Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/h2rdR8srhTU970IQuSHfXy2B9xg.roa
File:                     h2rdR8srhTU970IQuSHfXy2B9xg.roa (raw, json)
Hash identifier:          dPaTt/qYw9HEFOLdo/6rFM3YyYKzHKeZMcsgXieAg84=
Subject key identifier:   87:6A:DD:47:CB:2B:85:35:3D:EF:42:10:B9:21:DF:5F:2D:81:F7:18
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       0184A43DFCAADDDAAF191A6813FB87E58CA4
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/h2rdR8srhTU970IQuSHfXy2B9xg.roa
Signing time:             Wed 23 Nov 2022 11:27:16 +0000
ROA not before:           Wed 23 Nov 2022 11:27:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210636
IP address blocks:        45.152.149.0/24 maxlen: 24
                          45.134.21.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a4:3d:fc:aa:dd:da:af:19:1a:68:13:fb:87:e5:8c:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Nov 23 11:27:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=876add47cb2b85353def4210b921df5f2d81f718
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:e6:cb:c9:6a:f3:c1:8e:4d:b9:be:e0:fa:42:
                    bc:92:ea:ad:f6:10:f5:7f:bd:6e:98:97:14:d7:a8:
                    7e:4b:26:e3:ef:0c:ec:03:cf:20:0f:b5:a7:0f:ff:
                    5c:c3:e9:7f:86:92:2c:9b:44:cf:21:42:6b:87:99:
                    b7:72:0a:67:3b:8c:86:e2:97:ca:10:b0:c2:62:e4:
                    63:3c:f5:a7:1e:4d:86:82:e1:c3:84:5b:9b:1d:e6:
                    df:af:c3:c5:05:a5:07:5b:27:76:98:97:b2:b7:a4:
                    87:0c:ba:81:ee:9d:1c:4e:83:62:86:76:8c:df:7e:
                    a4:e3:4a:48:00:bb:8d:da:4d:67:12:3f:98:56:2b:
                    bf:e8:53:29:3e:49:ae:fc:cc:41:7a:11:16:e6:8e:
                    0f:17:81:b7:bc:34:99:3f:62:e7:7e:d9:a9:a0:61:
                    fd:ef:12:ca:df:9e:4d:9f:74:01:fb:56:7c:28:07:
                    b0:7e:23:74:df:dc:7a:48:d5:9a:02:9d:84:47:3d:
                    e9:a1:04:8f:f2:7b:e9:61:7b:f8:70:e4:7c:83:bb:
                    e7:28:f1:d7:03:9f:38:17:c0:49:85:4b:68:0a:02:
                    b4:e7:ec:0e:3b:e1:91:d6:ff:58:7e:69:a7:5f:eb:
                    fa:c2:69:f1:c5:11:bf:6d:42:bf:a2:65:a7:b3:86:
                    00:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:6A:DD:47:CB:2B:85:35:3D:EF:42:10:B9:21:DF:5F:2D:81:F7:18
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/h2rdR8srhTU970IQuSHfXy2B9xg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.134.21.0/24
                  45.152.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:5d:92:b6:0a:72:73:15:27:f7:b2:11:c2:ff:6d:6d:95:9b:
         3c:b8:21:c2:6c:76:cb:6e:7c:b3:60:bc:82:54:a6:52:85:cc:
         67:ce:18:58:9a:1b:b8:e6:dc:c7:9d:c5:ec:45:7b:1e:72:7e:
         ba:9c:09:ee:be:64:3f:13:76:16:9f:6b:23:14:12:2d:ed:a0:
         1a:87:4e:6b:7e:fc:f8:3d:c4:bb:bf:f4:43:fe:2e:21:b6:98:
         18:19:5f:1b:23:85:e6:d4:9e:23:49:92:f7:8d:7c:76:95:7c:
         d9:f3:34:6c:22:0e:01:1c:9c:5a:b9:3d:ae:a2:26:8a:57:e7:
         cc:f8:5b:3e:72:f1:e6:04:d9:2f:f9:af:37:79:db:91:57:1d:
         e8:31:4f:ae:91:54:57:d2:c0:d3:3d:5e:75:6e:7c:a4:24:36:
         2d:9b:ba:74:92:e1:cf:fe:9d:8e:ab:16:46:e8:f4:fa:c7:17:
         4e:16:db:8f:a0:31:88:c0:d9:17:53:5d:6a:2f:a6:ce:01:41:
         62:88:28:9c:9b:d5:16:b6:3f:54:ff:1f:54:5a:ff:d6:39:f8:
         34:9d:d0:5d:f5:a6:12:5f:fd:bf:25:df:17:5a:09:5a:80:81:
         43:45:b8:ad:09:b7:7a:a7:9b:32:57:4f:73:b1:d9:b3:2a:ed:
         50:cd:e9:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSkPfyq3dqvGRpoE/uH5YykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjIxMTIzMTEyNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzZhZGQ0N2NiMmI4NTM1M2RlZjQyMTBiOTIxZGY1ZjJkODFmNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ebLyWrzwY5Nub7g+kK8kuqt9hD1
f71umJcU16h+Sybj7wzsA88gD7WnD/9cw+l/hpIsm0TPIUJrh5m3cgpnO4yG4pfK
ELDCYuRjPPWnHk2GguHDhFubHebfr8PFBaUHWyd2mJeyt6SHDLqB7p0cToNihnaM
336k40pIALuN2k1nEj+YViu/6FMpPkmu/MxBehEW5o4PF4G3vDSZP2LnftmpoGH9
7xLK355Nn3QB+1Z8KAewfiN039x6SNWaAp2ERz3poQSP8nvpYXv4cOR8g7vnKPHX
A584F8BJhUtoCgK05+wOO+GR1v9YfmmnX+v6wmnxxRG/bUK/omWns4YAfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIdq3UfLK4U1Pe9CELkh318tgfcYMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvaDJyZFI4c3JoVFU5NzBJUXVTSGZYeTJCOXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYYVAwQA
LZiVMA0GCSqGSIb3DQEBCwUAA4IBAQBiXZK2CnJzFSf3shHC/21tlZs8uCHCbHbL
bnyzYLyCVKZShcxnzhhYmhu45tzHncXsRXsecn66nAnuvmQ/E3YWn2sjFBIt7aAa
h05rfvz4PcS7v/RD/i4htpgYGV8bI4Xm1J4jSZL3jXx2lXzZ8zRsIg4BHJxauT2u
oiaKV+fM+Fs+cvHmBNkv+a83eduRVx3oMU+ukVRX0sDTPV51bnykJDYtm7p0kuHP
/p2OqxZG6PT6xxdOFtuPoDGIwNkXU11qL6bOAUFiiCicm9UWtj9U/x9UWv/WOfg0
ndBd9aYSX/2/Jd8XWglagIFDRbitCbd6p5syV09zsdmzKu1Qzeka
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:24 2024 by rpki-client on console-ams.rpki-client.org