Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Z0f5p2xnxr_rf8d70NzzrTO1ZXw.roa
File:                     Z0f5p2xnxr_rf8d70NzzrTO1ZXw.roa (raw, json)
Hash identifier:          raPMR6xEyX2uSRXsygsishuuabpHOU1cvphJwtridDc=
Subject key identifier:   67:47:F9:A7:6C:67:C6:BF:EB:7F:C7:7B:D0:DC:F3:AD:33:B5:65:7C
Certificate issuer:       /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial:       0182D08B2317DC1BC01A314D7DD1BC942A0F
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Z0f5p2xnxr_rf8d70NzzrTO1ZXw.roa
Signing time:             Wed 24 Aug 2022 15:49:15 +0000
ROA not before:           Wed 24 Aug 2022 15:49:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44477
IP address blocks:        45.84.0.0/24 maxlen: 24
                          93.185.166.0/24 maxlen: 24
                          45.159.248.0/24 maxlen: 24
                          45.87.154.0/24 maxlen: 24
                          45.8.145.0/24 maxlen: 24
                          45.8.144.0/24 maxlen: 24
                          45.67.35.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d0:8b:23:17:dc:1b:c0:1a:31:4d:7d:d1:bc:94:2a:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
        Validity
            Not Before: Aug 24 15:49:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6747f9a76c67c6bfeb7fc77bd0dcf3ad33b5657c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:48:25:c7:2d:2c:c5:c5:fc:68:2f:56:8b:88:
                    da:1c:51:41:19:ec:15:4a:3b:23:23:37:1f:c8:80:
                    8b:ce:08:c4:37:68:f7:1a:d8:b6:61:74:2c:a8:cf:
                    a2:27:ea:36:8d:a5:15:b6:bd:78:b0:98:22:46:82:
                    61:71:34:14:35:30:f9:5c:5d:00:e6:1b:14:a6:0d:
                    53:71:7a:e9:6c:95:19:a6:80:6f:0d:d0:92:1e:33:
                    42:7c:05:24:89:6a:87:91:ce:6a:a5:84:46:de:50:
                    5a:b5:80:71:d8:99:c3:40:70:c4:cd:c9:29:d2:80:
                    23:52:97:28:32:c8:84:32:57:a8:95:8d:30:7d:10:
                    b0:cf:19:32:e9:f1:5d:a4:95:c9:54:e9:ac:de:ae:
                    18:28:be:ec:0a:d3:46:cf:8b:84:ef:6c:ae:1f:13:
                    5f:b8:36:79:33:43:8c:f4:e1:0d:57:77:d0:d9:74:
                    5d:d3:09:94:1d:ed:62:77:ff:54:ed:ca:f3:e7:ce:
                    ec:9c:39:f5:c2:e6:73:d3:e7:42:97:44:c6:41:e7:
                    23:32:4b:b3:ee:c0:62:9f:b1:cc:bc:c8:7c:1b:cc:
                    9e:14:ed:56:66:90:00:f8:00:ca:1f:12:6a:7d:18:
                    66:97:63:bd:b5:7d:9e:51:86:8b:3d:5e:7e:27:21:
                    a8:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:47:F9:A7:6C:67:C6:BF:EB:7F:C7:7B:D0:DC:F3:AD:33:B5:65:7C
            X509v3 Authority Key Identifier:
                keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Z0f5p2xnxr_rf8d70NzzrTO1ZXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.144.0/23
                  45.67.35.0/24
                  45.84.0.0/24
                  45.87.154.0/24
                  45.159.248.0/24
                  93.185.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:c0:94:a3:c0:87:b2:7a:5d:06:24:cf:5e:30:76:c6:e4:5c:
         bd:57:30:a1:26:4a:df:8d:3e:e8:fc:43:e0:41:82:33:d5:b5:
         56:a5:ff:94:4c:e1:3d:ba:7f:66:38:91:42:72:6f:19:b6:0c:
         de:84:64:23:80:ee:04:9c:55:50:6d:18:25:70:90:f0:36:05:
         c7:a2:50:9a:aa:00:1a:da:9a:9a:e1:e6:ac:aa:c3:17:28:fe:
         c4:f3:b6:41:f8:bb:7a:06:05:24:18:6d:97:bb:3b:35:a0:a9:
         51:26:12:cd:59:d7:24:27:54:13:9d:cb:af:f1:61:b1:cd:4d:
         ef:14:1b:71:2f:30:7b:4b:16:2b:5f:00:92:9d:4a:7e:aa:78:
         f3:88:ed:5a:6b:9f:3e:b0:52:fb:c2:45:3d:a0:72:fd:a7:d3:
         e0:5f:94:b3:6a:4e:01:2d:02:f5:76:d1:6b:17:6e:be:ef:e8:
         a0:98:9c:27:01:c0:75:c1:2c:d5:29:8e:7b:a7:00:be:32:4f:
         31:be:b6:c0:94:36:2b:cf:7f:1f:4a:4c:29:23:69:5e:20:37:
         62:cc:60:95:b7:e5:42:11:71:e9:39:d8:72:d5:47:42:f7:b1:
         ed:9d:a3:b3:2a:97:48:49:66:10:bd:67:b3:bf:09:16:40:d0:
         88:95:be:79
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYLQiyMX3BvAGjFNfdG8lCoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIwODI0MTU0OTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzQ3ZjlhNzZjNjdjNmJmZWI3ZmM3N2JkMGRjZjNhZDMzYjU2NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkglxy0sxcX8aC9Wi4jaHFFBGewV
SjsjIzcfyICLzgjEN2j3Gti2YXQsqM+iJ+o2jaUVtr14sJgiRoJhcTQUNTD5XF0A
5hsUpg1TcXrpbJUZpoBvDdCSHjNCfAUkiWqHkc5qpYRG3lBatYBx2JnDQHDEzckp
0oAjUpcoMsiEMleolY0wfRCwzxky6fFdpJXJVOms3q4YKL7sCtNGz4uE72yuHxNf
uDZ5M0OM9OENV3fQ2XRd0wmUHe1id/9U7crz587snDn1wuZz0+dCl0TGQecjMkuz
7sBin7HMvMh8G8yeFO1WZpAA+ADKHxJqfRhml2O9tX2eUYaLPV5+JyGocwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGdH+adsZ8a/63/He9Dc860ztWV8MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvWjBmNXAyeG54cl9yZjhkNzBOenpyVE8xWlh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLQiQAwQA
LUMjAwQALVQAAwQALVeaAwQALZ/4AwQAXbmmMA0GCSqGSIb3DQEBCwUAA4IBAQAe
wJSjwIeyel0GJM9eMHbG5Fy9VzChJkrfjT7o/EPgQYIz1bVWpf+UTOE9un9mOJFC
cm8ZtgzehGQjgO4EnFVQbRglcJDwNgXHolCaqgAa2pqa4easqsMXKP7E87ZB+Lt6
BgUkGG2Xuzs1oKlRJhLNWdckJ1QTncuv8WGxzU3vFBtxLzB7SxYrXwCSnUp+qnjz
iO1aa58+sFL7wkU9oHL9p9PgX5Szak4BLQL1dtFrF26+7+igmJwnAcB1wSzVKY57
pwC+Mk8xvrbAlDYrz38fSkwpI2leIDdizGCVt+VCEXHpOdhy1UdC97HtnaOzKpdI
SWYQvWezvwkWQNCIlb55
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:23 2024 by rpki-client on console-fra.rpki-client.org