Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/culSoJEC2mybmfnWjwHNna823iM.roa
File:                     culSoJEC2mybmfnWjwHNna823iM.roa (raw, json)
Hash identifier:          MYjI18tzG7QCYu+TPTEY9Gyvvzbvn0odQ0KTIUXrnPg=
Subject key identifier:   72:E9:52:A0:91:02:DA:6C:9B:99:F9:D6:8F:01:CD:9D:AF:36:DE:23
Certificate issuer:       /CN=df83cc17f26bc6a97c44d8a2436a95c72a94bff1
Certificate serial:       0738115A
Authority key identifier: DF:83:CC:17:F2:6B:C6:A9:7C:44:D8:A2:43:6A:95:C7:2A:94:BF:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/34PMF_Jrxql8RNiiQ2qVxyqUv_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/culSoJEC2mybmfnWjwHNna823iM.roa
Signing time:             Sat 01 Jan 2022 01:56:10 +0000
ROA not before:           Sat 01 Jan 2022 01:56:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        45.159.34.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121114970 (0x738115a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df83cc17f26bc6a97c44d8a2436a95c72a94bff1
        Validity
            Not Before: Jan  1 01:56:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72e952a09102da6c9b99f9d68f01cd9daf36de23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:58:d2:94:94:7e:23:a8:3b:86:c1:d9:19:3c:
                    cc:b8:ed:13:b1:e8:ea:30:cf:8d:d5:21:b6:73:d3:
                    c5:4f:ed:48:ed:25:aa:c0:69:88:8f:e2:69:86:3c:
                    45:04:54:ee:63:d1:3b:66:fe:77:48:e6:84:11:a2:
                    57:f5:5d:a2:65:49:2d:20:cd:e9:64:3f:74:cb:21:
                    58:fe:45:e9:48:a1:a8:83:b9:e8:7d:a5:99:f9:71:
                    e5:75:ad:7e:7b:4b:e0:14:c2:36:08:a7:c8:55:7e:
                    ad:1b:4e:5a:50:57:9d:f6:80:c1:fd:53:30:04:bf:
                    62:6e:22:ba:f1:16:ec:5e:a1:1d:a5:21:8d:9a:ff:
                    6e:84:4d:b4:a1:14:4d:b8:ae:cb:b8:22:c5:92:23:
                    41:9b:c2:27:a5:cf:19:9a:99:99:75:e4:5f:a9:fd:
                    6c:eb:62:51:02:ea:07:e0:9c:62:67:72:d0:21:6a:
                    5b:74:0a:5e:3d:bd:9d:45:a0:2e:3f:7b:b4:20:1a:
                    bc:2d:f2:75:ea:69:44:fe:a0:5b:b7:79:fe:ec:23:
                    aa:b6:ec:08:93:d5:4b:56:8f:83:28:ca:51:08:30:
                    00:ef:5c:75:ab:96:7a:e9:f7:bd:a7:c8:8c:a2:0c:
                    e6:3d:e0:64:87:40:0f:fe:f5:e8:b7:72:90:d8:78:
                    7c:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:E9:52:A0:91:02:DA:6C:9B:99:F9:D6:8F:01:CD:9D:AF:36:DE:23
            X509v3 Authority Key Identifier:
                keyid:DF:83:CC:17:F2:6B:C6:A9:7C:44:D8:A2:43:6A:95:C7:2A:94:BF:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34PMF_Jrxql8RNiiQ2qVxyqUv_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/culSoJEC2mybmfnWjwHNna823iM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/34PMF_Jrxql8RNiiQ2qVxyqUv_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:62:ac:b5:cf:4c:68:fd:5b:ca:b8:0b:2e:b7:27:dc:f3:b6:
