Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/05aSWPEfjFg2o9dkveY7lwe262o.roa
File:                     05aSWPEfjFg2o9dkveY7lwe262o.roa (raw, json)
Hash identifier:          s1iBKCWzHqcS7LbM1aNp5GP0APQttTav5br+P3AUFGE=
Subject key identifier:   D3:96:92:58:F1:1F:8C:58:36:A3:D7:64:BD:E6:3B:97:07:B6:EB:6A
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       B613FA
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/05aSWPEfjFg2o9dkveY7lwe262o.roa
Signing time:             Tue 08 Feb 2022 10:02:39 +0000
ROA not before:           Tue 08 Feb 2022 10:02:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206092
IP address blocks:        45.131.194.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11932666 (0xb613fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Feb  8 10:02:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3969258f11f8c5836a3d764bde63b9707b6eb6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:2a:e4:dd:18:95:30:c6:6b:99:4e:8a:b9:9a:
                    45:4c:41:27:87:69:f6:77:f3:63:c9:3c:bf:e1:e0:
                    c0:ef:b8:bc:e9:cb:8b:a4:0b:1b:68:d6:a4:0c:52:
                    53:5e:69:6c:80:c2:03:6e:a7:dd:0b:55:16:71:40:
                    b5:a2:b6:fd:8a:00:17:3d:5a:72:e9:93:31:e3:f7:
                    42:f4:35:d4:76:49:0e:c1:bd:78:a4:22:52:ea:b7:
                    71:00:b9:21:ad:3d:2b:9c:71:2b:a8:49:49:07:02:
                    21:95:e3:74:21:91:90:56:d9:3c:34:05:7e:e5:60:
                    a6:98:a4:e8:fa:5c:fc:ba:b1:eb:ad:cf:84:75:8e:
                    b5:11:af:8d:b9:f5:85:fc:7f:91:91:9f:36:59:a4:
                    55:d5:44:b2:3d:ef:24:0f:3f:ab:9f:41:23:f8:f2:
                    e9:26:53:87:32:9b:9e:ef:50:8f:bf:17:f7:d6:29:
                    91:b6:16:74:1e:57:c0:8a:61:bc:09:41:b7:1b:1a:
                    6b:fe:6d:67:4a:7d:2d:78:bf:11:19:20:0a:09:d0:
                    b7:10:b7:b2:66:dc:cc:a8:f5:66:d3:ca:a4:46:db:
                    e1:56:51:eb:8b:de:7e:3c:bb:1b:31:fb:b1:93:eb:
                    8d:82:ab:49:92:9d:5b:1c:1d:68:a2:c7:ee:d8:fb:
                    15:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:96:92:58:F1:1F:8C:58:36:A3:D7:64:BD:E6:3B:97:07:B6:EB:6A
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/05aSWPEfjFg2o9dkveY7lwe262o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:ab:c2:cd:8c:07:ba:a8:32:28:54:32:f3:da:7b:59:4b:df:
         76:e1:ce:c0:38:2d:60:ab:38:fc:4a:6d:0d:f1:57:ec:7d:8e:
         f2:ad:1d:a9:a8:b4:38:a9:6e:0a:d3:13:56:24:24:ae:ca:83:
         9e:9a:6e:dc:33:c8:0a:00:68:5c:5d:b7:bf:ab:7a:b0:ef:4c:
         e9:56:f2:96:b8:f3:62:57:84:60:7a:aa:34:24:00:f4:fd:70:
         46:e5:84:dc:a5:d1:9a:60:76:93:18:e8:32:97:f4:25:b5:ea:
         08:2e:66:75:23:1b:8f:b9:f7:d4:01:64:90:ef:a7:9e:23:e9:
         a8:41:b0:3b:6b:75:d3:1f:9f:f7:53:08:ed:35:72:cf:aa:72:
         c4:17:4b:6d:c0:e8:3d:60:24:7c:e6:ed:c2:c6:86:45:f2:7d:
         a0:8a:22:5c:ed:ea:53:52:1e:a5:7f:dc:59:01:94:b6:8b:c1:
         3f:93:3c:7b:e4:d9:47:6b:4c:eb:0c:93:ac:bd:db:13:3f:29:
         13:22:4e:51:a7:ec:75:e6:9d:73:82:ab:60:04:51:ca:15:f8:
         33:d1:bd:09:70:1f:ff:2b:12:77:0c:fa:e5:64:ed:70:3a:af:
         90:1c:4d:6a:e6:a6:e8:9e:d4:04:a1:d7:20:be:fd:e3:e8:8a:
         79:60:24:43
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALYT+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDI5OTkwNDJjNWUyMDA2YmQ1YWViN2EwNWRlMWU5NmE1ZTczNjY0MB4XDTIyMDIw
ODEwMDIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM5NjkyNThmMTFm
OGM1ODM2YTNkNzY0YmRlNjNiOTcwN2I2ZWI2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgq5N0YlTDGa5lOirmaRUxBJ4dp9nfzY8k8v+HgwO+4vOnL
i6QLG2jWpAxSU15pbIDCA26n3QtVFnFAtaK2/YoAFz1acumTMeP3QvQ11HZJDsG9
eKQiUuq3cQC5Ia09K5xxK6hJSQcCIZXjdCGRkFbZPDQFfuVgppik6Ppc/Lqx663P
hHWOtRGvjbn1hfx/kZGfNlmkVdVEsj3vJA8/q59BI/jy6SZThzKbnu9Qj78X99Yp
kbYWdB5XwIphvAlBtxsaa/5tZ0p9LXi/ERkgCgnQtxC3smbczKj1ZtPKpEbb4VZR
64vefjy7GzH7sZPrjYKrSZKdWxwdaKLH7tj7FXMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTTlpJY8R+MWDaj12S95juXB7brajAfBgNVHSMEGDAWgBQNKZkELF4gBr1a
63oF3h6Wpec2ZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RTbVpCQ3hlSUFhOVd1dDZCZDRlbHFYbk5tUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMmMzMzE2LWVmYzctNDk1Mi05ZWZlLThjMTUzOTY1YmFjOS8x
LzA1YVNXUEVmakZnMm85ZGt2ZVk3bHdlMjYyby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MmMzMzE2LWVmYzctNDk1Mi05ZWZlLThjMTUzOTY1YmFjOS8xL0RTbVpCQ3hlSUFh
OVd1dDZCZDRlbHFYbk5tUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2DwjANBgkqhkiG9w0BAQsFAAOC
AQEAJKvCzYwHuqgyKFQy89p7WUvfduHOwDgtYKs4/EptDfFX7H2O8q0dqai0OKlu
CtMTViQkrsqDnppu3DPICgBoXF23v6t6sO9M6VbylrjzYleEYHqqNCQA9P1wRuWE
3KXRmmB2kxjoMpf0JbXqCC5mdSMbj7n31AFkkO+nniPpqEGwO2t10x+f91MI7TVy
z6pyxBdLbcDoPWAkfObtwsaGRfJ9oIoiXO3qU1IepX/cWQGUtovBP5M8e+TZR2tM
6wyTrL3bEz8pEyJOUafsdeadc4KrYARRyhX4M9G9CXAf/ysSdwz65WTtcDqvkBxN
auam6J7UBKHXIL794+iKeWAkQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org