Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LgYqXx0M6ioRIwYZP-OaKO2CEcU.roa
File:                     LgYqXx0M6ioRIwYZP-OaKO2CEcU.roa (raw, json)
Hash identifier:          Dvt48QXNwu3NGlyMtpuiFm7MN7rDHddWFmuYd55e5g4=
Subject key identifier:   2E:06:2A:5F:1D:0C:EA:2A:11:23:06:19:3F:E3:9A:28:ED:82:11:C5
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       07A302A8
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LgYqXx0M6ioRIwYZP-OaKO2CEcU.roa
Signing time:             Thu 05 May 2022 08:11:09 +0000
ROA not before:           Thu 05 May 2022 08:11:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        45.65.112.0/23 maxlen: 24
                          45.65.114.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128123560 (0x7a302a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: May  5 08:11:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2e062a5f1d0cea2a112306193fe39a28ed8211c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d6:3f:1b:d2:06:d1:0e:eb:3d:73:77:a4:df:
                    92:ea:3a:48:db:f7:bd:db:ff:08:6e:84:a7:13:ce:
                    d4:35:65:db:d1:f1:08:aa:57:44:d2:20:ad:df:be:
                    c4:ef:f9:98:0c:d4:09:23:5f:c8:e7:4e:93:50:2b:
                    f6:d9:14:fa:66:83:fa:7e:9c:40:b2:0b:e0:1e:9f:
                    d4:3a:5b:b0:1b:74:8e:fd:2d:19:4a:a9:ef:16:05:
                    ba:6c:fe:48:c0:53:18:54:ce:f3:1e:db:eb:43:9c:
                    65:75:72:30:77:3d:85:e0:2d:e1:3d:5a:64:28:1e:
                    35:45:18:f1:5a:55:2e:5a:e5:7b:ce:88:63:ba:7e:
                    34:7f:b5:6a:73:a6:5f:d5:10:ec:f1:e9:8b:81:b5:
                    a3:17:2d:75:9b:2f:c6:78:6f:39:06:f1:ef:2f:bb:
                    3b:f5:fc:e6:38:66:3a:fe:92:ac:13:c9:a0:ad:98:
                    28:5d:15:f0:0b:8b:c5:f8:15:52:5c:66:fe:14:65:
                    b2:2a:27:4e:78:c9:43:0d:b5:c6:bc:73:64:40:e1:
                    0d:8b:78:e5:c2:6c:96:3c:ff:bd:19:20:fd:31:6c:
                    e7:be:ba:1d:6e:39:16:e4:4e:e3:16:93:73:a1:01:
                    d3:0b:2a:80:44:7b:9d:db:5e:47:76:2a:2d:cd:2e:
                    ee:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:06:2A:5F:1D:0C:EA:2A:11:23:06:19:3F:E3:9A:28:ED:82:11:C5
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LgYqXx0M6ioRIwYZP-OaKO2CEcU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2a:15:ea:cd:0b:96:92:1a:a0:f8:08:a3:7c:47:7a:3f:79:b9:
         0c:6e:7f:77:26:23:a6:6d:62:a2:61:f1:e0:b1:e6:91:4c:04:
         d1:7e:b4:34:75:76:c4:06:f2:f9:ca:8b:2e:ef:6d:ac:cd:b9:
         11:4f:ff:86:e1:e8:c8:17:1f:41:ef:70:35:ac:0a:73:f5:56:
         3b:03:26:81:38:d4:aa:b2:ef:0a:7c:fb:ec:07:f3:59:19:a7:
         e2:90:b2:6e:1f:d0:ca:e8:6b:db:2e:06:ac:e2:22:fb:9d:3d:
         0d:23:21:72:c4:05:cd:3f:15:12:c9:36:6e:e0:eb:16:e6:13:
         22:ab:5e:a9:a7:5c:d2:5c:95:82:dd:ef:b8:2c:b6:3d:23:c6:
         55:2e:7d:18:d6:51:42:57:df:28:a2:fa:13:4c:ba:e8:35:e7:
         00:7f:1a:ca:55:07:4d:e3:de:9f:1a:b6:29:75:97:9a:15:ba:
         c4:db:0b:48:31:8e:5a:4a:70:42:6c:e0:1b:79:fb:1c:5e:c3:
         d1:9f:4f:91:15:84:45:68:4b:53:58:8d:66:56:d8:bd:c8:cc:
         03:04:85:11:7b:1a:eb:78:28:d7:19:0e:22:2d:84:cf:6b:44:
         5a:0a:eb:59:11:3f:10:d6:3e:c0:55:ed:75:c9:2e:5f:17:be:
         52:ec:fd:b3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB6MCqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTNkYTIwMTk5MDlkOWZjMzc4MjlmZDllYzI5ZDk0OGVjZmY3YzkyMB4XDTIyMDUw
NTA4MTEwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUwNjJhNWYxZDBj
ZWEyYTExMjMwNjE5M2ZlMzlhMjhlZDgyMTFjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnWPxvSBtEO6z1zd6Tfkuo6SNv3vdv/CG6EpxPO1DVl29Hx
CKpXRNIgrd++xO/5mAzUCSNfyOdOk1Ar9tkU+maD+n6cQLIL4B6f1DpbsBt0jv0t
GUqp7xYFumz+SMBTGFTO8x7b60OcZXVyMHc9heAt4T1aZCgeNUUY8VpVLlrle86I
Y7p+NH+1anOmX9UQ7PHpi4G1oxctdZsvxnhvOQbx7y+7O/X85jhmOv6SrBPJoK2Y
KF0V8AuLxfgVUlxm/hRlsionTnjJQw21xrxzZEDhDYt45cJsljz/vRkg/TFs5766
HW45FuRO4xaTc6EB0wsqgER7ndteR3YqLc0u7qMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQuBipfHQzqKhEjBhk/45oo7YIRxTAfBgNVHSMEGDAWgBTZPaIBmQnZ/DeC
n9nsKdlI7P98kjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8x
L0xnWXFYeDBNNmlvUkl3WVpQLU9hS08yQ0VjVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
NDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8xLzJUMmlBWmtKMmZ3
M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1BcDANBgkqhkiG9w0BAQsFAAOC
AQEAKhXqzQuWkhqg+AijfEd6P3m5DG5/dyYjpm1iomHx4LHmkUwE0X60NHV2xAby
+cqLLu9trM25EU//huHoyBcfQe9wNawKc/VWOwMmgTjUqrLvCnz77AfzWRmn4pCy
bh/Qyuhr2y4GrOIi+509DSMhcsQFzT8VEsk2buDrFuYTIqteqadc0lyVgt3vuCy2
PSPGVS59GNZRQlffKKL6E0y66DXnAH8aylUHTePenxq2KXWXmhW6xNsLSDGOWkpw
QmzgG3n7HF7D0Z9PkRWERWhLU1iNZlbYvcjMAwSFEXsa63go1xkOIi2Ez2tEWgrr
WRE/ENY+wFXtdckuXxe+Uuz9sw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org