Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/4-WksKC4nhDUa5Mx9eyy0CUuQxg.roa
File:                     4-WksKC4nhDUa5Mx9eyy0CUuQxg.roa (raw, json)
Hash identifier:          /Qr9Apm/Rr+N/budLwc8RqFjghLSKCNVB7zhkugv9zk=
Subject key identifier:   E3:E5:A4:B0:A0:B8:9E:10:D4:6B:93:31:F5:EC:B2:D0:25:2E:43:18
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       0183E91BB9824CB484B2D5632A6CAB2D2D56
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/4-WksKC4nhDUa5Mx9eyy0CUuQxg.roa
Signing time:             Tue 18 Oct 2022 03:20:51 +0000
ROA not before:           Tue 18 Oct 2022 03:20:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        45.153.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:e9:1b:b9:82:4c:b4:84:b2:d5:63:2a:6c:ab:2d:2d:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Oct 18 03:20:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e3e5a4b0a0b89e10d46b9331f5ecb2d0252e4318
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:66:1d:89:06:38:6f:f7:6b:28:19:0e:98:81:
                    d8:5f:6c:60:a4:c5:d5:80:fa:3a:c2:21:bf:c8:40:
                    80:f0:2b:82:f6:5a:10:33:77:dd:d2:02:04:d5:01:
                    1f:88:ea:7e:ea:38:bc:ab:9e:6b:a7:07:9f:38:c7:
                    14:3d:ce:90:cd:20:6e:04:62:04:d4:d3:10:68:b2:
                    17:01:72:1b:a1:83:90:cf:d2:1e:9d:b5:4f:55:3b:
                    8b:73:09:a6:58:c1:ff:21:b1:60:d6:8a:9f:af:6b:
                    18:f4:fa:3b:9c:5b:44:98:6b:a8:af:df:99:81:e5:
                    22:f0:6e:53:bc:16:8e:23:38:1d:de:c1:a6:f6:47:
                    ec:b9:62:ac:56:a1:26:cf:c5:07:5c:af:93:78:94:
                    4b:23:f2:d3:7f:ec:2f:05:60:4d:0f:f7:e6:a2:cf:
                    5c:b6:5c:a7:b5:5d:bf:af:87:0d:79:22:77:c8:db:
                    fa:d7:1f:56:08:34:28:a7:52:41:ff:78:89:10:7a:
                    d0:01:32:2e:ef:af:39:bc:3d:f3:a4:28:52:2a:e0:
                    ed:7a:89:24:f1:7c:a6:78:a4:24:21:9b:a8:a4:46:
                    13:38:d3:e1:4e:6d:dd:28:89:ea:31:1c:1a:09:d3:
                    a9:b2:72:0c:30:61:1c:7c:68:8a:61:c1:5f:20:12:
                    e9:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:E5:A4:B0:A0:B8:9E:10:D4:6B:93:31:F5:EC:B2:D0:25:2E:43:18
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/4-WksKC4nhDUa5Mx9eyy0CUuQxg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:dd:20:7d:d0:c7:b3:3e:11:e6:81:84:f6:a2:43:ba:5a:b2:
         a5:e4:fb:9e:39:0c:67:92:52:7a:cf:aa:44:66:54:2a:3f:39:
         24:b8:53:66:57:2c:35:c1:a8:62:32:6d:ef:f9:d1:58:13:d6:
         6e:04:00:19:fe:27:d2:69:fa:4e:07:ad:7a:bb:1c:7f:9e:c3:
         ad:b6:45:46:34:ef:5b:10:90:b5:4b:b3:fb:66:24:65:2c:48:
         5b:9c:0e:6d:9a:7d:01:ca:6b:e3:88:7f:21:a7:6a:91:0d:a0:
         43:61:cd:06:20:0e:ea:9b:e6:5f:8f:19:be:96:71:d5:ed:af:
         b4:a1:06:22:ad:17:53:f7:8a:d0:a4:ed:bb:d9:82:c6:de:b4:
         16:ac:a4:1f:30:c1:e0:aa:d6:e3:c3:76:73:90:97:cc:9d:24:
         67:81:6a:b4:e9:7f:4a:eb:ff:6d:c6:24:bf:5f:57:87:2d:16:
         3f:10:f1:d1:4d:1d:5b:fd:5a:52:28:34:81:5c:46:07:2b:d1:
         a5:1f:6b:53:e8:af:81:0f:9c:a0:22:30:d8:d2:7a:7c:b3:69:
         8a:72:9f:a0:6e:db:05:8d:20:05:8a:93:cd:8f:25:5b:ea:5c:
         81:8c:bd:ee:3a:1f:0e:c1:79:3f:31:61:ba:53:16:02:bd:86:
         31:1e:7d:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPpG7mCTLSEstVjKmyrLS1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjIxMDE4MDMyMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2U1YTRiMGEwYjg5ZTEwZDQ2YjkzMzFmNWVjYjJkMDI1MmU0MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWYdiQY4b/drKBkOmIHYX2xgpMXV
gPo6wiG/yECA8CuC9loQM3fd0gIE1QEfiOp+6ji8q55rpwefOMcUPc6QzSBuBGIE
1NMQaLIXAXIboYOQz9IenbVPVTuLcwmmWMH/IbFg1oqfr2sY9Po7nFtEmGuor9+Z
geUi8G5TvBaOIzgd3sGm9kfsuWKsVqEmz8UHXK+TeJRLI/LTf+wvBWBND/fmos9c
tlyntV2/r4cNeSJ3yNv61x9WCDQop1JB/3iJEHrQATIu7685vD3zpChSKuDteokk
8XymeKQkIZuopEYTONPhTm3dKInqMRwaCdOpsnIMMGEcfGiKYcFfIBLpRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOPlpLCguJ4Q1GuTMfXsstAlLkMYMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvNC1Xa3NLQzRuaERVYTVNeDlleXkwQ1V1UXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZl8MA0G
CSqGSIb3DQEBCwUAA4IBAQBY3SB90MezPhHmgYT2okO6WrKl5PueOQxnklJ6z6pE
ZlQqPzkkuFNmVyw1wahiMm3v+dFYE9ZuBAAZ/ifSafpOB616uxx/nsOttkVGNO9b
EJC1S7P7ZiRlLEhbnA5tmn0BymvjiH8hp2qRDaBDYc0GIA7qm+Zfjxm+lnHV7a+0
oQYirRdT94rQpO272YLG3rQWrKQfMMHgqtbjw3ZzkJfMnSRngWq06X9K6/9txiS/
X1eHLRY/EPHRTR1b/VpSKDSBXEYHK9GlH2tT6K+BD5ygIjDY0np8s2mKcp+gbtsF
jSAFipPNjyVb6lyBjL3uOh8OwXk/MWG6UxYCvYYxHn0U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org