Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/RoFBYsKCLoLFBz1UQD_w-LxTI7c.roa
File:                     RoFBYsKCLoLFBz1UQD_w-LxTI7c.roa (raw, json)
Hash identifier:          VUBZOWutYDFuJzHV/Fqsv7AtZk9iY2l0ckFtVoQhcfo=
Subject key identifier:   46:81:41:62:C2:82:2E:82:C5:07:3D:54:40:3F:F0:F8:BC:53:23:B7
Certificate issuer:       /CN=b2ed1d6066f4e4654ef5f3cc70a5d905a9af8290
Certificate serial:       085E77EA
Authority key identifier: B2:ED:1D:60:66:F4:E4:65:4E:F5:F3:CC:70:A5:D9:05:A9:AF:82:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/RoFBYsKCLoLFBz1UQD_w-LxTI7c.roa
Signing time:             Sat 01 Jan 2022 05:05:22 +0000
ROA not before:           Sat 01 Jan 2022 05:05:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19905
IP address blocks:        217.145.162.0/24 maxlen: 24
                          217.145.160.0/20 maxlen: 24
                          217.145.164.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 140408810 (0x85e77ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2ed1d6066f4e4654ef5f3cc70a5d905a9af8290
        Validity
            Not Before: Jan  1 05:05:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=46814162c2822e82c5073d54403ff0f8bc5323b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:16:da:20:6c:a1:a6:a0:dc:5c:51:d0:84:90:
                    bb:58:5d:9f:db:31:cb:24:35:b9:ac:21:1c:1e:74:
                    e2:00:d0:a8:ee:00:5d:7d:0a:2d:b2:52:86:6f:f4:
                    45:c2:3d:0c:63:da:64:8c:29:1f:d3:19:7e:2d:46:
                    69:a5:cd:90:ca:11:c5:a5:a2:27:75:47:ab:a5:22:
                    d0:d4:21:5b:cb:8b:14:1e:07:bb:df:5f:0d:88:06:
                    a0:31:19:84:cc:0c:39:7e:14:0e:b0:c9:82:7c:ba:
                    5e:a9:f9:5e:25:5b:de:4b:77:45:63:41:b2:fe:b5:
                    17:16:85:2a:20:43:e6:92:19:33:e6:43:c9:16:56:
                    25:64:76:9f:ec:69:62:4d:fa:e9:0e:63:19:c4:02:
                    6c:de:34:fd:3f:7b:41:5a:27:47:5a:fb:20:86:27:
                    2a:3a:88:ba:49:b9:e8:1b:62:6d:87:22:19:df:10:
                    7d:c4:64:42:b7:86:80:86:47:a6:1d:b5:26:3e:18:
                    99:cf:1b:66:9f:03:1d:aa:a5:7e:60:60:1b:5f:67:
                    30:01:13:20:6a:fb:46:ff:bc:9c:73:21:61:fa:12:
                    78:27:1c:90:fa:ba:be:44:82:56:79:7f:d8:73:d3:
                    a9:0b:ed:8d:96:e5:80:60:15:33:af:4a:c3:f3:52:
                    5b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:81:41:62:C2:82:2E:82:C5:07:3D:54:40:3F:F0:F8:BC:53:23:B7
            X509v3 Authority Key Identifier:
                keyid:B2:ED:1D:60:66:F4:E4:65:4E:F5:F3:CC:70:A5:D9:05:A9:AF:82:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/RoFBYsKCLoLFBz1UQD_w-LxTI7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/su0dYGb05GVO9fPMcKXZBamvgpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.145.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         96:a8:c8:64:71:6e:eb:ea:eb:b7:79:f2:6a:57:d7:c9:b6:94:
