Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/dagFiGSi9-iX-Rw_h4u1k0wJL1c.roa
File:                     dagFiGSi9-iX-Rw_h4u1k0wJL1c.roa (raw, json)
Hash identifier:          qzloVawkUylmp1VZndU1e8xKoNCUehdQNo0999Xncn8=
Subject key identifier:   75:A8:05:88:64:A2:F7:E8:97:F9:1C:3F:87:8B:B5:93:4C:09:2F:57
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       01849C09C353799C04EFD81B7DB864ED71C1
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/dagFiGSi9-iX-Rw_h4u1k0wJL1c.roa
Signing time:             Mon 21 Nov 2022 21:13:16 +0000
ROA not before:           Mon 21 Nov 2022 21:13:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44477
IP address blocks:        45.150.64.0/24 maxlen: 32
                          45.150.67.0/24 maxlen: 32
                          45.140.147.0/24 maxlen: 32
                          45.140.146.0/24 maxlen: 32
                          185.234.247.0/24 maxlen: 32
                          45.144.29.0/24 maxlen: 32
                          45.144.31.0/24 maxlen: 32
                          45.144.30.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9c:09:c3:53:79:9c:04:ef:d8:1b:7d:b8:64:ed:71:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Nov 21 21:13:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75a8058864a2f7e897f91c3f878bb5934c092f57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:5f:cd:99:34:de:c7:e7:4e:5c:cf:31:07:ed:
                    6d:22:8c:3c:25:e4:f9:66:c9:be:b6:a9:c5:b5:d0:
                    c9:42:82:c5:71:40:57:95:a1:c9:f4:cc:53:0a:7d:
                    b5:05:c9:0f:95:d3:3e:7b:57:8c:d6:27:50:ba:45:
                    14:07:9e:c6:ad:7e:22:bf:86:d6:52:58:06:df:45:
                    f8:77:b0:c6:24:c4:e1:86:2b:6e:a2:a2:f6:ce:e1:
                    8f:8a:a9:2f:90:23:1f:3c:9b:57:13:36:9e:9e:6a:
                    a9:2c:ce:d6:e6:d9:ed:c8:72:73:ee:d3:00:44:f4:
                    c7:35:65:0c:9e:70:6a:1e:c4:98:55:7e:1e:e6:0f:
                    a2:56:f8:d3:c7:d1:d6:90:67:87:71:95:32:ab:39:
                    d0:6c:82:60:46:83:ff:ba:8f:3f:74:fe:65:b3:94:
                    ce:3c:52:27:a1:81:fb:99:fd:e2:c4:b1:69:66:00:
                    ce:22:cd:e0:5c:38:63:44:22:14:32:40:60:ef:de:
                    4c:65:a4:10:9c:ee:75:ec:2f:71:65:8c:e8:86:5f:
                    fe:bb:83:44:f8:d4:cf:6f:30:7b:5b:90:1c:08:8e:
                    38:0b:0d:dd:97:78:32:78:80:fb:e6:0d:d9:27:dd:
                    4c:90:ee:d5:3a:9e:56:61:33:c7:9b:2a:56:e2:39:
                    32:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:A8:05:88:64:A2:F7:E8:97:F9:1C:3F:87:8B:B5:93:4C:09:2F:57
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/dagFiGSi9-iX-Rw_h4u1k0wJL1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.146.0/23
                  45.144.29.0-45.144.31.255
                  45.150.64.0/24
                  45.150.67.0/24
                  185.234.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:96:c8:77:25:67:d7:95:42:79:ed:13:4a:4a:18:56:11:66:
         5c:23:89:d9:37:29:5b:f8:8e:65:6e:61:1f:8f:d8:42:cb:55:
         96:86:55:75:fe:c0:1e:96:49:90:94:5a:38:0a:13:e1:5e:c4:
         53:46:5e:68:b1:83:15:2c:ff:93:15:bf:a9:23:7e:93:c7:1c:
         64:9f:2c:7e:39:14:c8:09:66:9c:04:f3:16:4e:78:da:f7:3e:
         73:ed:7d:2d:90:f9:af:14:52:59:ae:8a:b4:fa:c5:a5:47:a5:
         18:82:5d:42:87:73:4b:67:df:1d:8e:1b:4b:ac:8c:86:d6:dd:
         bd:42:47:b6:d5:19:aa:a1:50:db:30:8b:9c:35:a0:17:64:fa:
         59:1f:cc:a4:26:c6:5b:41:b7:c3:87:d1:f9:92:49:3c:db:c6:
         e6:06:52:78:92:3a:57:be:70:3d:30:3e:1f:22:5a:94:d3:af:
         29:d4:56:28:d0:84:75:11:75:3c:b8:a3:6c:f7:81:88:b8:b6:
         08:cc:28:8b:e3:0b:35:87:eb:bf:dc:b0:a1:fa:e3:88:88:7d:
         b8:ba:5a:0e:f6:90:42:b9:24:9a:c6:47:fb:68:73:6e:1b:87:
         1e:00:a8:0a:d7:77:95:75:99:6c:af:2e:e8:43:80:01:c6:79:
         f0:36:16:da
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYScCcNTeZwE79gbfbhk7XHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjIxMTIxMjExMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWE4MDU4ODY0YTJmN2U4OTdmOTFjM2Y4NzhiYjU5MzRjMDkyZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul/NmTTex+dOXM8xB+1tIow8JeT5
Zsm+tqnFtdDJQoLFcUBXlaHJ9MxTCn21BckPldM+e1eM1idQukUUB57GrX4iv4bW
UlgG30X4d7DGJMThhituoqL2zuGPiqkvkCMfPJtXEzaenmqpLM7W5tntyHJz7tMA
RPTHNWUMnnBqHsSYVX4e5g+iVvjTx9HWkGeHcZUyqznQbIJgRoP/uo8/dP5ls5TO
PFInoYH7mf3ixLFpZgDOIs3gXDhjRCIUMkBg795MZaQQnO517C9xZYzohl/+u4NE
+NTPbzB7W5AcCI44Cw3dl3gyeID75g3ZJ91MkO7VOp5WYTPHmypW4jkygQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHWoBYhkovfol/kcP4eLtZNMCS9XMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvZGFnRmlHU2k5LWlYLVJ3X2g0dTFrMHdKTDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBLYySMAwD
BAAtkB0DBAUtkAADBAAtlkADBAAtlkMDBAC56vcwDQYJKoZIhvcNAQELBQADggEB
ABiWyHclZ9eVQnntE0pKGFYRZlwjidk3KVv4jmVuYR+P2ELLVZaGVXX+wB6WSZCU
WjgKE+FexFNGXmixgxUs/5MVv6kjfpPHHGSfLH45FMgJZpwE8xZOeNr3PnPtfS2Q
+a8UUlmuirT6xaVHpRiCXUKHc0tn3x2OG0usjIbW3b1CR7bVGaqhUNswi5w1oBdk
+lkfzKQmxltBt8OH0fmSSTzbxuYGUniSOle+cD0wPh8iWpTTrynUVijQhHURdTy4
o2z3gYi4tgjMKIvjCzWH67/csKH644iIfbi6Wg72kEK5JJrGR/toc24bhx4AqArX
d5V1mWyvLuhDgAHGefA2Fto=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org