Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/nivXYOM24k-eFSidYY5zTmNnBgQ.roa
File:                     nivXYOM24k-eFSidYY5zTmNnBgQ.roa (raw, json)
Hash identifier:          pOv0FFXtDur09IaJLViq8MMjxVqBMbrUrg6+/4nZNVg=
Subject key identifier:   9E:2B:D7:60:E3:36:E2:4F:9E:15:28:9D:61:8E:73:4E:63:67:06:04
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       0319DE02
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/nivXYOM24k-eFSidYY5zTmNnBgQ.roa
Signing time:             Sat 01 Jan 2022 13:59:20 +0000
ROA not before:           Sat 01 Jan 2022 13:59:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62468
IP address blocks:        45.137.9.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52026882 (0x319de02)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Jan  1 13:59:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9e2bd760e336e24f9e15289d618e734e63670604
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:75:8c:30:a9:0b:75:22:56:7d:98:1c:09:6e:
                    41:96:e2:8e:78:e1:58:47:ba:38:06:d9:d7:de:6c:
                    68:c8:70:05:10:4c:fe:0c:35:a8:e8:67:13:2c:dc:
                    bb:47:5f:f6:42:73:85:20:88:09:20:c8:e0:a0:69:
                    87:ce:d2:7c:54:1f:33:c0:dd:ed:44:c1:42:79:ed:
                    e4:93:be:8a:c7:88:82:64:31:4c:21:a0:d1:29:5e:
                    37:21:ea:ae:0d:f9:a5:2e:1f:73:6c:80:b1:1c:4b:
                    d4:78:f0:f5:d0:af:62:60:1d:76:91:2a:70:37:91:
                    13:e8:3a:9b:84:05:f1:47:12:5d:15:3d:fa:0a:74:
                    74:65:f3:8b:53:7f:7f:ac:7c:9f:ca:6e:d2:99:e5:
                    f8:b2:70:b7:f7:ec:99:9e:f2:af:72:8c:e1:c2:90:
                    de:f6:cb:fb:07:88:a9:d2:1b:d9:ee:4a:19:12:02:
                    f6:4b:f3:00:2b:83:7d:45:7b:f2:e3:43:0b:b9:ce:
                    2e:17:cb:3c:ea:e2:d9:ae:3f:f7:3d:2e:50:26:39:
                    9f:ad:d2:35:d6:7f:19:d2:18:c2:59:4c:c8:f2:df:
                    91:3f:a5:73:71:fc:03:d2:76:a5:ca:ee:dc:71:98:
                    d6:fd:11:a3:81:9d:50:71:57:67:3f:b1:5e:05:89:
                    a3:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:2B:D7:60:E3:36:E2:4F:9E:15:28:9D:61:8E:73:4E:63:67:06:04
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/nivXYOM24k-eFSidYY5zTmNnBgQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:f0:45:a0:2a:35:31:24:d0:40:cd:b4:ac:4c:81:44:bc:e3:
         e0:29:da:1d:ff:b3:de:52:9b:61:fc:e2:c9:c4:fd:ac:c1:98:
         68:91:32:96:c9:fe:57:b1:c5:c5:d7:0f:41:5c:80:9d:51:5a:
         94:f5:7b:51:88:8e:20:01:b1:37:ec:37:44:e1:32:fb:ed:25:
         23:46:db:cc:d6:5a:4d:21:a2:0e:f9:f2:63:95:c0:da:c4:3f:
         72:0b:d3:c7:f7:7b:14:1d:4a:6a:8f:a9:2a:7a:f9:e9:26:bb:
         8a:08:ef:54:63:f8:89:39:c4:a7:1b:d5:ef:9e:44:a6:fc:f3:
         0c:cd:a2:e5:ca:e0:52:69:56:b5:b1:f1:a9:5c:ac:e3:f4:62:
         48:a6:6d:d7:9a:df:a8:98:85:3d:02:7c:a5:bb:00:2a:75:6f:
         5c:f0:b0:53:7a:db:cc:69:09:22:9b:a8:13:6c:d8:e3:98:0b:
         79:fe:16:74:00:8d:df:da:c3:7f:f9:4b:2c:f8:d3:59:1d:60:
         c7:1f:cb:ff:62:af:e8:6e:37:4f:8c:0b:9e:52:69:78:58:97:
         8f:7b:55:96:2e:36:21:ac:ff:85:43:26:75:cd:22:9e:6e:db:
         a8:45:f1:c9:b1:0f:ea:59:d5:07:e3:4e:59:a4:34:09:77:8d:
         5d:df:51:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAxneAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDdiNDg3ODQ4ZmZmNjM1MzNkODdjMzI0ZWNjNTFjMmMzZWEyYWRiMB4XDTIyMDEw
MTEzNTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWUyYmQ3NjBlMzM2
ZTI0ZjllMTUyODlkNjE4ZTczNGU2MzY3MDYwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKV1jDCpC3UiVn2YHAluQZbijnjhWEe6OAbZ195saMhwBRBM
/gw1qOhnEyzcu0df9kJzhSCICSDI4KBph87SfFQfM8Dd7UTBQnnt5JO+iseIgmQx
TCGg0SleNyHqrg35pS4fc2yAsRxL1Hjw9dCvYmAddpEqcDeRE+g6m4QF8UcSXRU9
+gp0dGXzi1N/f6x8n8pu0pnl+LJwt/fsmZ7yr3KM4cKQ3vbL+weIqdIb2e5KGRIC
9kvzACuDfUV78uNDC7nOLhfLPOri2a4/9z0uUCY5n63SNdZ/GdIYwllMyPLfkT+l
c3H8A9J2pcru3HGY1v0Ro4GdUHFXZz+xXgWJo4MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSeK9dg4zbiT54VKJ1hjnNOY2cGBDAfBgNVHSMEGDAWgBQ0e0h4SP/2NTPY
fDJOzFHCw+oq2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05IdEllRWpfOWpVejJId3lUc3hSd3NQcUt0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvYmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8x
L25pdlhZT00yNGstZUZTaWRZWTV6VG1ObkJnUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
YmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8xL05IdEllRWpfOWpV
ejJId3lUc3hSd3NQcUt0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2JCTANBgkqhkiG9w0BAQsFAAOC
AQEAPvBFoCo1MSTQQM20rEyBRLzj4CnaHf+z3lKbYfziycT9rMGYaJEylsn+V7HF
xdcPQVyAnVFalPV7UYiOIAGxN+w3ROEy++0lI0bbzNZaTSGiDvnyY5XA2sQ/cgvT
x/d7FB1Kao+pKnr56Sa7igjvVGP4iTnEpxvV755EpvzzDM2i5crgUmlWtbHxqVys
4/RiSKZt15rfqJiFPQJ8pbsAKnVvXPCwU3rbzGkJIpuoE2zY45gLef4WdACN39rD
f/lLLPjTWR1gxx/L/2Kv6G43T4wLnlJpeFiXj3tVli42Iaz/hUMmdc0inm7bqEXx
ybEP6lnVB+NOWaQ0CXeNXd9Rwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org