Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/gduNPw1Bkli-gmFcvzdTTeYmIYI.roa
File:                     gduNPw1Bkli-gmFcvzdTTeYmIYI.roa (raw, json)
Hash identifier:          U+F15TkYIl6N8E0+o+Z5w5X8v8N3s2XLwKS5A2qB49w=
Subject key identifier:   81:DB:8D:3F:0D:41:92:58:BE:82:61:5C:BF:37:53:4D:E6:26:21:82
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       3C5608
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/gduNPw1Bkli-gmFcvzdTTeYmIYI.roa
Signing time:             Sat 01 Jan 2022 00:56:05 +0000
ROA not before:           Sat 01 Jan 2022 00:56:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     23470
IP address blocks:        45.150.172.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3954184 (0x3c5608)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Jan  1 00:56:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=81db8d3f0d419258be82615cbf37534de6262182
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:bf:ff:3d:31:b5:7e:90:39:7d:42:8f:34:d9:
                    bf:e0:a7:f3:d4:ae:a6:51:0a:8b:af:ce:f8:93:98:
                    24:ac:fc:f4:45:e7:75:a9:78:14:65:f4:cf:20:37:
                    de:6b:99:13:45:af:e9:f9:3f:cd:2d:68:b2:9b:a0:
                    0d:e2:37:e3:69:ef:f3:c1:19:cc:63:e3:cc:a6:18:
                    35:b3:74:fb:ef:74:15:02:63:24:75:5c:39:64:82:
                    a0:08:df:a3:a1:4a:e6:d7:dd:28:9a:34:53:bc:ee:
                    87:0a:93:1d:4c:63:c6:0b:d0:64:9a:11:20:f2:15:
                    2f:62:d8:45:3a:01:96:ee:ae:73:a0:63:41:0f:12:
                    cb:c5:57:19:ce:34:fe:d6:3b:1f:31:4f:59:e6:ff:
                    67:49:62:25:6f:58:43:7b:78:05:45:2c:fe:f9:b9:
                    08:86:48:79:55:90:35:ab:33:b1:30:76:31:e0:16:
                    7b:00:cb:6e:12:2e:c5:a0:c6:51:9d:27:3f:f1:b2:
                    60:4d:54:d4:0b:5f:e1:57:4d:ef:92:10:9a:e5:0f:
                    a0:05:df:6e:bf:8c:03:3f:b9:b2:82:79:28:47:9e:
                    8f:db:8f:59:d1:a2:49:90:8a:18:fc:34:2b:56:6d:
                    d1:51:6c:03:a7:df:2e:4a:72:2f:5e:0d:f4:4d:12:
                    86:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:DB:8D:3F:0D:41:92:58:BE:82:61:5C:BF:37:53:4D:E6:26:21:82
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/gduNPw1Bkli-gmFcvzdTTeYmIYI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:f4:3c:8d:a6:98:8d:33:6f:65:6d:2c:b0:e1:a5:49:2b:c0:
         5d:70:e0:99:b3:54:61:96:c7:b1:b8:4b:6c:5a:cd:3e:6f:e7:
         16:36:a5:06:e2:51:98:4e:ee:56:e8:97:91:4c:47:5e:2e:fb:
         14:b3:6a:dd:ce:86:86:8c:06:54:7b:ea:5b:28:bf:bc:57:64:
         45:b9:34:ae:14:2d:3c:01:14:5d:67:0d:af:2f:d9:36:7c:00:
         1d:05:b3:d2:20:55:10:e2:c9:4b:8c:ba:2f:4f:be:35:80:de:
         75:44:57:db:15:42:49:a1:fd:06:d7:55:0b:e6:43:db:68:5e:
         3d:44:f2:e7:0e:0d:03:61:90:b2:02:4a:bb:09:58:75:f6:ae:
         92:44:0d:d0:2b:52:e2:aa:55:f7:3a:2f:68:6c:f9:74:36:c1:
         15:d2:9a:ba:8a:ba:36:b9:58:96:66:a0:88:d8:51:c6:25:c7:
         c5:e2:26:66:65:3e:62:46:f5:1b:37:31:84:91:76:d0:7a:cd:
         26:10:25:13:af:20:ee:52:6a:ed:c8:d3:33:6c:8a:e2:61:81:
         a2:16:c8:d8:8f:32:36:fd:a4:1b:3c:f5:e6:bf:5d:0b:ec:33:
         f2:ee:92:8d:ca:01:1c:40:4b:b6:69:8f:48:d7:e3:92:71:a8:
         d7:4f:54:a6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDPFYIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI4
MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNlNWZjNmQwHhcNMjIwMTAx
MDA1NjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MWRiOGQzZjBkNDE5
MjU4YmU4MjYxNWNiZjM3NTM0ZGU2MjYyMTgyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAy7//PTG1fpA5fUKPNNm/4Kfz1K6mUQqLr874k5gkrPz0Red1
qXgUZfTPIDfea5kTRa/p+T/NLWiym6AN4jfjae/zwRnMY+PMphg1s3T773QVAmMk
dVw5ZIKgCN+joUrm190omjRTvO6HCpMdTGPGC9BkmhEg8hUvYthFOgGW7q5zoGNB
DxLLxVcZzjT+1jsfMU9Z5v9nSWIlb1hDe3gFRSz++bkIhkh5VZA1qzOxMHYx4BZ7
AMtuEi7FoMZRnSc/8bJgTVTUC1/hV03vkhCa5Q+gBd9uv4wDP7mygnkoR56P249Z
0aJJkIoY/DQrVm3RUWwDp98uSnIvXg30TRKGTwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIHbjT8NQZJYvoJhXL83U03mJiGCMB8GA1UdIwQYMBaAFCgQeraSHvjLLeyj
63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBlLzEv
Z2R1TlB3MUJrbGktZ21GY3Z6ZFRUZVltSVlJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8w
ODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBlLzEvS0JCNnRwSWUtTXN0
N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZasMA0GCSqGSIb3DQEBCwUAA4IB
AQAO9DyNppiNM29lbSyw4aVJK8BdcOCZs1RhlsexuEtsWs0+b+cWNqUG4lGYTu5W
6JeRTEdeLvsUs2rdzoaGjAZUe+pbKL+8V2RFuTSuFC08ARRdZw2vL9k2fAAdBbPS
IFUQ4slLjLovT741gN51RFfbFUJJof0G11UL5kPbaF49RPLnDg0DYZCyAkq7CVh1
9q6SRA3QK1LiqlX3Oi9obPl0NsEV0pq6iro2uViWZqCI2FHGJcfF4iZmZT5iRvUb
NzGEkXbQes0mECUTryDuUmrtyNMzbIriYYGiFsjYjzI2/aQbPPXmv10L7DPy7pKN
ygEcQEu2aY9I1+OScajXT1Sm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:27 2023 by rpki-client on console-fra.rpki-client.org