Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/RdrUaHTEMg0xGcD8vF9Z4M_ozxI.roa
File:                     RdrUaHTEMg0xGcD8vF9Z4M_ozxI.roa (raw, json)
Hash identifier:          Ve9URY+1QZKyY+D9eRvP4js0XYzPFOyLukh2OV6Pl3s=
Subject key identifier:   45:DA:D4:68:74:C4:32:0D:31:19:C0:FC:BC:5F:59:E0:CF:E8:CF:12
Certificate issuer:       /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial:       02CC9222
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/RdrUaHTEMg0xGcD8vF9Z4M_ozxI.roa
Signing time:             Wed 16 Mar 2022 17:16:28 +0000
ROA not before:           Wed 16 Mar 2022 17:16:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49999
IP address blocks:        45.140.246.0/24 maxlen: 24
                          45.140.247.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46961186 (0x2cc9222)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
        Validity
            Not Before: Mar 16 17:16:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=45dad46874c4320d3119c0fcbc5f59e0cfe8cf12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:ca:6a:82:65:cf:a4:21:9d:7e:88:cc:d9:80:
                    f4:f0:38:1d:b7:da:94:77:aa:0f:60:45:5c:8f:fd:
                    35:02:27:32:c9:7a:d5:08:7a:76:10:93:45:bf:e6:
                    9b:b5:81:22:c0:22:43:d6:d9:d4:40:d4:fe:30:85:
                    21:7b:75:45:7b:90:ef:23:f2:04:69:d3:29:d8:07:
                    d7:59:0d:12:06:11:d1:d6:44:08:78:6e:df:6e:f2:
                    56:15:4b:b3:a2:77:14:38:32:d9:d2:8d:6b:36:84:
                    26:28:7a:98:7e:a0:11:b2:19:e1:9f:c5:06:eb:9b:
                    46:c7:36:2a:28:db:4b:ae:e4:67:4f:f2:76:f4:d8:
                    bd:77:67:75:9f:7f:22:45:30:90:0d:7d:5d:3c:ff:
                    66:46:60:62:04:b7:5a:0c:1e:64:c9:f6:ae:0a:f5:
                    7d:f7:81:9e:4d:5d:11:fe:49:d9:fc:ff:3d:5a:08:
                    26:ba:96:ba:cb:b8:68:7a:3d:61:d4:52:90:74:29:
                    fd:be:13:bc:52:e1:91:da:48:c3:68:06:1d:8f:cb:
                    10:ee:0b:1e:be:32:8e:8d:20:b4:fd:71:8d:62:f0:
                    d4:f3:72:11:ef:47:44:44:86:28:3e:70:49:b0:2b:
                    7e:20:ee:52:0b:78:53:40:5a:aa:cd:08:df:91:da:
                    84:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:DA:D4:68:74:C4:32:0D:31:19:C0:FC:BC:5F:59:E0:CF:E8:CF:12
            X509v3 Authority Key Identifier:
                keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/RdrUaHTEMg0xGcD8vF9Z4M_ozxI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c2:33:58:ae:99:2e:5c:64:78:68:61:78:1d:f5:e6:f4:03:57:
         0e:f2:ac:7e:98:6d:6b:1d:21:bc:cd:e5:39:ef:f7:d2:16:b5:
         05:37:55:d9:36:24:e1:d2:25:d1:5b:5e:f1:a2:fa:ba:71:f6:
         65:4e:1e:25:6d:03:a0:b6:94:ce:98:24:8f:69:e1:64:ad:d0:
         3f:69:73:d3:20:69:12:3d:ec:6a:b6:89:24:71:ae:4f:df:ee:
         61:e8:53:93:49:92:2b:c0:51:5a:57:f1:4f:d4:d4:90:10:06:
         5c:3e:d6:64:1b:59:e2:90:9d:86:bd:79:af:d5:1f:22:86:40:
         24:4c:cf:52:b4:67:da:57:7b:ea:48:94:9d:47:c4:5d:5f:4f:
         6c:14:87:dc:d9:0c:08:12:87:8e:e5:f5:57:2c:52:e6:ac:d3:
         c1:cf:a0:5c:95:ca:f0:e1:10:a5:cf:75:4d:18:73:1e:e4:09:
         4e:c6:f5:c9:f1:d0:c8:c0:4e:d5:ce:64:99:76:24:64:3b:22:
         20:e4:92:b3:69:ed:fc:c6:32:c4:87:60:61:d8:e3:34:58:e0:
         c5:e9:f8:6d:83:f9:35:d0:da:62:23:bb:fa:0c:f3:a0:5b:08:
         ca:19:dc:3f:ee:43:c6:aa:0f:59:db:d6:59:16:eb:f0:c0:be:
         62:d6:16:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAsySIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MWRlMTI0ZTBmOGFkYjRlN2Q5NTc2Y2VhZTMyNWY2NjhkZDIyNGIxMB4XDTIyMDMx
NjE3MTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDVkYWQ0Njg3NGM0
MzIwZDMxMTljMGZjYmM1ZjU5ZTBjZmU4Y2YxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOLKaoJlz6QhnX6IzNmA9PA4HbfalHeqD2BFXI/9NQInMsl6
1Qh6dhCTRb/mm7WBIsAiQ9bZ1EDU/jCFIXt1RXuQ7yPyBGnTKdgH11kNEgYR0dZE
CHhu327yVhVLs6J3FDgy2dKNazaEJih6mH6gEbIZ4Z/FBuubRsc2KijbS67kZ0/y
dvTYvXdndZ9/IkUwkA19XTz/ZkZgYgS3WgweZMn2rgr1ffeBnk1dEf5J2fz/PVoI
JrqWusu4aHo9YdRSkHQp/b4TvFLhkdpIw2gGHY/LEO4LHr4yjo0gtP1xjWLw1PNy
Ee9HRESGKD5wSbArfiDuUgt4U0Baqs0I35HahLcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRF2tRodMQyDTEZwPy8X1ngz+jPEjAfBgNVHSMEGDAWgBTR3hJOD4rbTn2V
ds6uMl9mjdIksTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBkNFNUZy1LMjA1OWxYYk9yakpmWm8zU0pMRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvYWJlMTM0LTAwOTMtNDY1Mi05MDU3LTRmNGM5YjM0M2U5MC8x
L1JkclVhSFRFTWcweEdjRDh2RjlaNE1fb3p4SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
YWJlMTM0LTAwOTMtNDY1Mi05MDU3LTRmNGM5YjM0M2U5MC8xLzBkNFNUZy1LMjA1
OWxYYk9yakpmWm8zU0pMRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2M9jANBgkqhkiG9w0BAQsFAAOC
AQEAwjNYrpkuXGR4aGF4HfXm9ANXDvKsfphtax0hvM3lOe/30ha1BTdV2TYk4dIl
0Vte8aL6unH2ZU4eJW0DoLaUzpgkj2nhZK3QP2lz0yBpEj3saraJJHGuT9/uYehT
k0mSK8BRWlfxT9TUkBAGXD7WZBtZ4pCdhr15r9UfIoZAJEzPUrRn2ld76kiUnUfE
XV9PbBSH3NkMCBKHjuX1VyxS5qzTwc+gXJXK8OEQpc91TRhzHuQJTsb1yfHQyMBO
1c5kmXYkZDsiIOSSs2nt/MYyxIdgYdjjNFjgxen4bYP5NdDaYiO7+gzzoFsIyhnc
P+5DxqoPWdvWWRbr8MC+YtYWwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:57 2024 by rpki-client on console-ams.rpki-client.org