         e0:e6:cf:dc:e4:16:d4:2b:94:96:47:f5:6e:83:bc:3b:95:93:
         92:7b:5b:d1:93:d4:dd:77:ff:2b:21:91:0b:23:78:1e:d1:56:
         1b:b7:90:16:dc:2c:2c:ae:cf:96:7c:52:30:a4:e3:1c:c7:72:
         2c:80:aa:53:33:35:40:99:29:51:be:00:eb:07:fc:93:6c:82:
         6f:69:d2:f2:8b:b2:68:0c:cd:89:2d:4c:a1:88:17:d1:b0:89:
         eb:79:8d:4d:41:62:7d:c2:ec:02:ac:2e:81:82:35:76:fa:f4:
         e7:be:41:6b:7c:d6:6e:18:88:33:db:5c:cd:64:18:45:b2:4d:
         50:1e:ac:57:89:d5:e2:60:12:34:99:86:7a:90:a4:6b:00:0b:
         4a:93:70:48:ec:93:f6:9f:6b:40:6a:c8:dd:8c:18:ef:26:11:
         05:03:fe:3c:49:4b:3e:71:d8:c2:f5:11:f8:18:8c:44:14:53:
         aa:72:91:53:2d:81:97:8d:2c:e1:cd:c1:03:ac:45:7b:19:40:
         9a:75:da:4b:35:7f:a8:65:d1:8a:13:e5:ed:c7:00:c9:26:a1:
         6b:ed:46:38:ed:01:48:d3:74:f7:f2:86:7f:be:fc:c3:47:3b:
         2f:5c:de:59
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECF536jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MmVkMWQ2MDY2ZjRlNDY1NGVmNWYzY2M3MGE1ZDkwNWE5YWY4MjkwMB4XDTIyMDEw
MTA1MDUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDY4MTQxNjJjMjgy
MmU4MmM1MDczZDU0NDAzZmYwZjhiYzUzMjNiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOoW2iBsoaag3FxR0ISQu1hdn9sxyyQ1uawhHB504gDQqO4A
XX0KLbJShm/0RcI9DGPaZIwpH9MZfi1GaaXNkMoRxaWiJ3VHq6Ui0NQhW8uLFB4H
u99fDYgGoDEZhMwMOX4UDrDJgny6Xqn5XiVb3kt3RWNBsv61FxaFKiBD5pIZM+ZD
yRZWJWR2n+xpYk366Q5jGcQCbN40/T97QVonR1r7IIYnKjqIukm56BtibYciGd8Q
fcRkQreGgIZHph21Jj4Ymc8bZp8DHaqlfmBgG19nMAETIGr7Rv+8nHMhYfoSeCcc
kPq6vkSCVnl/2HPTqQvtjZblgGAVM69Kw/NSW7MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRGgUFiwoIugsUHPVRAP/D4vFMjtzAfBgNVHSMEGDAWgBSy7R1gZvTkZU71
88xwpdkFqa+CkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N1MGRZR2IwNUdWTzlmUE1jS1haQmFtdmdwQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvMTE4MmNiLTVmOTUtNGNkNC1iNzJmLTQ2YjQ2ZmMwZTQ5Ni8x
L1JvRkJZc0tDTG9MRkJ6MVVRRF93LUx4VEk3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
MTE4MmNiLTVmOTUtNGNkNC1iNzJmLTQ2YjQ2ZmMwZTQ5Ni8xL3N1MGRZR2IwNUdW
TzlmUE1jS1haQmFtdmdwQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNmRoDANBgkqhkiG9w0BAQsFAAOC
AQEAlqjIZHFu6+rrt3nyalfXybaU4ObP3OQW1CuUlkf1boO8O5WTkntb0ZPU3Xf/
KyGRCyN4HtFWG7eQFtwsLK7PlnxSMKTjHMdyLICqUzM1QJkpUb4A6wf8k2yCb2nS
8ouyaAzNiS1MoYgX0bCJ63mNTUFifcLsAqwugYI1dvr0575Ba3zWbhiIM9tczWQY
RbJNUB6sV4nV4mASNJmGepCkawALSpNwSOyT9p9rQGrI3YwY7yYRBQP+PElLPnHY
wvUR+BiMRBRTqnKRUy2Bl40s4c3BA6xFexlAmnXaSzV/qGXRihPl7ccAySaha+1G
OO0BSNN09/KGf778w0c7L1zeWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:09 2024 by rpki-client on console-fra.rpki-client.org