Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/Od_o3nzinGG6YBjumJ8AFEc47Eo.roa
File:                     Od_o3nzinGG6YBjumJ8AFEc47Eo.roa (raw, json)
Hash identifier:          SLFaOHNHDDecFgapQOX2dG9LFkhGWh9u1i4ZNjF+jRc=
Subject key identifier:   39:DF:E8:DE:7C:E2:9C:61:BA:60:18:EE:98:9F:00:14:47:38:EC:4A
Certificate issuer:       /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial:       0AA9F56A
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/Od_o3nzinGG6YBjumJ8AFEc47Eo.roa
Signing time:             Sat 01 Jan 2022 12:00:11 +0000
ROA not before:           Sat 01 Jan 2022 12:00:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44558
IP address blocks:        92.45.100.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 178910570 (0xaa9f56a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
        Validity
            Not Before: Jan  1 12:00:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=39dfe8de7ce29c61ba6018ee989f00144738ec4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c8:0c:68:0b:17:61:cd:9d:5e:ef:a1:c3:6b:
                    3c:fa:09:62:62:4b:d7:48:5b:b9:54:85:1c:71:13:
                    45:ac:f7:60:b8:53:0e:46:97:2f:a6:7d:7b:dc:a2:
                    71:44:56:7e:c8:c4:d1:59:da:98:63:42:35:b8:f4:
                    a8:a5:9f:73:a0:62:cb:1c:4f:f2:dc:88:f3:02:87:
                    98:04:30:c5:98:c8:40:7d:5a:49:75:00:40:7f:2f:
                    ef:53:cf:5a:95:cd:d7:17:33:87:9f:3d:fe:d5:57:
                    aa:38:60:75:c7:f8:8f:1b:39:ec:88:7e:8a:37:24:
                    10:f1:4b:67:aa:f6:1b:fa:67:07:ed:f8:14:9a:58:
                    8d:d4:14:98:f1:fd:19:3a:a8:e9:6c:ed:80:d3:07:
                    de:8f:f3:5f:39:42:a4:27:07:de:88:c6:74:bd:a7:
                    1d:00:15:58:18:3a:24:ed:c0:6e:91:c4:b7:c6:86:
                    74:f6:35:58:dc:35:80:e0:81:a5:73:c2:90:82:b9:
                    a1:ae:9f:70:09:b6:38:3e:21:d6:33:fb:67:c9:d3:
                    ba:dd:68:7a:80:57:12:04:32:19:85:f8:fb:66:c5:
                    af:df:67:2a:50:9a:62:d6:9d:b4:c9:be:05:3f:81:
                    ed:27:03:1e:08:2e:94:9a:fb:e2:43:ca:10:7f:b7:
                    b5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:DF:E8:DE:7C:E2:9C:61:BA:60:18:EE:98:9F:00:14:47:38:EC:4A
            X509v3 Authority Key Identifier:
                keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/Od_o3nzinGG6YBjumJ8AFEc47Eo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.45.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:30:91:1f:47:55:6d:68:de:51:2e:e0:e2:cc:f6:8d:47:cf:
         44:bb:b3:cb:64:b7:12:56:99:ff:d6:e6:3a:05:dd:77:85:d6:
         1c:e9:6c:23:51:d1:6f:76:15:3c:11:7e:b0:6d:17:9d:65:dd:
         42:04:6f:2b:9d:ae:ee:95:44:26:6c:52:fd:52:03:9e:0a:e2:
         74:4c:4b:39:62:c8:da:3a:e3:f5:0e:61:ef:94:e0:0d:34:6f:
         90:b1:58:32:8d:57:60:4f:61:2c:fa:44:b8:ac:c5:b2:6e:96:
         96:e2:1e:c5:4b:07:a5:d8:cf:80:2d:a4:52:5b:5b:1e:1a:f5:
         79:ab:6d:03:fc:8c:93:27:23:88:7e:7b:48:c2:b7:1f:f5:4a:
         c8:cb:d0:a6:4b:2e:86:90:af:88:61:da:1f:43:78:f3:6f:86:
         11:9e:64:78:8f:98:9d:69:53:31:38:88:69:fb:2d:55:af:5f:
         d4:26:57:69:82:2b:f6:71:3a:50:46:70:e3:7e:9b:15:f4:be:
         16:f7:1f:43:1c:c0:1e:ff:9c:88:a2:11:e2:46:50:a4:32:4a:
         1d:bc:be:8c:f2:7d:dc:66:43:e8:8d:1e:15:69:35:3b:38:e5:
         c6:15:5c:d8:f8:31:54:d7:13:0d:b6:db:f2:91:69:bc:05:0f:
         94:7f:30:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECqn1ajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTlkMzBlNjAzNWJlOGI4Mzg2MDYxZjI3MTQ4MWM3MDdlMDRjZTJiMB4XDTIyMDEw
MTEyMDAxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzlkZmU4ZGU3Y2Uy
OWM2MWJhNjAxOGVlOTg5ZjAwMTQ0NzM4ZWM0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzIDGgLF2HNnV7vocNrPPoJYmJL10hbuVSFHHETRaz3YLhT
DkaXL6Z9e9yicURWfsjE0VnamGNCNbj0qKWfc6BiyxxP8tyI8wKHmAQwxZjIQH1a
SXUAQH8v71PPWpXN1xczh589/tVXqjhgdcf4jxs57Ih+ijckEPFLZ6r2G/pnB+34
FJpYjdQUmPH9GTqo6WztgNMH3o/zXzlCpCcH3ojGdL2nHQAVWBg6JO3AbpHEt8aG
dPY1WNw1gOCBpXPCkIK5oa6fcAm2OD4h1jP7Z8nTut1oeoBXEgQyGYX4+2bFr99n
KlCaYtadtMm+BT+B7ScDHggulJr74kPKEH+3tV8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ53+jefOKcYbpgGO6YnwAURzjsSjAfBgNVHSMEGDAWgBS6nTDmA1vouDhg
YfJxSBxwfgTOKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VwMHc1Z05iNkxnNFlHSHljVWdjY0g0RXppcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8x
L09kX28zbnppbkdHNllCanVtSjhBRkVjNDdFby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8xL3VwMHc1Z05iNkxn
NFlHSHljVWdjY0g0RXppcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFwtZDANBgkqhkiG9w0BAQsFAAOC
AQEAiDCRH0dVbWjeUS7g4sz2jUfPRLuzy2S3ElaZ/9bmOgXdd4XWHOlsI1HRb3YV
PBF+sG0XnWXdQgRvK52u7pVEJmxS/VIDngridExLOWLI2jrj9Q5h75TgDTRvkLFY
Mo1XYE9hLPpEuKzFsm6WluIexUsHpdjPgC2kUltbHhr1eattA/yMkycjiH57SMK3
H/VKyMvQpksuhpCviGHaH0N482+GEZ5keI+YnWlTMTiIafstVa9f1CZXaYIr9nE6
UEZw436bFfS+FvcfQxzAHv+ciKIR4kZQpDJKHby+jPJ93GZD6I0eFWk1OzjlxhVc
2PgxVNcTDbbb8pFpvAUPlH8wtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org