Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/DCCXuMpS2bxFlFX6EImxJdzeu3M.roa
File:                     DCCXuMpS2bxFlFX6EImxJdzeu3M.roa (raw, json)
Hash identifier:          fJHu7CuJQoEItht1CVoQxxgc0fmbVl1Oxx5xYgpoTMc=
Subject key identifier:   0C:20:97:B8:CA:52:D9:BC:45:94:55:FA:10:89:B1:25:DC:DE:BB:73
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       03F8C280
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/DCCXuMpS2bxFlFX6EImxJdzeu3M.roa
Signing time:             Thu 14 Apr 2022 10:11:43 +0000
ROA not before:           Thu 14 Apr 2022 10:11:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     139471
IP address blocks:        45.131.178.0/24 maxlen: 24
                          91.238.114.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66634368 (0x3f8c280)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Apr 14 10:11:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0c2097b8ca52d9bc459455fa1089b125dcdebb73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:50:98:f7:f7:86:b5:54:77:64:aa:5d:7a:7b:
                    9a:c9:1e:70:09:0e:2b:4a:ae:5b:57:a8:78:e3:4d:
                    c2:28:da:a4:d8:ce:77:94:ed:0d:08:98:55:8b:91:
                    48:fc:96:2d:09:5c:88:59:3e:5e:87:aa:5e:d8:d3:
                    21:76:b1:01:76:3b:40:b3:db:83:0a:9a:b6:ae:0e:
                    c1:f9:00:17:6f:c0:74:51:b6:f9:79:f9:4d:e2:90:
                    09:c3:43:41:79:65:04:eb:3e:69:c0:e2:33:51:4a:
                    81:bb:c1:95:7b:bd:cb:e3:c2:80:84:36:f3:ba:ed:
                    33:20:21:b3:23:d0:1d:17:ad:ed:1c:0e:55:1e:bc:
                    23:91:b3:5c:fd:8b:8e:2c:56:68:20:ff:20:68:6c:
                    5f:a3:b8:9a:2b:57:a8:db:d7:69:a0:52:6f:ce:3f:
                    07:4d:cd:02:ef:f3:0a:25:46:ec:36:6b:b4:f9:f6:
                    6b:d2:4e:db:70:d7:80:c1:9b:a8:b2:c8:b6:9c:4c:
                    99:95:0a:4a:7b:c3:cf:30:bd:fd:4b:47:7b:12:b6:
                    5e:2b:63:a5:14:7a:05:69:ce:e0:6c:f5:39:88:7e:
                    d5:31:8e:e1:8b:01:7e:c4:50:40:44:36:7a:74:8f:
                    c6:68:a6:e7:bc:f7:a1:3e:5b:ec:16:60:6a:31:41:
                    3e:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:20:97:B8:CA:52:D9:BC:45:94:55:FA:10:89:B1:25:DC:DE:BB:73
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/DCCXuMpS2bxFlFX6EImxJdzeu3M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.178.0/24
                  91.238.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:90:ce:7e:5e:cf:b8:cd:91:2f:88:e9:39:de:a8:58:76:47:
         1b:aa:dc:45:40:5b:06:b7:85:1b:84:1c:5c:42:04:84:50:4c:
         d2:5c:bf:5c:64:66:32:3c:6c:0a:e1:a5:f5:8d:e9:0e:e0:f4:
         c2:22:97:9f:da:6a:ad:fd:56:df:d0:c4:2a:1d:db:0b:5f:9c:
         61:69:54:e1:c5:b6:c2:97:e8:fd:20:e6:e4:ab:91:d4:69:59:
         7c:60:4a:07:51:a0:f6:dc:f8:af:a0:1f:d4:6b:2b:f7:59:96:
         f0:af:48:5c:ba:e4:8f:1e:c5:18:2b:bc:94:22:3d:2f:22:cd:
         68:c4:0a:7b:33:54:a3:30:15:ab:c8:db:b9:d7:a3:f0:a7:22:
         49:f8:fd:6c:5e:89:fe:2d:66:4e:ec:bc:f0:97:f9:95:95:86:
         c9:eb:b1:fc:ab:c2:5a:5a:75:f5:bf:c8:dc:e1:a6:18:c5:0c:
         34:4d:b1:e3:d5:ea:47:44:a3:5c:74:7a:28:6b:1e:9b:93:ff:
         a1:ee:09:d3:f1:93:aa:ad:cf:57:f7:69:21:42:ff:73:13:63:
         f2:2c:63:8a:af:24:b5:ec:64:c6:2b:9f:05:2a:5f:23:25:74:
         92:0d:95:70:09:60:20:73:82:44:1e:93:3d:f8:b6:4e:4e:c0:
         e4:5b:4e:6d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA/jCgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDdiNDg3ODQ4ZmZmNjM1MzNkODdjMzI0ZWNjNTFjMmMzZWEyYWRiMB4XDTIyMDQx
NDEwMTE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGMyMDk3YjhjYTUy
ZDliYzQ1OTQ1NWZhMTA4OWIxMjVkY2RlYmI3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxQmPf3hrVUd2SqXXp7mskecAkOK0quW1eoeONNwijapNjO
d5TtDQiYVYuRSPyWLQlciFk+XoeqXtjTIXaxAXY7QLPbgwqatq4OwfkAF2/AdFG2
+Xn5TeKQCcNDQXllBOs+acDiM1FKgbvBlXu9y+PCgIQ287rtMyAhsyPQHRet7RwO
VR68I5GzXP2LjixWaCD/IGhsX6O4mitXqNvXaaBSb84/B03NAu/zCiVG7DZrtPn2
a9JO23DXgMGbqLLItpxMmZUKSnvDzzC9/UtHexK2XitjpRR6BWnO4Gz1OYh+1TGO
4YsBfsRQQEQ2enSPxmim57z3oT5b7BZgajFBPo8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQMIJe4ylLZvEWUVfoQibEl3N67czAfBgNVHSMEGDAWgBQ0e0h4SP/2NTPY
fDJOzFHCw+oq2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05IdEllRWpfOWpVejJId3lUc3hSd3NQcUt0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvYmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8x
L0RDQ1h1TXBTMmJ4RmxGWDZFSW14SmR6ZXUzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
YmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8xL05IdEllRWpfOWpV
ejJId3lUc3hSd3NQcUt0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2DsgMEAFvucjANBgkqhkiG9w0B
AQsFAAOCAQEAJpDOfl7PuM2RL4jpOd6oWHZHG6rcRUBbBreFG4QcXEIEhFBM0ly/
XGRmMjxsCuGl9Y3pDuD0wiKXn9pqrf1W39DEKh3bC1+cYWlU4cW2wpfo/SDm5KuR
1GlZfGBKB1Gg9tz4r6Af1Gsr91mW8K9IXLrkjx7FGCu8lCI9LyLNaMQKezNUozAV
q8jbudej8KciSfj9bF6J/i1mTuy88Jf5lZWGyeux/KvCWlp19b/I3OGmGMUMNE2x
49XqR0SjXHR6KGsem5P/oe4J0/GTqq3PV/dpIUL/cxNj8ixjiq8ktexkxiufBSpf
IyV0kg2VcAlgIHOCRB6TPfi2Tk7A5FtObQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org