Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/cNkvX9mB7eM1IoK2k8LildOaciY.roa
File:                     cNkvX9mB7eM1IoK2k8LildOaciY.roa (raw, json)
Hash identifier:          hZaHbKhsIV8dUtM1U0f4Rq7z8sdSzoWBjzZ6b/lqPqc=
Subject key identifier:   70:D9:2F:5F:D9:81:ED:E3:35:22:82:B6:93:C2:E2:95:D3:9A:72:26
Certificate issuer:       /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial:       0182AC69ECFC434FE722A38A1044C46B8694
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/cNkvX9mB7eM1IoK2k8LildOaciY.roa
Signing time:             Wed 17 Aug 2022 15:26:39 +0000
ROA not before:           Wed 17 Aug 2022 15:26:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206766
IP address blocks:        45.153.72.0/23 maxlen: 23
                          185.183.160.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ac:69:ec:fc:43:4f:e7:22:a3:8a:10:44:c4:6b:86:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
        Validity
            Not Before: Aug 17 15:26:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=70d92f5fd981ede3352282b693c2e295d39a7226
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:19:ec:35:a3:5a:71:01:a1:14:21:44:76:dc:
                    20:d3:30:fc:09:43:5e:88:06:8b:49:64:48:83:04:
                    90:d4:5d:7e:8b:14:0f:a0:8a:04:4a:8b:62:c0:c5:
                    d8:c4:d9:a6:c1:97:dc:bd:7f:30:e8:73:7a:2f:80:
                    05:f6:51:e2:bb:54:f4:58:1c:5f:e0:e8:0b:28:07:
                    e7:cf:da:7b:5b:9d:aa:6d:83:a0:ff:28:69:d3:cf:
                    ba:55:01:df:be:64:b1:02:ed:2e:49:89:01:7b:87:
                    35:ad:a2:68:0b:35:04:c6:44:3a:31:a1:85:9f:23:
                    fe:36:a2:40:6c:f3:52:0a:00:6d:46:57:53:b6:38:
                    99:ec:1d:06:0d:a0:ce:88:2b:e6:ab:29:ee:69:a2:
                    dd:29:ec:e0:3b:2b:a7:6c:87:f8:a9:60:c2:53:c5:
                    bc:5a:d2:c5:ce:56:d1:de:f4:90:d4:35:9b:26:38:
                    fa:e5:e2:71:8f:9a:7c:33:98:fa:1c:f6:f5:22:fd:
                    70:f0:59:45:84:ec:93:4d:e7:6d:13:4c:0a:4c:1f:
                    8e:cd:96:81:99:8b:61:25:76:08:b0:61:82:04:71:
                    5c:23:c3:94:8b:e6:25:35:1d:a2:ec:fb:4b:9e:7d:
                    db:2c:04:27:09:4f:c3:1e:58:2e:2c:af:d1:f6:73:
                    8b:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:D9:2F:5F:D9:81:ED:E3:35:22:82:B6:93:C2:E2:95:D3:9A:72:26
            X509v3 Authority Key Identifier:
                keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/cNkvX9mB7eM1IoK2k8LildOaciY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.72.0/23
                  185.183.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:ba:5e:32:4c:60:59:84:68:b8:6c:29:8a:09:f4:31:63:06:
         29:81:1b:61:9c:c7:08:f6:09:cf:84:23:b6:58:1c:82:5f:e8:
         1d:9d:b9:74:9f:96:cc:a2:f0:66:14:ec:c6:a6:76:b7:ca:e9:
         0f:7c:57:dd:a4:74:8e:d0:de:44:e9:6c:92:70:4c:a7:78:10:
         38:e4:9c:92:80:c3:99:7c:13:45:77:1d:6e:b1:68:9f:b9:01:
         5d:b2:92:6c:59:f3:9b:32:bb:7f:a2:0f:d2:51:7f:d3:60:70:
         e4:d3:68:22:71:2d:bc:cc:ad:bd:6c:7b:0b:db:4a:b6:99:da:
         27:ab:e4:50:38:26:2a:64:30:aa:ae:02:69:58:00:78:28:15:
         80:8e:4c:0e:24:b8:2f:c7:6f:89:47:e8:c6:db:61:5e:2c:55:
         0b:d7:4a:4a:7f:a6:66:e8:64:cb:24:55:03:d4:15:84:3f:46:
         ff:aa:12:de:4f:1e:aa:c6:30:2f:51:65:36:6f:5b:82:9e:1c:
         96:36:f5:74:20:b3:79:c7:31:78:e3:46:26:b2:d5:e5:fe:10:
         66:29:ec:de:29:a8:14:b5:74:5e:12:b7:31:89:f3:6f:3c:81:
         c6:f1:e0:00:22:cb:e3:27:45:3d:25:75:5b:31:ab:a3:ca:3a:
         d2:63:48:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKsaez8Q0/nIqOKEETEa4aUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjIwODE3MTUyNjM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQ5MmY1ZmQ5ODFlZGUzMzUyMjgyYjY5M2MyZTI5NWQzOWE3MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxnsNaNacQGhFCFEdtwg0zD8CUNe
iAaLSWRIgwSQ1F1+ixQPoIoESotiwMXYxNmmwZfcvX8w6HN6L4AF9lHiu1T0WBxf
4OgLKAfnz9p7W52qbYOg/yhp08+6VQHfvmSxAu0uSYkBe4c1raJoCzUExkQ6MaGF
nyP+NqJAbPNSCgBtRldTtjiZ7B0GDaDOiCvmqynuaaLdKezgOyunbIf4qWDCU8W8
WtLFzlbR3vSQ1DWbJjj65eJxj5p8M5j6HPb1Iv1w8FlFhOyTTedtE0wKTB+OzZaB
mYthJXYIsGGCBHFcI8OUi+YlNR2i7PtLnn3bLAQnCU/DHlguLK/R9nOLCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHDZL1/Zge3jNSKCtpPC4pXTmnImMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvY05rdlg5bUI3ZU0xSW9LMms4TGlsZE9hY2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZlIAwQC
ubegMA0GCSqGSIb3DQEBCwUAA4IBAQAQul4yTGBZhGi4bCmKCfQxYwYpgRthnMcI
9gnPhCO2WByCX+gdnbl0n5bMovBmFOzGpna3yukPfFfdpHSO0N5E6WyScEyneBA4
5JySgMOZfBNFdx1usWifuQFdspJsWfObMrt/og/SUX/TYHDk02gicS28zK29bHsL
20q2mdonq+RQOCYqZDCqrgJpWAB4KBWAjkwOJLgvx2+JR+jG22FeLFUL10pKf6Zm
6GTLJFUD1BWEP0b/qhLeTx6qxjAvUWU2b1uCnhyWNvV0ILN5xzF440YmstXl/hBm
KezeKagUtXReErcxifNvPIHG8eAAIsvjJ0U9JXVbMaujyjrSY0jy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:42 2024 by rpki-client on console-ams.rpki-client.org