Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/XzGM5Nc7yn1-oOlqA6A5javbBEU.roa
File:                     XzGM5Nc7yn1-oOlqA6A5javbBEU.roa (raw, json)
Hash identifier:          NX9TO4d0v3PAEXhT89beEn/RfW2VobGr5js86N75gag=
Subject key identifier:   5F:31:8C:E4:D7:3B:CA:7D:7E:A0:E9:6A:03:A0:39:8D:AB:DB:04:45
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       047161A2
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/XzGM5Nc7yn1-oOlqA6A5javbBEU.roa
Signing time:             Thu 02 Jun 2022 14:52:20 +0000
ROA not before:           Thu 02 Jun 2022 14:52:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35913
IP address blocks:        45.153.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74539426 (0x47161a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Jun  2 14:52:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5f318ce4d73bca7d7ea0e96a03a0398dabdb0445
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e0:21:ac:9e:91:d9:a9:50:69:5d:9b:24:19:
                    7e:c6:58:e5:be:27:e1:22:2c:32:62:c6:14:e0:c1:
                    dd:7d:6c:0c:42:4e:90:aa:6d:c1:c5:bf:9f:2d:34:
                    cb:79:e5:87:1a:4d:e6:a4:9d:4c:e7:bd:47:fd:02:
                    09:6e:54:8a:62:04:bc:da:ec:8e:2c:18:1d:00:e2:
                    d4:b6:6d:8f:c4:06:f8:dc:1b:a2:e2:56:e1:e1:60:
                    ac:78:bf:69:27:f4:ea:a0:19:84:d2:44:cb:de:d6:
                    72:b1:9a:f6:d3:d1:b5:fa:84:f3:b9:77:b0:60:35:
                    83:5e:57:27:ce:38:69:b8:a3:17:4d:98:a2:b9:99:
                    19:55:44:c3:ce:ba:09:04:43:c2:f8:4b:f8:44:03:
                    1c:2a:22:f5:6b:22:3f:ed:d9:55:74:de:1c:b9:46:
                    6f:b2:27:dd:fa:51:72:cf:30:de:e5:f7:51:ed:53:
                    ca:d5:f8:08:90:d4:33:9f:84:0a:50:af:20:d9:33:
                    68:bc:6c:88:f1:24:25:7f:5e:df:3d:77:3d:ec:2a:
                    a9:b1:c2:81:9b:87:2a:e6:07:aa:e2:68:0c:ed:0d:
                    59:e1:d3:31:81:a2:14:23:d6:cd:45:1c:97:ec:d9:
                    93:10:dc:88:81:e9:a8:fa:72:5f:6a:37:36:64:be:
                    54:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:31:8C:E4:D7:3B:CA:7D:7E:A0:E9:6A:03:A0:39:8D:AB:DB:04:45
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/XzGM5Nc7yn1-oOlqA6A5javbBEU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:1d:92:dd:0c:d8:78:cf:e3:09:a2:e2:30:12:08:72:62:0a:
         22:90:ec:c6:00:42:a7:f8:11:29:92:24:67:4b:be:23:31:52:
         0d:52:48:c8:29:c1:33:7d:b2:5f:eb:a6:45:1b:79:2c:0c:eb:
         f4:8e:57:f7:7e:a9:0f:e9:ff:9f:48:88:f5:63:50:09:5a:31:
         4e:91:24:85:b0:e7:38:6a:3a:a6:51:e7:5f:c3:2a:c7:73:b9:
         10:5d:b6:93:56:d3:2a:bb:be:e5:0f:92:db:e1:ef:6f:48:b6:
         45:4c:02:2c:07:19:ff:0f:ff:5a:57:fd:8a:29:34:1a:b9:0e:
         38:cc:71:4d:df:e1:a8:09:12:17:3f:a8:9f:7f:4f:97:6d:e3:
         5e:d7:4b:e2:75:47:f2:52:23:6f:57:b2:1e:b0:fd:be:8c:2a:
         49:f8:d4:e0:8b:c3:33:d5:54:3c:06:54:34:dc:12:64:6c:90:
         e2:0c:1b:2b:34:6c:dc:48:87:d4:67:75:b9:4f:a8:6a:80:41:
         69:3a:4b:78:c7:50:96:94:23:69:5f:d7:eb:16:73:9c:2c:a3:
         c2:5b:1b:fe:39:40:60:da:a5:f6:2a:59:f5:94:d4:b0:f2:ab:
         d7:d4:d6:75:5e:dd:f4:e8:99:be:67:c8:1f:c7:21:5d:5f:7b:
         c9:5a:87:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBHFhojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDdiNDg3ODQ4ZmZmNjM1MzNkODdjMzI0ZWNjNTFjMmMzZWEyYWRiMB4XDTIyMDYw
MjE0NTIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYzMThjZTRkNzNi
Y2E3ZDdlYTBlOTZhMDNhMDM5OGRhYmRiMDQ0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3gIayekdmpUGldmyQZfsZY5b4n4SIsMmLGFODB3X1sDEJO
kKptwcW/ny00y3nlhxpN5qSdTOe9R/0CCW5UimIEvNrsjiwYHQDi1LZtj8QG+Nwb
ouJW4eFgrHi/aSf06qAZhNJEy97WcrGa9tPRtfqE87l3sGA1g15XJ844abijF02Y
ormZGVVEw866CQRDwvhL+EQDHCoi9WsiP+3ZVXTeHLlGb7In3fpRcs8w3uX3Ue1T
ytX4CJDUM5+EClCvINkzaLxsiPEkJX9e3z13PewqqbHCgZuHKuYHquJoDO0NWeHT
MYGiFCPWzUUcl+zZkxDciIHpqPpyX2o3NmS+VLUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfMYzk1zvKfX6g6WoDoDmNq9sERTAfBgNVHSMEGDAWgBQ0e0h4SP/2NTPY
fDJOzFHCw+oq2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05IdEllRWpfOWpVejJId3lUc3hSd3NQcUt0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvYmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8x
L1h6R001TmM3eW4xLW9PbHFBNkE1amF2YkJFVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
YmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8xL05IdEllRWpfOWpV
ejJId3lUc3hSd3NQcUt0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2ZfDANBgkqhkiG9w0BAQsFAAOC
AQEAaR2S3QzYeM/jCaLiMBIIcmIKIpDsxgBCp/gRKZIkZ0u+IzFSDVJIyCnBM32y
X+umRRt5LAzr9I5X936pD+n/n0iI9WNQCVoxTpEkhbDnOGo6plHnX8Mqx3O5EF22
k1bTKru+5Q+S2+Hvb0i2RUwCLAcZ/w//Wlf9iik0GrkOOMxxTd/hqAkSFz+on39P
l23jXtdL4nVH8lIjb1eyHrD9vowqSfjU4IvDM9VUPAZUNNwSZGyQ4gwbKzRs3EiH
1Gd1uU+oaoBBaTpLeMdQlpQjaV/X6xZznCyjwlsb/jlAYNql9ipZ9ZTUsPKr19TW
dV7d9OiZvmfIH8chXV97yVqH2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:12 2024 by rpki-client on console-ams.rpki-client.org