Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/i1qkq42hZMUvBQAeGI0SzYzkEI0.roa
File:                     i1qkq42hZMUvBQAeGI0SzYzkEI0.roa (raw, json)
Hash identifier:          rkQ2J515Th4GY17EwMzTgXpXS2Qga34Q1tqr6DQOwvU=
Subject key identifier:   8B:5A:A4:AB:8D:A1:64:C5:2F:05:00:1E:18:8D:12:CD:8C:E4:10:8D
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       0182D1816AC659CBA44764DEE22568E706A0
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/i1qkq42hZMUvBQAeGI0SzYzkEI0.roa
Signing time:             Wed 24 Aug 2022 20:18:15 +0000
ROA not before:           Wed 24 Aug 2022 20:18:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43624
IP address blocks:        45.140.147.0/24 maxlen: 24
                          185.234.247.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d1:81:6a:c6:59:cb:a4:47:64:de:e2:25:68:e7:06:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Aug 24 20:18:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8b5aa4ab8da164c52f05001e188d12cd8ce4108d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:74:8e:e4:43:d9:70:9d:4c:aa:ea:35:8e:50:
                    b4:a5:f1:7b:7a:49:38:4e:85:c1:a3:b9:56:68:83:
                    4b:22:0f:64:61:27:3f:97:53:14:0b:66:eb:8b:1e:
                    eb:ef:cd:ab:25:b1:e2:f1:1f:c8:55:f7:ac:9b:29:
                    20:24:35:ec:f9:d2:a1:fa:cb:b2:ce:d2:f7:ae:2e:
                    39:5b:97:2f:d1:3b:a0:61:75:8f:d5:73:d7:f4:5a:
                    9f:4e:6f:49:77:c4:70:ff:00:d8:84:4c:94:f1:9c:
                    a1:ae:25:06:9c:37:0b:35:53:90:07:e0:7a:e6:f5:
                    a1:54:92:af:b6:8d:de:36:b0:42:87:ca:aa:bb:4f:
                    bb:5e:3e:6f:c8:a2:df:6e:7e:7c:43:0f:ee:67:d2:
                    be:01:28:2f:26:e4:7f:66:8c:ec:39:e9:f3:29:3c:
                    97:92:20:b0:84:2e:4d:b0:f6:65:77:f1:46:e6:1d:
                    da:80:91:e1:65:f7:f8:40:73:94:dd:b6:39:31:06:
                    7e:44:ee:ac:22:2d:7f:ac:8b:89:1f:fe:47:ef:39:
                    64:87:6a:88:f4:3d:6b:8f:da:34:38:6e:0b:eb:2f:
                    14:31:fc:5f:0b:35:f5:76:b2:da:4a:fd:b9:9c:3a:
                    7d:8d:8a:1e:7b:ef:10:b6:cc:0d:c0:fd:04:3b:38:
                    2d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:5A:A4:AB:8D:A1:64:C5:2F:05:00:1E:18:8D:12:CD:8C:E4:10:8D
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/i1qkq42hZMUvBQAeGI0SzYzkEI0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.147.0/24
                  185.234.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:19:e1:17:39:53:18:21:37:95:96:ad:df:e3:df:d2:89:2b:
         dd:df:ef:e3:74:a9:3c:48:bd:c9:d1:35:25:1e:3f:c9:ed:29:
         b6:49:6b:d6:8e:0f:95:8d:49:5e:ba:1c:71:a5:ed:b1:d6:4d:
         3a:12:8a:e3:19:fc:a8:bf:aa:ea:f8:80:a8:b5:9c:c0:85:91:
         28:05:36:2d:e3:ee:db:06:d7:d9:6d:8b:3c:ef:a2:bb:dc:7b:
         a4:50:24:09:82:5a:af:74:3a:9e:75:22:63:35:11:ec:66:eb:
         3f:6b:4e:1b:35:3c:c2:a9:1f:c7:12:60:7a:73:e5:ce:68:2c:
         e7:72:41:c8:67:24:56:66:a5:74:9e:ce:d4:2f:68:f4:b6:41:
         44:ba:03:81:08:36:5a:a4:81:56:73:76:03:be:12:74:ad:1a:
         1d:4d:7e:07:96:47:04:e7:8f:70:47:32:16:c5:06:51:16:fe:
         9b:11:c5:2a:a6:53:f5:a5:5d:4d:6d:70:eb:f3:7f:93:f0:d0:
         c8:61:fe:71:aa:1a:b4:15:2c:de:19:dd:9e:2e:64:73:1d:28:
         26:c9:49:92:a8:8f:5c:cc:d2:21:8d:cb:2d:49:6e:ec:35:76:
         12:ba:80:2f:8e:b3:91:ce:38:5c:69:5e:bc:3f:db:65:37:e4:
         86:68:52:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLRgWrGWcukR2Te4iVo5wagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjIwODI0MjAxODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjVhYTRhYjhkYTE2NGM1MmYwNTAwMWUxODhkMTJjZDhjZTQxMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3SO5EPZcJ1Mquo1jlC0pfF7ekk4
ToXBo7lWaINLIg9kYSc/l1MUC2brix7r782rJbHi8R/IVfesmykgJDXs+dKh+suy
ztL3ri45W5cv0TugYXWP1XPX9FqfTm9Jd8Rw/wDYhEyU8ZyhriUGnDcLNVOQB+B6
5vWhVJKvto3eNrBCh8qqu0+7Xj5vyKLfbn58Qw/uZ9K+ASgvJuR/ZozsOenzKTyX
kiCwhC5NsPZld/FG5h3agJHhZff4QHOU3bY5MQZ+RO6sIi1/rIuJH/5H7zlkh2qI
9D1rj9o0OG4L6y8UMfxfCzX1drLaSv25nDp9jYoee+8QtswNwP0EOzgtzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFItapKuNoWTFLwUAHhiNEs2M5BCNMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvaTFxa3E0MmhaTVV2QlFBZUdJMFN6WXprRUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYyTAwQA
uer3MA0GCSqGSIb3DQEBCwUAA4IBAQCCGeEXOVMYITeVlq3f49/SiSvd3+/jdKk8
SL3J0TUlHj/J7Sm2SWvWjg+VjUleuhxxpe2x1k06EorjGfyov6rq+ICotZzAhZEo
BTYt4+7bBtfZbYs876K73HukUCQJglqvdDqedSJjNRHsZus/a04bNTzCqR/HEmB6
c+XOaCznckHIZyRWZqV0ns7UL2j0tkFEugOBCDZapIFWc3YDvhJ0rRodTX4HlkcE
549wRzIWxQZRFv6bEcUqplP1pV1NbXDr83+T8NDIYf5xqhq0FSzeGd2eLmRzHSgm
yUmSqI9czNIhjcstSW7sNXYSuoAvjrORzjhcaV68P9tlN+SGaFKY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org