Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/sQFveIvB5LslrUgfrUdX1fuy-5w.roa
File:                     sQFveIvB5LslrUgfrUdX1fuy-5w.roa (raw, json)
Hash identifier:          NpuY85I5lubUkGhNXand4QIGk9SYch8ncmVEQDciSJE=
Subject key identifier:   B1:01:6F:78:8B:C1:E4:BB:25:AD:48:1F:AD:47:57:D5:FB:B2:FB:9C
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       018220146335673134DE019B248F4F5B05AF
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/sQFveIvB5LslrUgfrUdX1fuy-5w.roa
Signing time:             Thu 21 Jul 2022 09:26:23 +0000
ROA not before:           Thu 21 Jul 2022 09:26:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399471
IP address blocks:        45.134.23.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:20:14:63:35:67:31:34:de:01:9b:24:8f:4f:5b:05:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Jul 21 09:26:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b1016f788bc1e4bb25ad481fad4757d5fbb2fb9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:80:9a:e5:c1:8e:36:c5:b3:bf:c6:61:63:ae:
                    5f:26:a1:da:b8:08:5c:f3:97:d3:f4:73:c5:41:5e:
                    00:2b:55:ac:61:05:10:aa:47:08:e7:1c:77:9b:d4:
                    ab:0e:bf:36:f7:5d:15:c3:ea:e3:c1:cd:a3:52:b9:
                    ae:37:00:7d:f4:f5:11:e4:21:bc:01:3f:bd:0f:ab:
                    5e:2c:e6:d8:0f:62:cf:19:f8:1a:8e:19:ce:03:06:
                    27:7b:8a:39:45:f5:3b:b5:a0:c5:ed:ed:96:35:86:
                    fb:ad:b0:d9:93:f9:7b:38:87:44:a8:e4:57:f2:c9:
                    f1:16:c9:1b:49:d8:08:ad:38:fb:3a:31:39:9b:6a:
                    e3:4b:c6:ad:e3:8b:2e:be:70:49:76:51:02:34:2c:
                    a5:27:0f:96:26:cb:40:06:8b:40:c1:05:99:d4:e1:
                    00:cd:43:fb:46:54:a6:90:4e:e1:e2:c2:11:09:90:
                    fa:7a:73:de:98:81:e9:38:e6:28:de:76:57:a1:10:
                    29:8a:52:38:21:7d:e1:db:13:cd:1a:02:aa:9c:63:
                    1c:6a:eb:f0:9b:0b:6b:2d:cb:ea:ed:65:0b:b0:c0:
                    3e:d9:71:66:6a:93:f4:32:06:10:e2:74:f3:bb:9e:
                    cc:19:c6:03:b1:63:6f:df:cd:5a:02:c0:1d:90:ef:
                    fc:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:01:6F:78:8B:C1:E4:BB:25:AD:48:1F:AD:47:57:D5:FB:B2:FB:9C
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/sQFveIvB5LslrUgfrUdX1fuy-5w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.134.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:e4:cf:e8:8b:2a:7c:65:50:64:d8:59:d1:aa:66:67:4c:db:
         35:9f:8b:6e:c5:2a:68:00:d9:38:aa:46:85:c7:02:55:f9:6c:
         82:44:b8:ae:b5:9d:ad:ee:6c:d6:68:13:39:d9:8c:a6:6f:88:
         1e:5a:7a:91:86:18:65:44:fb:2c:38:11:6d:86:8a:30:49:03:
         59:50:2e:5a:c2:03:56:19:c0:c2:2c:f2:e5:5f:d6:bd:4f:27:
         f9:3f:88:a0:8b:25:f7:20:5b:7d:2c:72:3a:11:57:77:63:0d:
         76:8b:5b:59:86:fa:82:17:3b:44:e6:62:91:b5:f4:bd:f8:f0:
         7f:48:37:aa:cb:4d:af:f4:71:37:9e:a2:6c:47:61:57:1e:e0:
         25:bc:41:c9:3d:ba:1c:8e:53:30:dc:da:b9:8e:23:e1:53:91:
         34:3e:0c:2c:dc:53:ce:91:ba:cd:92:82:bb:af:8e:f4:0a:7e:
         cd:51:8c:29:70:8a:9b:03:8d:4e:6f:77:8c:c2:84:4e:c1:cd:
         a1:1d:8e:2d:6f:f1:b5:b2:cb:88:f4:29:a2:1b:1f:d0:5b:28:
         c1:81:85:ab:60:d9:91:67:80:4e:68:78:4a:e6:8a:0d:d5:d7:
         79:94:4b:71:17:3c:a3:fb:7b:40:9b:9f:1d:33:fd:00:47:b5:
         35:ff:97:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIgFGM1ZzE03gGbJI9PWwWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjIwNzIxMDkyNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTAxNmY3ODhiYzFlNGJiMjVhZDQ4MWZhZDQ3NTdkNWZiYjJmYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYCa5cGONsWzv8ZhY65fJqHauAhc
85fT9HPFQV4AK1WsYQUQqkcI5xx3m9SrDr82910Vw+rjwc2jUrmuNwB99PUR5CG8
AT+9D6teLObYD2LPGfgajhnOAwYne4o5RfU7taDF7e2WNYb7rbDZk/l7OIdEqORX
8snxFskbSdgIrTj7OjE5m2rjS8at44suvnBJdlECNCylJw+WJstABotAwQWZ1OEA
zUP7RlSmkE7h4sIRCZD6enPemIHpOOYo3nZXoRApilI4IX3h2xPNGgKqnGMcauvw
mwtrLcvq7WULsMA+2XFmapP0MgYQ4nTzu57MGcYDsWNv381aAsAdkO/8bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEBb3iLweS7Ja1IH61HV9X7svucMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvc1FGdmVJdkI1THNsclVnZnJVZFgxZnV5LTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYYXMA0G
CSqGSIb3DQEBCwUAA4IBAQCv5M/oiyp8ZVBk2FnRqmZnTNs1n4tuxSpoANk4qkaF
xwJV+WyCRLiutZ2t7mzWaBM52Yymb4geWnqRhhhlRPssOBFthoowSQNZUC5awgNW
GcDCLPLlX9a9Tyf5P4igiyX3IFt9LHI6EVd3Yw12i1tZhvqCFztE5mKRtfS9+PB/
SDeqy02v9HE3nqJsR2FXHuAlvEHJPbocjlMw3Nq5jiPhU5E0Pgws3FPOkbrNkoK7
r470Cn7NUYwpcIqbA41Ob3eMwoROwc2hHY4tb/G1ssuI9CmiGx/QWyjBgYWrYNmR
Z4BOaHhK5ooN1dd5lEtxFzyj+3tAm58dM/0AR7U1/5fZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org