         b4:fb:28:f8:f3:4f:05:6b:1e:f7:6f:28:51:56:0a:cc:89:e5:
         33:67:87:7f:4b:a6:5b:b5:ec:80:88:94:b5:e2:0f:d6:30:f9:
         64:37:72:fd:d8:27:ec:52:6d:94:90:d2:93:ac:2b:f0:9b:5a:
         db:5c:c5:f3:fa:27:0c:3f:74:f0:73:51:1e:24:ba:a5:09:bb:
         1b:e0:e2:88:3b:e4:b0:dc:a7:e9:9c:14:15:af:bd:d7:28:1c:
         24:70:57:85:f6:5e:bf:de:2d:3f:ec:53:bc:0b:35:c3:39:c3:
         ed:31:39:70:8f:28:6b:14:2e:a3:e8:48:77:b2:e5:28:86:64:
         2a:81:7f:7f:e5:fc:74:0d:3a:36:25:83:3e:7d:a0:06:e5:f5:
         37:e0:5a:e9:c8:11:54:39:ec:fc:11:fe:78:4f:65:ec:a6:a8:
         5a:83:1c:51:28:09:af:ca:f0:50:3f:7e:71:34:35:bc:a1:ae:
         7c:f5:34:ec:ae:66:4f:c3:f5:60:37:c1:8b:ad:25:be:e2:3e:
         4d:3d:97:3f:76:80:5d:a9:8c:89:21:86:e5:13:b2:dd:58:32:
         cb:00:b4:d5:ea:e9:36:09:40:33:be:97:de:9c:b6:dd:ec:c4:
         e1:17:22:fb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBzgRWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZjgzY2MxN2YyNmJjNmE5N2M0NGQ4YTI0MzZhOTVjNzJhOTRiZmYxMB4XDTIyMDEw
MTAxNTYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJlOTUyYTA5MTAy
ZGE2YzliOTlmOWQ2OGYwMWNkOWRhZjM2ZGUyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpY0pSUfiOoO4bB2Rk8zLjtE7Ho6jDPjdUhtnPTxU/tSO0l
qsBpiI/iaYY8RQRU7mPRO2b+d0jmhBGiV/VdomVJLSDN6WQ/dMshWP5F6UihqIO5
6H2lmflx5XWtfntL4BTCNginyFV+rRtOWlBXnfaAwf1TMAS/Ym4iuvEW7F6hHaUh
jZr/boRNtKEUTbiuy7gixZIjQZvCJ6XPGZqZmXXkX6n9bOtiUQLqB+CcYmdy0CFq
W3QKXj29nUWgLj97tCAavC3ydeppRP6gW7d5/uwjqrbsCJPVS1aPgyjKUQgwAO9c
dauWeun3vafIjKIM5j3gZIdAD/716LdykNh4fKMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRy6VKgkQLabJuZ+daPAc2drzbeIzAfBgNVHSMEGDAWgBTfg8wX8mvGqXxE
2KJDapXHKpS/8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM0UE1GX0pyeHFsOFJOaWlRMnFWeHlxVXZfRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvODQwNjgzLTUxOWMtNGE0ZC1hZTQ2LTA2OWFkM2Q2ZTViMC8x
L2N1bFNvSkVDMm15Ym1mbldqd0hObmE4MjNpTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
ODQwNjgzLTUxOWMtNGE0ZC1hZTQ2LTA2OWFkM2Q2ZTViMC8xLzM0UE1GX0pyeHFs
OFJOaWlRMnFWeHlxVXZfRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2fIjANBgkqhkiG9w0BAQsFAAOC
AQEADWKstc9MaP1byrgLLrcn3PO2tPso+PNPBWse928oUVYKzInlM2eHf0umW7Xs
gIiUteIP1jD5ZDdy/dgn7FJtlJDSk6wr8Jta21zF8/onDD908HNRHiS6pQm7G+Di
iDvksNyn6ZwUFa+91ygcJHBXhfZev94tP+xTvAs1wznD7TE5cI8oaxQuo+hId7Ll
KIZkKoF/f+X8dA06NiWDPn2gBuX1N+Ba6cgRVDns/BH+eE9l7KaoWoMcUSgJr8rw
UD9+cTQ1vKGufPU07K5mT8P1YDfBi60lvuI+TT2XP3aAXamMiSGG5ROy3VgyywC0
1erpNglAM76X3py23ezE4Rci+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:01 2024 by rpki-client on console-ams.rpki-client.org