Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/O7s_2C0o_y6TVsRwhBWq8du9uiY.roa
File:                     O7s_2C0o_y6TVsRwhBWq8du9uiY.roa (raw, json)
Hash identifier:          kR0Jzb8WuGL5z7z3qJxM6kInJbnlHnJ4roq70XT58fw=
Subject key identifier:   3B:BB:3F:D8:2D:28:FF:2E:93:56:C4:70:84:15:AA:F1:DB:BD:BA:26
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       1726376B
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/O7s_2C0o_y6TVsRwhBWq8du9uiY.roa
Signing time:             Wed 09 Mar 2022 14:23:19 +0000
ROA not before:           Wed 09 Mar 2022 14:23:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        45.84.240.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 388380523 (0x1726376b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Mar  9 14:23:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3bbb3fd82d28ff2e9356c4708415aaf1dbbdba26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:03:57:12:f2:60:f2:8a:04:cb:19:61:ef:4a:
                    a4:dc:0d:71:a5:7f:c5:33:0a:6f:61:7c:fa:57:82:
                    2f:b6:29:fb:fd:f1:59:c9:da:73:ec:5d:76:b6:18:
                    33:ad:29:66:1e:3e:aa:09:62:34:01:37:15:3f:1d:
                    85:dc:09:62:da:36:6b:96:da:4a:22:71:99:65:cb:
                    b0:61:1a:61:e6:da:53:09:d0:b7:c0:51:39:74:16:
                    8e:ac:68:dd:bf:72:33:fa:a4:ef:47:4d:d8:c3:c2:
                    b2:94:93:99:6b:b2:d0:95:fc:f8:04:fe:69:07:56:
                    09:12:4c:9f:37:90:98:2d:d7:ae:aa:af:88:97:b3:
                    da:4a:f5:c0:b6:54:f0:6a:af:67:9c:32:34:c9:01:
                    8d:5e:ec:1b:d1:0a:5b:7b:7c:57:a8:d7:e1:d3:df:
                    aa:b4:ae:53:5c:63:b9:03:9f:cd:ab:05:93:c1:5b:
                    ee:2b:75:17:11:75:20:f7:4c:7c:7a:c1:81:c0:2c:
                    fe:2f:b9:d2:d2:49:5c:74:9e:80:8e:39:4d:e9:56:
                    b2:ba:7a:13:1f:07:d9:20:5d:ab:6f:46:38:4e:5d:
                    5e:1c:8b:31:1f:fd:95:de:76:e0:59:fa:95:c8:8b:
                    ba:cd:4f:48:38:17:cf:93:cf:bb:7b:5c:61:3b:18:
                    41:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:BB:3F:D8:2D:28:FF:2E:93:56:C4:70:84:15:AA:F1:DB:BD:BA:26
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/O7s_2C0o_y6TVsRwhBWq8du9uiY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.84.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:8d:a9:53:2f:a3:2d:e8:91:e9:24:8c:40:01:0c:2c:65:a2:
         b1:c0:70:33:dc:9a:c1:a1:f0:21:19:1f:ba:09:f3:7f:06:9e:
         67:d1:2c:60:46:6c:7e:2a:c1:20:68:72:e0:87:95:9d:4b:1e:
         a3:8e:22:fe:da:f3:58:e0:ea:ad:d1:d2:23:07:91:d6:34:e7:
         9f:fc:77:1d:09:47:50:db:5f:87:e1:d4:b1:93:b9:94:dd:57:
         e2:67:00:7e:a0:64:c9:a5:c6:c6:bd:82:96:f5:3a:87:e9:4d:
         7e:ae:90:22:fa:e0:49:c5:05:bb:40:5d:7f:74:e9:19:fd:89:
         40:2c:0f:52:aa:0a:92:50:bd:8c:b8:03:6e:91:37:5d:02:2f:
         92:25:63:f7:f3:e6:db:fc:ba:f7:c5:3b:bb:70:f4:16:d3:88:
         9a:58:32:7f:d8:9f:dc:a5:ee:60:b0:19:d2:41:9b:64:e3:6f:
         ab:22:58:17:72:b9:6f:30:e4:8b:4e:64:ba:3a:a8:5e:dc:77:
         08:82:db:01:ca:4e:64:af:0a:a3:06:d7:8c:d2:d5:51:42:07:
         9a:4b:38:48:e3:1d:7b:04:fb:60:03:11:f4:3d:ea:b8:36:3f:
         ed:7d:5a:3b:a5:35:15:25:be:ff:7f:97:03:40:ee:a2:38:4e:
         e2:ff:5d:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFyY3azANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTUxNjA1YjY3NWVjZTRlMGZjZTcxNzVhZTMxYTkzZmE4MjcyYmE2MB4XDTIyMDMw
OTE0MjMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JiYjNmZDgyZDI4
ZmYyZTkzNTZjNDcwODQxNWFhZjFkYmJkYmEyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8DVxLyYPKKBMsZYe9KpNwNcaV/xTMKb2F8+leCL7Yp+/3x
Wcnac+xddrYYM60pZh4+qgliNAE3FT8dhdwJYto2a5baSiJxmWXLsGEaYebaUwnQ
t8BROXQWjqxo3b9yM/qk70dN2MPCspSTmWuy0JX8+AT+aQdWCRJMnzeQmC3Xrqqv
iJez2kr1wLZU8GqvZ5wyNMkBjV7sG9EKW3t8V6jX4dPfqrSuU1xjuQOfzasFk8Fb
7it1FxF1IPdMfHrBgcAs/i+50tJJXHSegI45TelWsrp6Ex8H2SBdq29GOE5dXhyL
MR/9ld524Fn6lciLus1PSDgXz5PPu3tcYTsYQVECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ7uz/YLSj/LpNWxHCEFarx2726JjAfBgNVHSMEGDAWgBQFUWBbZ17OTg/O
cXWuMak/qCcrpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JWRmdXMmRlems0UHpuRjFyakdwUDZnbks2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8x
L083c18yQzBvX3k2VFZzUndoQldxOGR1OXVpWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8xL0JWRmdXMmRlems0
UHpuRjFyakdwUDZnbks2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1U8DANBgkqhkiG9w0BAQsFAAOC
AQEAFY2pUy+jLeiR6SSMQAEMLGWiscBwM9yawaHwIRkfugnzfwaeZ9EsYEZsfirB
IGhy4IeVnUseo44i/trzWODqrdHSIweR1jTnn/x3HQlHUNtfh+HUsZO5lN1X4mcA
fqBkyaXGxr2ClvU6h+lNfq6QIvrgScUFu0Bdf3TpGf2JQCwPUqoKklC9jLgDbpE3
XQIvkiVj9/Pm2/y698U7u3D0FtOImlgyf9if3KXuYLAZ0kGbZONvqyJYF3K5bzDk
i05kujqoXtx3CILbAcpOZK8KowbXjNLVUUIHmks4SOMdewT7YAMR9D3quDY/7X1a
O6U1FSW+/3+XA0DuojhO4v9dAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org