Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/CSxgSJG1z-jFKs2g_CHaAY8OXGs.roa
File:                     CSxgSJG1z-jFKs2g_CHaAY8OXGs.roa (raw, json)
Hash identifier:          LRNT8SYSNePIcquS51xOxReNy+xACkdj8Aj4o2zpf8k=
Subject key identifier:   09:2C:60:48:91:B5:CF:E8:C5:2A:CD:A0:FC:21:DA:01:8F:0E:5C:6B
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       033AB227
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/CSxgSJG1z-jFKs2g_CHaAY8OXGs.roa
Signing time:             Sat 01 Jan 2022 00:57:56 +0000
ROA not before:           Sat 01 Jan 2022 00:57:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43624
IP address blocks:        45.150.67.0/24 maxlen: 24
                          45.140.147.0/24 maxlen: 24
                          45.140.146.0/24 maxlen: 24
                          185.234.247.0/24 maxlen: 24
                          45.144.29.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54178343 (0x33ab227)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jan  1 00:57:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=092c604891b5cfe8c52acda0fc21da018f0e5c6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:1c:c7:d5:34:ce:51:96:73:0b:c7:eb:23:a4:
                    64:f6:f6:4b:1d:d3:bc:6c:bb:94:05:df:13:1f:da:
                    b4:06:35:65:2c:49:1e:75:d6:d9:a7:c5:45:73:46:
                    40:6a:42:81:32:cb:a5:78:43:c3:cf:76:db:b5:ce:
                    0c:20:32:ba:d5:f5:1d:38:e9:eb:0b:4a:6f:fb:36:
                    7d:75:8d:c4:4d:39:55:dd:fd:ba:d5:02:da:17:4d:
                    d4:0f:4c:f8:9e:6a:a4:46:d1:1b:93:52:54:76:ab:
                    84:f3:2b:0d:61:37:15:f0:42:de:19:c9:2d:64:b7:
                    45:12:57:80:dc:dd:2c:25:7a:ba:2d:3b:cc:9a:a6:
                    d9:01:75:f6:44:92:54:12:45:4d:cd:d0:66:88:a6:
                    77:49:3a:65:a8:68:2e:80:d1:c7:cb:2a:82:4d:d5:
                    d3:37:a3:e5:80:74:b8:7f:96:c2:9c:81:0c:dd:3a:
                    5d:fd:6d:28:8e:df:f1:01:19:b4:de:17:2e:e3:89:
                    66:3a:23:1e:24:19:3a:40:fc:f7:b3:65:76:d1:70:
                    f2:e1:de:1f:49:3a:cb:57:fa:95:42:b9:31:40:02:
                    f6:a5:e7:97:d0:d7:01:6a:77:99:13:2c:63:10:53:
                    42:d0:d3:9b:12:d7:83:36:91:b6:5f:71:a3:00:9b:
                    d0:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:2C:60:48:91:B5:CF:E8:C5:2A:CD:A0:FC:21:DA:01:8F:0E:5C:6B
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/CSxgSJG1z-jFKs2g_CHaAY8OXGs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.146.0/23
                  45.144.29.0/24
                  45.150.67.0/24
                  185.234.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:8c:45:e2:27:58:b2:4f:25:fd:c0:5f:38:1c:65:85:65:a9:
         ca:44:58:a0:53:ff:4d:09:17:f6:d3:8a:0a:4e:d1:85:e5:9c:
         fd:35:9b:35:dc:84:ce:a5:62:ee:d1:c7:07:f6:7c:cd:3d:23:
         a6:7f:3d:ae:c5:67:02:ab:0c:23:09:7d:07:54:c0:46:fb:a9:
         88:d5:cd:66:24:e1:15:a3:1f:4b:b3:c0:5c:b8:52:e6:16:f4:
         89:45:2f:76:ae:1b:bf:c6:37:b0:9f:5b:7f:86:38:d8:57:56:
         20:67:68:2d:20:62:e9:b9:80:ab:fe:e6:46:21:9e:f7:5f:6e:
         9d:46:03:c0:6c:d2:4a:94:a9:ba:fe:15:5d:13:30:f4:82:0f:
         99:1f:ee:c4:a5:8c:47:70:db:b4:98:25:f8:42:ce:a5:5a:96:
         c3:f2:cb:27:38:f6:f4:ba:09:2f:7b:4f:4c:e5:55:7f:47:64:
         eb:b1:92:ef:74:e2:1b:bb:fe:61:d4:4a:a1:bc:ef:10:4a:1e:
         4a:2c:e5:e7:03:9c:ed:20:ce:1c:95:69:dc:18:05:76:95:dc:
         41:70:ca:b6:dd:91:36:01:13:56:38:e9:7f:d0:5b:d9:e0:74:
         30:e2:18:80:71:1c:ab:a9:65:c9:6d:03:31:65:88:8e:ab:81:
         25:fa:18:ea
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAzqyJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Zjg0MTEzNTQ1ZDkwMDA3NjBmNjYwNjJhNDIyMTkzM2EyZTk1OWQ4MB4XDTIyMDEw
MTAwNTc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDkyYzYwNDg5MWI1
Y2ZlOGM1MmFjZGEwZmMyMWRhMDE4ZjBlNWM2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAcx9U0zlGWcwvH6yOkZPb2Sx3TvGy7lAXfEx/atAY1ZSxJ
HnXW2afFRXNGQGpCgTLLpXhDw89227XODCAyutX1HTjp6wtKb/s2fXWNxE05Vd39
utUC2hdN1A9M+J5qpEbRG5NSVHarhPMrDWE3FfBC3hnJLWS3RRJXgNzdLCV6ui07
zJqm2QF19kSSVBJFTc3QZoimd0k6ZahoLoDRx8sqgk3V0zej5YB0uH+WwpyBDN06
Xf1tKI7f8QEZtN4XLuOJZjojHiQZOkD897NldtFw8uHeH0k6y1f6lUK5MUAC9qXn
l9DXAWp3mRMsYxBTQtDTmxLXgzaRtl9xowCb0EkCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQJLGBIkbXP6MUqzaD8IdoBjw5cazAfBgNVHSMEGDAWgBS/hBE1RdkAB2D2
YGKkIhkzoulZ2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y0UVJOVVhaQUFkZzltQmlwQ0laTTZMcFdkZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvMzBkYzg1LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1NC8x
L0NTeGdTSkcxei1qRktzMmdfQ0hhQVk4T1hHcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
MzBkYzg1LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1NC8xL3Y0UVJOVVhaQUFk
ZzltQmlwQ0laTTZMcFdkZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAS2MkgMEAC2QHQMEAC2WQwMEALnq
9zANBgkqhkiG9w0BAQsFAAOCAQEAn4xF4idYsk8l/cBfOBxlhWWpykRYoFP/TQkX
9tOKCk7RheWc/TWbNdyEzqVi7tHHB/Z8zT0jpn89rsVnAqsMIwl9B1TARvupiNXN
ZiThFaMfS7PAXLhS5hb0iUUvdq4bv8Y3sJ9bf4Y42FdWIGdoLSBi6bmAq/7mRiGe
919unUYDwGzSSpSpuv4VXRMw9IIPmR/uxKWMR3DbtJgl+ELOpVqWw/LLJzj29LoJ
L3tPTOVVf0dk67GS73TiG7v+YdRKobzvEEoeSizl5wOc7SDOHJVp3BgFdpXcQXDK
tt2RNgETVjjpf9Bb2eB0MOIYgHEcq6llyW0DMWWIjquBJfoY6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org