Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/iQOtjEcwsgnn4Vx6ALdCMduFPK0.roa
File:                     iQOtjEcwsgnn4Vx6ALdCMduFPK0.roa (raw, json)
Hash identifier:          fbO1cW8sYS2nMBeplw9xaaU6GEajJ5bHHWulub0RKhQ=
Subject key identifier:   89:03:AD:8C:47:30:B2:09:E7:E1:5C:7A:00:B7:42:31:DB:85:3C:AD
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       3F9376
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/iQOtjEcwsgnn4Vx6ALdCMduFPK0.roa
Signing time:             Sat 01 Jan 2022 00:56:07 +0000
ROA not before:           Sat 01 Jan 2022 00:56:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397423
IP address blocks:        45.150.173.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4166518 (0x3f9376)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Jan  1 00:56:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8903ad8c4730b209e7e15c7a00b74231db853cad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:da:41:f3:91:b0:ca:8f:89:f2:a5:63:53:7c:
                    a8:34:60:58:5b:35:ec:84:08:90:45:09:87:1b:7e:
                    db:d2:81:3d:1a:8c:ba:5f:b4:e3:f1:c0:a5:14:8d:
                    36:79:64:74:9f:d4:8d:4d:7a:f2:6a:bf:2c:98:ae:
                    36:66:36:58:7b:8f:69:6a:53:e9:f9:9d:15:17:59:
                    e1:1b:fe:0d:94:77:0b:86:31:91:e4:a2:42:46:ec:
                    64:a2:7f:87:bd:43:33:03:6a:d0:56:1d:17:1c:20:
                    e2:de:18:23:6f:a1:0b:32:3f:5c:a2:e6:38:a0:7e:
                    ca:27:c8:13:f0:73:27:c1:63:88:91:c0:21:9b:fb:
                    9b:37:06:59:bc:c8:26:83:62:72:d8:ff:b1:46:d8:
                    1b:e9:b5:ad:ee:f5:39:fc:cc:5b:c9:d1:d7:ce:d1:
                    e4:f0:8b:4a:89:d3:4f:6a:b4:61:97:a4:18:5a:2a:
                    e2:81:ae:54:7e:01:67:01:ab:0c:74:41:c6:00:09:
                    5b:37:ac:2d:3d:f5:fb:29:16:70:7f:64:0a:dc:48:
                    22:56:48:cd:b8:f1:f5:54:77:59:5d:0c:cf:5e:ac:
                    00:33:64:e2:ee:0c:4d:96:59:2b:69:ef:2f:46:c2:
                    cb:89:08:20:ba:f5:52:da:f8:ac:6d:56:f5:90:6d:
                    e3:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:03:AD:8C:47:30:B2:09:E7:E1:5C:7A:00:B7:42:31:DB:85:3C:AD
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/iQOtjEcwsgnn4Vx6ALdCMduFPK0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:67:43:3c:bd:04:d6:0a:14:76:bd:b5:94:0c:c6:eb:f6:b9:
         ba:70:00:4a:6a:6e:a1:66:1c:b3:1e:ff:71:58:48:86:cf:65:
         6a:fe:04:4d:f4:8a:63:f4:c6:8c:c2:0a:ce:41:fb:46:c6:55:
         bd:d9:eb:8c:9b:2e:e1:79:30:e0:2d:4a:ba:de:87:14:10:aa:
         6a:e9:bc:6c:0d:93:b9:ce:e3:e0:f5:14:b0:4f:dd:61:69:34:
         d7:93:8c:72:c6:d6:5d:13:b8:01:cf:db:8d:37:97:79:8b:78:
         1d:79:7b:fc:06:f1:9a:83:1f:b1:a0:2b:38:c8:99:7b:58:3e:
         38:d7:f1:6b:0c:e6:c8:0d:49:60:b6:39:f0:12:24:3e:5a:2a:
         11:1a:f6:f0:f9:fa:6e:1a:68:48:17:3f:b3:a4:79:8e:2c:fb:
         64:52:02:5d:a0:af:d4:5e:f2:3e:7b:49:e4:a3:5c:82:3a:e7:
         2f:32:65:fd:c5:fb:2f:b3:f5:1a:21:03:db:a6:ba:d1:78:ce:
         66:1c:38:7d:db:05:86:12:33:03:0c:23:6a:3f:d4:81:31:8e:
         f5:f2:33:24:9d:67:21:99:b2:95:9f:ab:d9:60:61:97:ec:73:
         aa:ab:35:ee:32:2a:eb:78:c5:aa:bf:04:23:0a:37:91:b5:80:
         a6:90:76:04
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDP5N2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI4
MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNlNWZjNmQwHhcNMjIwMTAx
MDA1NjA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4OTAzYWQ4YzQ3MzBi
MjA5ZTdlMTVjN2EwMGI3NDIzMWRiODUzY2FkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAudpB85Gwyo+J8qVjU3yoNGBYWzXshAiQRQmHG37b0oE9Goy6
X7Tj8cClFI02eWR0n9SNTXryar8smK42ZjZYe49palPp+Z0VF1nhG/4NlHcLhjGR
5KJCRuxkon+HvUMzA2rQVh0XHCDi3hgjb6ELMj9couY4oH7KJ8gT8HMnwWOIkcAh
m/ubNwZZvMgmg2Jy2P+xRtgb6bWt7vU5/MxbydHXztHk8ItKidNParRhl6QYWiri
ga5UfgFnAasMdEHGAAlbN6wtPfX7KRZwf2QK3EgiVkjNuPH1VHdZXQzPXqwAM2Ti
7gxNllkrae8vRsLLiQgguvVS2visbVb1kG3jmQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIkDrYxHMLIJ5+FcegC3QjHbhTytMB8GA1UdIwQYMBaAFCgQeraSHvjLLeyj
63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBlLzEv
aVFPdGpFY3dzZ25uNFZ4NkFMZENNZHVGUEswLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8w
ODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBlLzEvS0JCNnRwSWUtTXN0
N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZatMA0GCSqGSIb3DQEBCwUAA4IB
AQBbZ0M8vQTWChR2vbWUDMbr9rm6cABKam6hZhyzHv9xWEiGz2Vq/gRN9Ipj9MaM
wgrOQftGxlW92euMmy7heTDgLUq63ocUEKpq6bxsDZO5zuPg9RSwT91haTTXk4xy
xtZdE7gBz9uNN5d5i3gdeXv8BvGagx+xoCs4yJl7WD441/FrDObIDUlgtjnwEiQ+
WioRGvbw+fpuGmhIFz+zpHmOLPtkUgJdoK/UXvI+e0nko1yCOucvMmX9xfsvs/Ua
IQPbprrReM5mHDh92wWGEjMDDCNqP9SBMY718jMknWchmbKVn6vZYGGX7HOqqzXu
MirreMWqvwQjCjeRtYCmkHYE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:27 2023 by rpki-client on console-fra.rpki-client.org