Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/nBX5r6gPKLRVV7dX2ji9lQ25RkE.roa
File:                     nBX5r6gPKLRVV7dX2ji9lQ25RkE.roa (raw, json)
Hash identifier:          JskfrPQfVsJrklTCI/jkOADTvaMK4vaXktBtXDgCFto=
Subject key identifier:   9C:15:F9:AF:A8:0F:28:B4:55:57:B7:57:DA:38:BD:95:0D:B9:46:41
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       01823697AA192D93D4C2634110534ED4E3EB
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/nBX5r6gPKLRVV7dX2ji9lQ25RkE.roa
Signing time:             Mon 25 Jul 2022 18:21:25 +0000
ROA not before:           Mon 25 Jul 2022 18:21:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43624
IP address blocks:        45.140.147.0/24 maxlen: 24
                          185.234.247.0/24 maxlen: 24
                          45.144.29.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:36:97:aa:19:2d:93:d4:c2:63:41:10:53:4e:d4:e3:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jul 25 18:21:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9c15f9afa80f28b45557b757da38bd950db94641
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:78:15:08:b9:55:72:8a:d3:a8:59:fe:f8:12:
                    78:31:68:e5:24:0a:3f:23:b2:b6:d9:a5:33:96:86:
                    6b:0d:03:8c:28:c4:db:26:c3:5a:de:34:18:94:31:
                    a3:e0:10:17:d6:e3:bc:eb:be:f7:ae:ea:cf:86:cd:
                    8b:9d:09:66:3d:ac:62:fb:59:28:1e:f6:16:1d:3a:
                    70:3b:ba:e2:ff:42:e0:52:01:4e:b0:88:05:0c:af:
                    c9:0a:b4:b4:45:a7:94:bb:bf:d1:04:97:b7:5b:ef:
                    2e:25:ee:89:97:3e:f4:36:ca:3c:63:e1:89:29:d1:
                    18:06:d0:bb:e7:9e:97:9c:40:49:8b:0c:f5:5a:81:
                    7a:f5:9c:28:60:69:08:e2:72:26:08:21:2e:48:d0:
                    1f:e3:de:64:0a:41:4f:dd:c1:09:92:69:e7:9a:e0:
                    41:42:8d:38:82:76:e0:d6:8e:f9:8a:67:d1:d5:30:
                    77:c5:7a:bc:ef:37:b6:df:b9:2e:2c:4e:cf:44:67:
                    94:5a:ce:34:86:80:11:b6:00:a4:54:11:e0:be:18:
                    de:b4:5c:42:99:68:85:a3:7c:55:92:4f:f9:f7:62:
                    4c:fc:9d:e3:5f:2c:cd:7c:49:60:fb:6d:7b:4c:a7:
                    31:d2:57:6f:17:cb:33:47:d0:6d:cd:c7:d3:08:d2:
                    20:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:15:F9:AF:A8:0F:28:B4:55:57:B7:57:DA:38:BD:95:0D:B9:46:41
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/nBX5r6gPKLRVV7dX2ji9lQ25RkE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.147.0/24
                  45.144.29.0/24
                  185.234.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:da:4d:d6:8e:1c:79:1b:53:06:e0:7e:df:9e:de:ac:fc:9a:
         9a:63:cf:6e:79:d7:7a:b7:2e:5c:e2:0d:c9:9d:38:52:d6:ff:
         14:cf:cc:9f:b5:63:02:cb:8a:b5:af:f3:eb:4f:e7:a3:66:c0:
         45:db:d5:1f:ad:62:29:fe:58:d9:6b:ad:b6:78:61:cc:49:3c:
         e6:af:c5:69:53:ea:55:99:99:e4:63:b5:18:40:b2:1b:67:54:
         99:ff:2b:e5:f4:94:c5:cf:bb:b9:d9:a7:9c:d0:28:e5:46:4e:
         40:3f:98:16:a3:92:fb:11:cf:a3:44:b2:68:44:fb:21:bc:92:
         e6:04:8d:69:34:e4:b9:d0:2f:cc:06:3f:ea:6a:84:27:44:09:
         4d:90:dc:30:fe:4a:58:32:22:af:a2:6f:c0:4a:a4:4f:53:ba:
         a7:c9:fd:05:a7:be:b7:3d:38:50:88:7d:bb:78:d3:38:64:2c:
         b6:36:e0:49:f9:9d:5a:3b:1c:87:60:1b:ea:15:a9:3f:a5:09:
         34:cb:59:90:4a:b7:0f:6d:57:7a:73:30:03:fc:88:3e:bb:05:
         ba:62:2e:b4:e4:59:27:4b:73:b9:ae:43:b9:9a:fa:1d:8f:33:
         35:b9:24:fb:46:82:b2:ae:e0:aa:8d:07:87:b2:2a:12:90:82:
         ae:36:c2:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYI2l6oZLZPUwmNBEFNO1OPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjIwNzI1MTgyMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE1ZjlhZmE4MGYyOGI0NTU1N2I3NTdkYTM4YmQ5NTBkYjk0NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXgVCLlVcorTqFn++BJ4MWjlJAo/
I7K22aUzloZrDQOMKMTbJsNa3jQYlDGj4BAX1uO86773rurPhs2LnQlmPaxi+1ko
HvYWHTpwO7ri/0LgUgFOsIgFDK/JCrS0RaeUu7/RBJe3W+8uJe6Jlz70Nso8Y+GJ
KdEYBtC7556XnEBJiwz1WoF69ZwoYGkI4nImCCEuSNAf495kCkFP3cEJkmnnmuBB
Qo04gnbg1o75imfR1TB3xXq87ze237kuLE7PRGeUWs40hoARtgCkVBHgvhjetFxC
mWiFo3xVkk/592JM/J3jXyzNfElg+217TKcx0ldvF8szR9BtzcfTCNIgZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJwV+a+oDyi0VVe3V9o4vZUNuUZBMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvbkJYNXI2Z1BLTFJWVjdkWDJqaTlsUTI1UmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYyTAwQA
LZAdAwQAuer3MA0GCSqGSIb3DQEBCwUAA4IBAQBP2k3Wjhx5G1MG4H7fnt6s/Jqa
Y89uedd6ty5c4g3JnThS1v8Uz8yftWMCy4q1r/PrT+ejZsBF29UfrWIp/ljZa622
eGHMSTzmr8VpU+pVmZnkY7UYQLIbZ1SZ/yvl9JTFz7u52aec0CjlRk5AP5gWo5L7
Ec+jRLJoRPshvJLmBI1pNOS50C/MBj/qaoQnRAlNkNww/kpYMiKvom/ASqRPU7qn
yf0Fp763PThQiH27eNM4ZCy2NuBJ+Z1aOxyHYBvqFak/pQk0y1mQSrcPbVd6czAD
/Ig+uwW6Yi605FknS3O5rkO5mvodjzM1uST7RoKyruCqjQeHsioSkIKuNsLv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org