Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/gMMNgfOa4G2gMtcscqyCMvpnRTc.roa
File:                     gMMNgfOa4G2gMtcscqyCMvpnRTc.roa (raw, json)
Hash identifier:          7NuGLFxZ0+ECUJZ7xq1ULqHHNjuf/NuPo8Zb4A35ajs=
Subject key identifier:   80:C3:0D:81:F3:9A:E0:6D:A0:32:D7:2C:72:AC:82:32:FA:67:45:37
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       067A2044
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/gMMNgfOa4G2gMtcscqyCMvpnRTc.roa
Signing time:             Sat 01 Jan 2022 07:00:52 +0000
ROA not before:           Sat 01 Jan 2022 07:00:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57844
IP address blocks:        45.154.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 108666948 (0x67a2044)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jan  1 07:00:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=80c30d81f39ae06da032d72c72ac8232fa674537
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:85:03:47:f1:d9:54:d7:b8:20:be:47:57:f6:
                    96:32:18:5d:60:f7:3c:c2:d7:ba:6b:be:23:97:23:
                    d7:2c:4e:ec:f7:3e:75:02:80:5d:a7:5e:19:ec:b9:
                    80:41:82:81:d2:ee:eb:6f:44:9d:60:35:4b:94:f7:
                    72:f5:13:df:b1:bf:43:63:db:af:ba:9f:8a:2f:ab:
                    4d:4b:3e:81:ad:65:b2:0b:38:09:7c:a0:f6:9d:39:
                    91:dd:0c:0c:0f:e7:6c:4a:e1:2e:c1:ae:02:70:7b:
                    a0:d5:d9:80:1d:86:9d:cc:84:6c:e4:ee:fb:2f:0f:
                    c8:63:4d:91:a4:ba:30:6a:48:89:d2:b4:98:e6:aa:
                    84:be:0d:40:06:af:30:0c:9d:62:11:3f:43:f4:ec:
                    6b:5f:c7:16:de:80:dd:3c:86:55:f0:72:5e:66:f2:
                    4b:1c:ce:e8:07:fe:4d:18:a1:8e:b8:4b:d5:51:66:
                    a1:2c:46:63:d5:af:11:f8:54:5d:2e:61:0e:5f:ed:
                    6b:53:33:cb:30:2c:bf:db:90:af:05:de:29:f0:1d:
                    97:bf:b5:ef:b7:c6:69:9f:e6:97:24:fc:62:8a:9d:
                    f0:ab:f9:42:9a:c8:3d:c0:2b:5b:9f:93:82:f9:42:
                    65:7d:d3:a9:e1:36:5c:28:7a:bf:c6:3c:eb:9c:23:
                    06:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:C3:0D:81:F3:9A:E0:6D:A0:32:D7:2C:72:AC:82:32:FA:67:45:37
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/gMMNgfOa4G2gMtcscqyCMvpnRTc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:20:aa:e0:5b:03:94:a3:c9:d0:15:c2:8d:0c:b1:e9:20:d6:
         61:78:b0:b7:49:d3:d7:59:e6:df:e5:ef:0b:17:73:41:31:f5:
         6d:53:d6:5c:33:ae:6c:47:42:c8:99:aa:75:c3:3d:10:fd:19:
         98:e7:6f:a9:a2:86:18:5f:51:b3:9c:cb:52:d4:25:02:a1:af:
         9a:cf:0b:54:4c:02:f0:42:8b:c9:75:b4:d0:ee:17:36:7d:18:
         56:b5:2c:ea:5b:a1:6f:47:22:07:96:66:ca:29:85:f3:8a:f2:
         50:4d:a6:54:60:04:e0:a6:be:5f:a5:f9:56:2a:da:ac:07:34:
         d5:71:83:9f:8c:f7:f9:c8:3e:52:d1:77:6d:8c:56:09:fe:0f:
         6d:05:c5:f9:66:cf:e6:f1:28:ab:56:90:60:2f:a7:ba:28:01:
         fe:36:20:ec:f1:75:4e:09:b4:19:6d:1b:e2:7a:8f:35:d0:aa:
         97:f9:96:2f:53:49:52:d9:53:0a:76:92:7a:eb:74:e6:16:7d:
         d5:59:b8:22:e2:22:85:52:5b:cd:5e:5f:29:a6:01:5a:f3:e2:
         8d:9f:e8:84:f7:0e:fe:62:ce:0b:b9:b8:5e:7a:f8:7f:8c:17:
         3d:f7:d1:3e:90:80:14:bd:75:b9:f6:28:6a:e2:e0:82:71:a5:
         81:2f:a8:5e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBnogRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTNkYTIwMTk5MDlkOWZjMzc4MjlmZDllYzI5ZDk0OGVjZmY3YzkyMB4XDTIyMDEw
MTA3MDA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODBjMzBkODFmMzlh
ZTA2ZGEwMzJkNzJjNzJhYzgyMzJmYTY3NDUzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyFA0fx2VTXuCC+R1f2ljIYXWD3PMLXumu+I5cj1yxO7Pc+
dQKAXadeGey5gEGCgdLu629EnWA1S5T3cvUT37G/Q2Pbr7qfii+rTUs+ga1lsgs4
CXyg9p05kd0MDA/nbErhLsGuAnB7oNXZgB2GncyEbOTu+y8PyGNNkaS6MGpIidK0
mOaqhL4NQAavMAydYhE/Q/Tsa1/HFt6A3TyGVfByXmbySxzO6Af+TRihjrhL1VFm
oSxGY9WvEfhUXS5hDl/ta1MzyzAsv9uQrwXeKfAdl7+177fGaZ/mlyT8Yoqd8Kv5
QprIPcArW5+TgvlCZX3TqeE2XCh6v8Y865wjBoMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSAww2B85rgbaAy1yxyrIIy+mdFNzAfBgNVHSMEGDAWgBTZPaIBmQnZ/DeC
n9nsKdlI7P98kjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8x
L2dNTU5nZk9hNEcyZ010Y3NjcXlDTXZwblJUYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
NDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8xLzJUMmlBWmtKMmZ3
M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2anDANBgkqhkiG9w0BAQsFAAOC
AQEAHyCq4FsDlKPJ0BXCjQyx6SDWYXiwt0nT11nm3+XvCxdzQTH1bVPWXDOubEdC
yJmqdcM9EP0ZmOdvqaKGGF9Rs5zLUtQlAqGvms8LVEwC8EKLyXW00O4XNn0YVrUs
6luhb0ciB5ZmyimF84ryUE2mVGAE4Ka+X6X5VirarAc01XGDn4z3+cg+UtF3bYxW
Cf4PbQXF+WbP5vEoq1aQYC+nuigB/jYg7PF1Tgm0GW0b4nqPNdCql/mWL1NJUtlT
CnaSeut05hZ91Vm4IuIihVJbzV5fKaYBWvPijZ/ohPcO/mLOC7m4Xnr4f4wXPffR
PpCAFL11ufYoauLggnGlgS+oXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org