Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/eHzvBvvJUOypZnxB_OAUOISFaao.roa
File:                     eHzvBvvJUOypZnxB_OAUOISFaao.roa (raw, json)
Hash identifier:          GBdlFOHa2WR1y/xMqofPLRVNrhdF0uWMmqo5cpqHT2w=
Subject key identifier:   78:7C:EF:06:FB:C9:50:EC:A9:66:7C:41:FC:E0:14:38:84:85:69:AA
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       01850C567DA9C7B9A582A1760E48B60644E0
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/eHzvBvvJUOypZnxB_OAUOISFaao.roa
Signing time:             Tue 13 Dec 2022 16:34:32 +0000
ROA not before:           Tue 13 Dec 2022 16:34:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204914
IP address blocks:        45.139.196.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:0c:56:7d:a9:c7:b9:a5:82:a1:76:0e:48:b6:06:44:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Dec 13 16:34:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=787cef06fbc950eca9667c41fce01438848569aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:4c:86:a9:34:3f:fa:63:2e:d6:85:87:f9:23:
                    23:80:1d:d2:fc:08:f8:57:fb:c8:31:a5:dd:29:37:
                    d3:72:50:8f:14:42:77:c4:b1:61:b1:f5:6f:9c:36:
                    6c:52:bd:d9:2c:f9:aa:de:de:39:ec:8f:ae:92:b5:
                    c1:d8:13:32:dc:ce:92:1a:e6:9f:38:d6:ac:88:8c:
                    d0:dd:f1:40:e6:4a:50:b5:17:b1:65:5e:54:25:63:
                    b3:e5:53:84:e6:72:95:25:3f:f3:00:01:16:d4:3e:
                    04:e1:c0:dc:70:fa:70:31:dc:02:85:9c:95:16:1d:
                    ef:a3:bc:42:dd:bd:83:8c:85:36:6b:eb:6c:c5:57:
                    05:d6:56:eb:4b:c3:3d:8b:3e:f8:f5:44:d8:52:84:
                    87:58:f3:48:d5:ba:43:a2:96:48:1a:1f:42:28:83:
                    10:b4:52:23:2b:11:ca:58:78:0b:d9:0b:5e:3b:48:
                    cc:8c:0b:64:a6:22:55:9e:10:ea:fa:ce:43:23:d9:
                    75:16:16:56:7f:c3:23:a4:67:01:64:ab:35:aa:fc:
                    89:8a:df:82:a5:68:63:f4:50:92:f2:cb:0f:4c:93:
                    57:b0:fd:ce:ef:17:8a:cd:d8:51:17:53:56:ce:12:
                    e6:c2:d4:58:f7:4a:b9:b6:75:68:9b:ae:68:0a:3c:
                    ac:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:7C:EF:06:FB:C9:50:EC:A9:66:7C:41:FC:E0:14:38:84:85:69:AA
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/eHzvBvvJUOypZnxB_OAUOISFaao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.139.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:e9:7f:63:95:ef:01:36:9c:f9:f7:d7:c6:b4:7d:fb:2b:38:
         65:6d:19:01:05:e0:bf:20:e1:42:48:33:7f:91:06:e9:8b:ec:
         f8:8c:25:8a:7e:6b:6d:26:bb:6e:f3:0d:d0:99:9e:87:6b:fe:
         f8:ee:2c:2c:d1:6e:2b:61:f4:a2:41:d0:17:d2:8c:97:21:03:
         be:01:de:0f:23:62:c0:a0:a9:49:ea:6c:e1:29:7f:bb:fe:e2:
         c8:5f:b3:83:c8:23:cc:9b:91:66:3e:33:a1:f8:44:58:d4:c4:
         2a:93:17:7f:af:7e:49:a5:d6:91:a6:a8:9b:91:05:2b:3d:94:
         f9:28:ce:30:21:35:fd:5f:be:b1:05:18:d0:d5:1e:dc:0c:df:
         22:de:4b:04:bd:a8:11:0d:ba:3a:e1:44:4e:c1:66:cc:de:a7:
         54:58:08:03:8e:ca:f5:2a:00:f2:20:a1:12:e1:eb:f4:bc:74:
         c9:1c:03:0a:f0:64:31:dd:75:f5:51:cb:64:a7:b1:d0:60:09:
         9b:1f:27:1f:a6:98:08:3e:ad:97:81:61:79:16:6c:44:0e:4c:
         d2:fd:36:3e:35:78:e8:86:1f:0a:5e:76:83:c9:1d:49:d4:8f:
         94:a0:78:6c:9c:e1:21:ac:31:c6:65:7e:5a:1d:9a:ba:5c:fb:
         d7:8e:6c:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUMVn2px7mlgqF2Dki2BkTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjIxMjEzMTYzNDMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODdjZWYwNmZiYzk1MGVjYTk2NjdjNDFmY2UwMTQzODg0ODU2OWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0yGqTQ/+mMu1oWH+SMjgB3S/Aj4
V/vIMaXdKTfTclCPFEJ3xLFhsfVvnDZsUr3ZLPmq3t457I+ukrXB2BMy3M6SGuaf
ONasiIzQ3fFA5kpQtRexZV5UJWOz5VOE5nKVJT/zAAEW1D4E4cDccPpwMdwChZyV
Fh3vo7xC3b2DjIU2a+tsxVcF1lbrS8M9iz749UTYUoSHWPNI1bpDopZIGh9CKIMQ
tFIjKxHKWHgL2QteO0jMjAtkpiJVnhDq+s5DI9l1FhZWf8MjpGcBZKs1qvyJit+C
pWhj9FCS8ssPTJNXsP3O7xeKzdhRF1NWzhLmwtRY90q5tnVom65oCjys9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHh87wb7yVDsqWZ8QfzgFDiEhWmqMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvZUh6dkJ2dkpVT3lwWm54Ql9PQVVPSVNGYWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYvEMA0G
CSqGSIb3DQEBCwUAA4IBAQBr6X9jle8BNpz599fGtH37KzhlbRkBBeC/IOFCSDN/
kQbpi+z4jCWKfmttJrtu8w3QmZ6Ha/747iws0W4rYfSiQdAX0oyXIQO+Ad4PI2LA
oKlJ6mzhKX+7/uLIX7ODyCPMm5FmPjOh+ERY1MQqkxd/r35JpdaRpqibkQUrPZT5
KM4wITX9X76xBRjQ1R7cDN8i3ksEvagRDbo64UROwWbM3qdUWAgDjsr1KgDyIKES
4ev0vHTJHAMK8GQx3XX1Uctkp7HQYAmbHycfppgIPq2XgWF5FmxEDkzS/TY+NXjo
hh8KXnaDyR1J1I+UoHhsnOEhrDHGZX5aHZq6XPvXjmxr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org