Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/9OH4c4vk3Uv4JyrQKHz7NW2sKiU.roa
File:                     9OH4c4vk3Uv4JyrQKHz7NW2sKiU.roa (raw, json)
Hash identifier:          0UUR6XMzRgRUD8CN4caXg74zgl77gMS+1ODx7+aAaeM=
Subject key identifier:   F4:E1:F8:73:8B:E4:DD:4B:F8:27:2A:D0:28:7C:FB:35:6D:AC:2A:25
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       033EA765
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/9OH4c4vk3Uv4JyrQKHz7NW2sKiU.roa
Signing time:             Sat 01 Jan 2022 00:57:58 +0000
ROA not before:           Sat 01 Jan 2022 00:57:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     52000
IP address blocks:        45.150.65.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54437733 (0x33ea765)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jan  1 00:57:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f4e1f8738be4dd4bf8272ad0287cfb356dac2a25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e1:f7:f7:8c:91:a8:39:34:fc:fc:90:25:6c:
                    f8:09:fa:41:d2:cf:51:9d:5a:a3:c6:42:59:ee:e3:
                    e9:1f:eb:5a:19:d1:38:fd:7c:e0:c2:6a:43:e4:50:
                    28:cb:ab:ca:cb:92:4f:da:72:ff:6c:17:62:24:a7:
                    f2:6f:d4:f4:4d:93:54:37:cd:70:3e:2a:30:3f:a6:
                    07:89:bf:89:fb:48:c5:2e:40:78:3b:39:a0:cc:c9:
                    22:76:24:b8:4a:f8:5c:e0:a5:dc:bc:64:21:e8:31:
                    a8:00:4b:56:44:62:42:5f:33:00:70:8f:fc:0d:78:
                    26:8e:95:6d:e0:91:b3:fd:4e:28:d1:67:0a:55:39:
                    8b:25:68:0f:a4:50:39:8e:1f:21:9a:7c:dd:2f:a0:
                    07:77:bf:13:e8:0c:c5:2d:d3:61:aa:51:82:28:f1:
                    fa:61:ce:fe:52:86:9a:c7:91:ec:6e:57:2c:4a:15:
                    13:39:a3:67:77:1f:ba:e0:70:2b:15:7f:d2:a9:e9:
                    63:0d:1d:1b:13:2b:58:64:dc:a1:37:0d:99:07:4b:
                    41:6d:c5:c5:59:e8:0d:4e:f4:79:28:7b:15:f4:9c:
                    20:cc:71:95:92:69:a4:ba:50:07:ed:4d:ca:99:f8:
                    3b:43:5c:12:a2:1d:ee:35:82:a3:da:0d:fc:03:d4:
                    d7:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:E1:F8:73:8B:E4:DD:4B:F8:27:2A:D0:28:7C:FB:35:6D:AC:2A:25
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/9OH4c4vk3Uv4JyrQKHz7NW2sKiU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:80:c5:c0:bd:dd:38:01:4e:1d:fb:1c:e2:c1:69:fd:dc:23:
         10:ea:2e:d6:b1:34:29:a3:00:9a:90:09:94:b7:b5:e2:fc:81:
         d2:1b:4f:bd:ce:f1:ac:6b:59:16:9e:1b:01:c1:a0:99:92:71:
         1b:10:d6:f0:0a:d4:b3:93:8a:c6:67:bf:cd:1a:f6:19:d8:4b:
         08:6a:c0:56:5d:82:81:5e:64:b4:28:b0:be:ad:a3:09:e4:9a:
         c1:8e:a0:60:4e:ba:c0:e4:a6:12:cf:22:05:5a:8e:dd:db:ab:
         38:fc:49:f6:6e:e1:f2:aa:4c:99:2e:c6:a0:dd:cb:96:38:dc:
         22:27:c5:45:75:ff:df:18:4d:8d:15:cc:23:1c:27:39:14:20:
         8d:f7:f3:83:fc:b5:58:e4:43:71:9b:68:ca:06:25:c7:a6:8b:
         a4:b9:b8:aa:fa:57:b3:08:b2:1b:cb:1b:58:5c:b0:b5:62:ff:
         54:ae:65:61:c2:50:28:24:de:9f:4d:c5:67:0b:0e:42:ca:39:
         fe:04:79:a4:43:b0:35:b1:f2:99:9a:a6:41:2d:6f:d9:e4:1f:
         f5:eb:b8:0a:02:fd:98:f0:b6:db:63:11:8e:e5:57:47:33:60:
         a9:26:df:69:2f:c7:f0:7a:bb:39:2c:4e:d5:20:33:27:d1:27:
         a5:97:e6:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAz6nZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Zjg0MTEzNTQ1ZDkwMDA3NjBmNjYwNjJhNDIyMTkzM2EyZTk1OWQ4MB4XDTIyMDEw
MTAwNTc1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRlMWY4NzM4YmU0
ZGQ0YmY4MjcyYWQwMjg3Y2ZiMzU2ZGFjMmEyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPh9/eMkag5NPz8kCVs+An6QdLPUZ1ao8ZCWe7j6R/rWhnR
OP184MJqQ+RQKMurysuST9py/2wXYiSn8m/U9E2TVDfNcD4qMD+mB4m/iftIxS5A
eDs5oMzJInYkuEr4XOCl3LxkIegxqABLVkRiQl8zAHCP/A14Jo6VbeCRs/1OKNFn
ClU5iyVoD6RQOY4fIZp83S+gB3e/E+gMxS3TYapRgijx+mHO/lKGmseR7G5XLEoV
EzmjZ3cfuuBwKxV/0qnpYw0dGxMrWGTcoTcNmQdLQW3FxVnoDU70eSh7FfScIMxx
lZJppLpQB+1Nypn4O0NcEqId7jWCo9oN/APU18ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT04fhzi+TdS/gnKtAofPs1bawqJTAfBgNVHSMEGDAWgBS/hBE1RdkAB2D2
YGKkIhkzoulZ2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y0UVJOVVhaQUFkZzltQmlwQ0laTTZMcFdkZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvMzBkYzg1LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1NC8x
LzlPSDRjNHZrM1V2NEp5clFLSHo3Tlcyc0tpVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
MzBkYzg1LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1NC8xL3Y0UVJOVVhaQUFk
ZzltQmlwQ0laTTZMcFdkZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2WQTANBgkqhkiG9w0BAQsFAAOC
AQEAaoDFwL3dOAFOHfsc4sFp/dwjEOou1rE0KaMAmpAJlLe14vyB0htPvc7xrGtZ
Fp4bAcGgmZJxGxDW8ArUs5OKxme/zRr2GdhLCGrAVl2CgV5ktCiwvq2jCeSawY6g
YE66wOSmEs8iBVqO3durOPxJ9m7h8qpMmS7GoN3LljjcIifFRXX/3xhNjRXMIxwn
ORQgjffzg/y1WORDcZtoygYlx6aLpLm4qvpXswiyG8sbWFywtWL/VK5lYcJQKCTe
n03FZwsOQso5/gR5pEOwNbHymZqmQS1v2eQf9eu4CgL9mPC222MRjuVXRzNgqSbf
aS/H8Hq7OSxO1SAzJ9EnpZfm2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:38 2024 by rpki-client on console-fra.rpki-client.org