Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/orVCqtuGw4yknZHHoTMM3FsmiTI.roa
File:                     orVCqtuGw4yknZHHoTMM3FsmiTI.roa (raw, json)
Hash identifier:          Fx4ldrcbHOdH8P83hpEvMGfBw6FZzbEyICanBcS+K8s=
Subject key identifier:   A2:B5:42:AA:DB:86:C3:8C:A4:9D:91:C7:A1:33:0C:DC:5B:26:89:32
Certificate issuer:       /CN=6a0f5830dbc4bbabb682777ebd3843d750489ec8
Certificate serial:       0183169BA90CEEEFBC6166D8C255F8AB0CF2
Authority key identifier: 6A:0F:58:30:DB:C4:BB:AB:B6:82:77:7E:BD:38:43:D7:50:48:9E:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ag9YMNvEu6u2gnd-vThD11BInsg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/orVCqtuGw4yknZHHoTMM3FsmiTI.roa
Signing time:             Wed 07 Sep 2022 06:20:43 +0000
ROA not before:           Wed 07 Sep 2022 06:20:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        45.145.120.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:16:9b:a9:0c:ee:ef:bc:61:66:d8:c2:55:f8:ab:0c:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a0f5830dbc4bbabb682777ebd3843d750489ec8
        Validity
            Not Before: Sep  7 06:20:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a2b542aadb86c38ca49d91c7a1330cdc5b268932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:c7:76:51:85:f5:41:3d:ba:94:08:90:9a:c2:
                    fc:f7:e5:0f:2b:bc:2c:2b:f8:c9:b2:c2:dd:56:93:
                    7a:71:48:43:88:46:02:7a:24:bf:17:ec:02:31:14:
                    c6:8f:e6:1a:ff:f7:bc:f5:e5:50:1e:4c:21:c9:f4:
                    6d:9f:3d:6d:b9:37:1d:a6:13:d3:7d:5f:35:9e:93:
                    58:14:18:c0:16:d7:87:65:9f:f0:dd:c8:55:ab:b6:
                    a4:20:c7:40:ba:72:e1:ef:91:96:73:35:41:3e:8c:
                    18:da:04:79:e9:57:c0:0e:53:4e:31:c4:af:b9:11:
                    bf:4a:67:86:79:5c:37:5b:bf:66:89:27:cd:ab:43:
                    03:f7:09:20:ec:dc:b3:5f:40:cc:9f:73:8b:4c:ed:
                    c1:de:5b:67:57:9d:c6:05:1d:a5:18:2b:67:20:79:
                    31:d6:f1:c5:d5:b1:86:1c:b1:bf:b2:f0:9c:54:ed:
                    b5:f6:52:4b:ea:4e:a9:14:ef:89:a8:bf:01:16:7f:
                    a6:d1:9e:6e:c5:d3:10:42:b3:be:ee:7c:b2:94:00:
                    26:1a:b1:f6:70:84:3c:6a:da:b5:1c:8a:e9:92:22:
                    db:20:91:0f:b2:bd:3a:63:46:12:e5:ee:75:73:c7:
                    33:e2:c5:ed:fb:05:56:0f:c9:81:ce:29:76:08:18:
                    9b:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:B5:42:AA:DB:86:C3:8C:A4:9D:91:C7:A1:33:0C:DC:5B:26:89:32
            X509v3 Authority Key Identifier:
                keyid:6A:0F:58:30:DB:C4:BB:AB:B6:82:77:7E:BD:38:43:D7:50:48:9E:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ag9YMNvEu6u2gnd-vThD11BInsg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/orVCqtuGw4yknZHHoTMM3FsmiTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/ag9YMNvEu6u2gnd-vThD11BInsg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:80:10:39:c9:46:6e:14:61:00:8a:6a:1d:c7:db:4e:08:9a:
