5f:e6:b2:
         01:ca:09:0d:e0:45:45:da:8c:d0:cf:52:14:75:b0:43:4f:5f:
         18:33:74:3f:6d:20:b1:03:ba:5b:22:1a:dd:df:e3:d9:76:6c:
         04:83:44:6d:d1:d4:78:4b:33:92:23:59:44:e8:6c:9a:f5:53:
         7c:41:74:81:f8:7a:88:f9:3e:d5:ec:88:39:5f:eb:9e:ab:37:
         f4:b8:d1:e5:d0:e2:20:13:8c:39:78:e6:7b:66:f0:e3:75:7a:
         72:02:71:67:39:6c:8b:bc:0b:9d:b8:52:46:aa:9d:5d:ef:95:
         b3:5e:e3:52:58:08:1c:4c:e0:0c:d7:83:3d:c9:c1:4e:34:b8:
         c9:fe:4c:ea:ae:e5:3b:48:8b:b3:37:b7:9d:46:bd:5d:95:f1:
         5c:b7:ec:9f:8b:df:f5:48:67:d7:00:f6:b1:5d:01:99:a5:e3:
         7e:5c:ec:9a:26:7f:16:1b:5d:a1:1e:c7:e3:0e:26:e6:3a:6a:
         86:db:e5:cf:36:fd:66:a1:a4:6d:1f:c6:13:82:a4:db:1e:43:
         e7:87:77:c3:34:92:3e:61:7d:1e:db:a0:09:01:1d:25:cb:03:
         c7:f5:d2:e5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAxgExDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGVmNWI4ZmZiYWY3ZDU2YWY1ZDM5ZjJmOTRjOTQ2ZDcyZjc3MGYzMB4XDTIyMDEw
MTEwNTg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQyM2U3ZTJlMTUy
NTQ2YWJhNmQzN2RjYTU2NzQxMWI4YjAyYzhlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDEIDbJOdlt9HxI2b8hso6h3mOBEiMzn/Yh415k/nDPAxfi
wX+5swtNbxyyjFNWdSBZfoU2pOHVaE6ooTK4YP8kAQ2PM7JME0vNHfm8a48q9ltk
2a/Vm8Rhu+EHdwGhwPQ/z8yGwciwToCjVg7Wmyw/KTY6tEU5kyVs2NbSBJByPQLA
utyOfQXxUgCZLu79EX+1JrLFi6b6zhE+kuZKWv6pElWmv5mEJ9pJ5nOcIrRNZ4Bj
tpZhl42gt3feXdkspFhhggzA1iN8H1WG+yBJ6EFX3d5YLTVeDcWFIly4N5Qs1eQ2
/z9Nn9N3kwIadHI3C+EKkQ7yDBTwJC52AIUh6BECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQNI+fi4VJUarptN9ylZ0EbiwLI4TAfBgNVHSMEGDAWgBRN71uP+699Vq9d
OfL5TJRtcvdw8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RlOWJqX3V2ZlZhdlhUbnktVXlVYlhMM2NQTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvNDA0MjdlLTc0ZmEtNGE2Ni04MzdkLWE1MjNiYWNkYzJiZS8x
L0RTUG40dUZTVkdxNmJUZmNwV2RCRzRzQ3lPRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
NDA0MjdlLTc0ZmEtNGE2Ni04MzdkLWE1MjNiYWNkYzJiZS8xL1RlOWJqX3V2ZlZh
dlhUbnktVXlVYlhMM2NQTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1dkDANBgkqhkiG9w0BAQsFAAOC
AQEAamewFd/yPpC6baZSom9jCxUTsSCtPsCYWl3Ihyh4gAvoX+ayAcoJDeBFRdqM
0M9SFHWwQ09fGDN0P20gsQO6WyIa3d/j2XZsBINEbdHUeEszkiNZROhsmvVTfEF0
gfh6iPk+1eyIOV/rnqs39LjR5dDiIBOMOXjme2bw43V6cgJxZzlsi7wLnbhSRqqd
Xe+Vs17jUlgIHEzgDNeDPcnBTjS4yf5M6q7lO0iLsze3nUa9XZXxXLfsn4vf9Uhn
1wD2sV0BmaXjflzsmiZ/FhtdoR7H4w4m5jpqhtvlzzb9ZqGkbR/GE4Kk2x5D54d3
wzSSPmF9HtugCQEdJcsDx/XS5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:59 2024 by rpki-client on console-ams.rpki-client.org