Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-nT5QbB3q8VHMpu2kVBMONvV7xA.roa
File:                     1-nT5QbB3q8VHMpu2kVBMONvV7xA.roa (raw, json)
Hash identifier:          rvNARVAqy5TDlCiwnlOad+IvWSAXK6HbGCU9aJW4d1o=
Subject key identifier:   FA:74:F9:41:B0:77:AB:C5:47:32:9B:B6:91:50:4C:38:DB:D5:EF:10
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       020C7934
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-nT5QbB3q8VHMpu2kVBMONvV7xA.roa
Signing time:             Tue 08 Mar 2022 22:46:14 +0000
ROA not before:           Tue 08 Mar 2022 22:46:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210558
IP address blocks:        45.154.98.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34371892 (0x20c7934)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Mar  8 22:46:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa74f941b077abc547329bb691504c38dbd5ef10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:be:36:bb:8b:70:d9:d8:7a:b0:e8:d0:36:97:
                    3c:ba:44:d8:9a:3a:fb:da:2d:24:4c:e8:55:8f:02:
                    d7:52:a4:66:d8:f8:45:21:d9:78:f1:4c:92:fe:60:
                    c7:f1:8d:ec:e1:65:c9:87:bf:64:d6:88:ac:1a:c3:
                    0f:26:49:b7:66:93:92:a3:92:dd:44:46:43:c0:d8:
                    43:8b:06:e8:cb:92:8e:48:ac:24:5b:74:87:32:08:
                    76:17:38:33:11:bf:4c:2b:1f:30:ec:80:02:b1:68:
                    e8:b4:dc:d8:c5:75:32:70:c2:6e:f1:c0:79:9c:09:
                    b9:34:b0:80:1f:c7:19:e7:10:aa:fc:2f:cd:31:a0:
                    86:52:6c:d6:64:12:48:d7:2f:1b:38:13:d3:d8:c8:
                    c4:5b:f4:5a:d9:3b:80:ee:63:da:69:89:13:9b:92:
                    47:cb:96:bc:7d:84:91:f5:91:86:0c:d4:91:3e:a8:
                    47:a5:23:33:ca:e9:47:fc:36:61:d6:2d:fa:1b:79:
                    a2:d3:ae:23:87:00:61:fb:ee:d5:fc:97:da:10:87:
                    fe:36:1b:86:dc:a6:06:3a:a5:fd:37:39:aa:c7:b9:
                    14:c3:67:95:6a:4d:11:9f:f4:cb:7d:9d:db:b3:62:
                    55:02:c1:e0:27:9b:52:85:ee:12:31:35:8a:38:e5:
                    69:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:74:F9:41:B0:77:AB:C5:47:32:9B:B6:91:50:4C:38:DB:D5:EF:10
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-nT5QbB3q8VHMpu2kVBMONvV7xA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:2e:bb:b0:da:4e:de:59:db:8f:bb:99:1a:19:5a:db:85:44:
         36:66:e7:f3:fc:2d:ed:ed:94:f8:33:0b:24:cb:64:15:98:81:
         07:a5:3f:30:09:4c:73:15:41:5b:c5:b0:c8:72:a3:97:52:37:
         45:e5:f6:fd:65:11:0e:09:5e:f3:a2:95:15:e1:4b:a5:4e:42:
         72:bd:54:74:76:df:a6:8c:e5:f3:76:65:c8:60:7f:62:a3:9c:
         1f:ff:c4:63:67:bb:08:90:3a:8f:5a:11:7c:0d:f8:5b:9a:9d:
         1f:65:b6:4e:9d:57:72:12:e0:e5:75:29:75:d4:0e:a8:be:02:
         16:f7:ee:e7:85:d2:63:a1:a1:ec:84:a1:d4:50:bf:3b:13:c1:
         74:47:d4:7a:f8:dd:3e:23:44:2b:b8:e4:80:f0:fa:fb:eb:3c:
         e8:6c:0d:23:ea:70:1b:c6:ac:c3:80:25:3e:d0:e2:77:29:df:
         77:dd:34:c5:4e:d1:48:66:7f:96:f6:0e:51:14:00:0b:f6:03:
         1a:48:2e:bf:60:fc:c5:e4:2e:62:67:fe:62:45:df:50:34:8f:
         1d:7f:84:5c:10:ea:41:0e:4a:a6:bc:59:4a:b6:5e:7b:99:7a:
         e9:6d:21:61:21:4d:c5:b4:b3:b1:d7:66:7b:8c:4c:2e:3c:60:
         4c:47:94:b9
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAgx5NDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDMw
ODIyNDYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE3NGY5NDFiMDc3
YWJjNTQ3MzI5YmI2OTE1MDRjMzhkYmQ1ZWYxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALm+NruLcNnYerDo0DaXPLpE2Jo6+9otJEzoVY8C11KkZtj4
RSHZePFMkv5gx/GN7OFlyYe/ZNaIrBrDDyZJt2aTkqOS3URGQ8DYQ4sG6MuSjkis
JFt0hzIIdhc4MxG/TCsfMOyAArFo6LTc2MV1MnDCbvHAeZwJuTSwgB/HGecQqvwv
zTGghlJs1mQSSNcvGzgT09jIxFv0Wtk7gO5j2mmJE5uSR8uWvH2EkfWRhgzUkT6o
R6UjM8rpR/w2YdYt+ht5otOuI4cAYfvu1fyX2hCH/jYbhtymBjql/Tc5qse5FMNn
lWpNEZ/0y32d27NiVQLB4CebUoXuEjE1ijjlaWkCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6dPlBsHerxUcym7aRUEw429XvEDAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzEtblQ1UWJCM3E4VkhNcHUya1ZCTU9OdlY3eEEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI5
LzJiYWFkYy0yYjdhLTRlYzAtOTVjYS01ZWM4YzhlZDYwZmQvMS9CWmRvQVRZOU4x
ZUdGUzVOQmg1MXlMNnpVRmcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtmmIwDQYJKoZIhvcNAQELBQAD
ggEBAAouu7DaTt5Z24+7mRoZWtuFRDZm5/P8Le3tlPgzCyTLZBWYgQelPzAJTHMV
QVvFsMhyo5dSN0Xl9v1lEQ4JXvOilRXhS6VOQnK9VHR236aM5fN2Zchgf2KjnB//
xGNnuwiQOo9aEXwN+FuanR9ltk6dV3IS4OV1KXXUDqi+Ahb37ueF0mOhoeyEodRQ
vzsTwXRH1Hr43T4jRCu45IDw+vvrPOhsDSPqcBvGrMOAJT7Q4ncp33fdNMVO0Uhm
f5b2DlEUAAv2AxpILr9g/MXkLmJn/mJF31A0jx1/hFwQ6kEOSqa8WUq2XnuZeult
IWEhTcW0s7HXZnuMTC48YExHlLk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org