         8a:42:7a:43:ed:73:8b:93:82:f4:93:2c:cd:da:4c:a2:41:07:
         e7:6b:ab:6c:73:ad:a0:87:d5:cc:ea:53:86:af:a5:76:cf:39:
         22:ae:59:09:44:ca:33:1e:4d:1f:28:ec:f5:13:cb:2e:55:80:
         32:fe:e0:b5:63:3e:45:60:96:de:65:35:5b:2e:cf:1d:12:c6:
         f8:20:24:be:4b:8f:5c:f0:d6:16:2f:f7:60:d8:8f:4b:9a:97:
         ab:47:53:0d:73:da:62:1e:ca:25:c0:18:fe:d6:cc:63:f0:c8:
         5c:02:83:fe:52:01:31:43:c2:aa:c8:4a:4e:4f:cb:9c:31:44:
         ef:4e:7c:fe:5c:43:1e:87:0e:48:66:02:1d:30:0e:ca:c4:90:
         3c:6b:23:58:ee:34:de:7c:15:d4:67:8b:42:fd:e7:c6:53:25:
         14:16:cd:f1:4d:07:63:59:d3:d1:2a:27:47:e2:9f:81:6e:88:
         00:7b:05:8b:94:14:93:9a:38:af:92:a8:c4:ea:c4:ea:02:27:
         55:cd:7d:be:04:bf:b5:84:fe:f0:bb:33:5a:58:67:c0:26:7e:
         63:f8:2c:dc:ee:52:76:e5:e6:1e:84:ea:c8:e1:18:0b:eb:cf:
         e3:7f:96:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMWm6kM7u+8YWbYwlX4qwzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMGY1ODMwZGJjNGJiYWJiNjgyNzc3ZWJkMzg0M2Q3NTA0
ODllYzgwHhcNMjIwOTA3MDYyMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmI1NDJhYWRiODZjMzhjYTQ5ZDkxYzdhMTMzMGNkYzViMjY4OTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksd2UYX1QT26lAiQmsL89+UPK7ws
K/jJssLdVpN6cUhDiEYCeiS/F+wCMRTGj+Ya//e89eVQHkwhyfRtnz1tuTcdphPT
fV81npNYFBjAFteHZZ/w3chVq7akIMdAunLh75GWczVBPowY2gR56VfADlNOMcSv
uRG/SmeGeVw3W79miSfNq0MD9wkg7NyzX0DMn3OLTO3B3ltnV53GBR2lGCtnIHkx
1vHF1bGGHLG/svCcVO219lJL6k6pFO+JqL8BFn+m0Z5uxdMQQrO+7nyylAAmGrH2
cIQ8atq1HIrpkiLbIJEPsr06Y0YS5e51c8cz4sXt+wVWD8mBzil2CBib6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKK1QqrbhsOMpJ2Rx6EzDNxbJokyMB8GA1UdIwQY
MBaAFGoPWDDbxLurtoJ3fr04Q9dQSJ7IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWc5WU1OdkV1NnUyZ25kLXZUaEQxMUJJbnNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni84YTMwYjgtMWMxZC00MWMyLTk5NGUt
NTY2NmMyODNiMzA2LzEvb3JWQ3F0dUd3NHlrblpISG9UTU0zRnNtaVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni84YTMwYjgtMWMxZC00MWMyLTk5NGUtNTY2NmMyODNiMzA2
LzEvYWc5WU1OdkV1NnUyZ25kLXZUaEQxMUJJbnNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZF4MA0G
CSqGSIb3DQEBCwUAA4IBAQAUgBA5yUZuFGEAimodx9tOCJqKQnpD7XOLk4L0kyzN
2kyiQQfna6tsc62gh9XM6lOGr6V2zzkirlkJRMozHk0fKOz1E8suVYAy/uC1Yz5F
YJbeZTVbLs8dEsb4ICS+S49c8NYWL/dg2I9LmperR1MNc9piHsolwBj+1sxj8Mhc
AoP+UgExQ8KqyEpOT8ucMUTvTnz+XEMehw5IZgIdMA7KxJA8ayNY7jTefBXUZ4tC
/efGUyUUFs3xTQdjWdPRKidH4p+BbogAewWLlBSTmjivkqjE6sTqAidVzX2+BL+1
hP7wuzNaWGfAJn5j+Czc7lJ25eYehOrI4RgL68/jf5Y2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:07 2023 by rpki-client on console-ams.rpki-client.org