Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/Dd7GEka4wp7Ta7V4H5sAue8sCO4.roa
File:                     Dd7GEka4wp7Ta7V4H5sAue8sCO4.roa (raw, json)
Hash identifier:          yX4DLqqIq4lodqf44zQIB8BSfcO6XYbAe/yW+zSFZf4=
Subject key identifier:   0D:DE:C6:12:46:B8:C2:9E:D3:6B:B5:78:1F:9B:00:B9:EF:2C:08:EE
Certificate issuer:       /CN=b0dfafd36730396fe338e772dadbe4c3c85cd952
Certificate serial:       0928D748
Authority key identifier: B0:DF:AF:D3:67:30:39:6F:E3:38:E7:72:DA:DB:E4:C3:C8:5C:D9:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/Dd7GEka4wp7Ta7V4H5sAue8sCO4.roa
Signing time:             Sat 01 Jan 2022 14:05:02 +0000
ROA not before:           Sat 01 Jan 2022 14:05:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57705
IP address blocks:        45.66.46.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153671496 (0x928d748)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0dfafd36730396fe338e772dadbe4c3c85cd952
        Validity
            Not Before: Jan  1 14:05:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0ddec61246b8c29ed36bb5781f9b00b9ef2c08ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d9:4d:c4:28:43:ae:5f:6a:da:d2:fe:61:b9:
                    40:4e:4e:e6:56:c8:ee:0c:df:d2:59:19:93:79:64:
                    08:15:c9:df:25:be:0c:3c:8f:ca:c3:60:3e:09:69:
                    56:37:67:ae:59:97:fe:b0:c6:f5:13:83:ad:ea:27:
                    5c:47:3d:91:07:41:59:fb:fc:03:69:d1:4b:b4:92:
                    3e:dc:2d:e4:b0:e6:e3:7b:43:2f:25:2f:aa:38:c2:
                    31:99:b2:f0:06:d3:48:32:55:13:de:38:49:44:d7:
                    10:7b:04:9a:63:36:a5:a9:23:11:28:a7:82:4d:a5:
                    c1:08:29:7b:eb:a4:df:8e:74:e2:30:59:40:54:84:
                    df:4b:b5:64:42:e2:d3:a5:04:25:03:a5:c5:93:29:
                    48:c2:58:62:ad:d4:b2:10:c8:26:41:19:a9:ea:62:
                    4a:54:75:e4:3a:2b:fd:d1:a4:0f:6a:4f:96:25:f2:
                    6b:39:ab:0f:aa:38:38:47:2c:a2:58:62:70:68:2b:
                    f4:4b:e0:4e:a1:e6:62:ee:63:ab:b6:7d:39:36:dc:
                    16:75:df:ca:50:a6:30:f6:4e:47:6c:bc:a8:64:57:
                    96:1a:46:c7:9e:b7:0b:02:4b:d6:2d:be:85:ef:f7:
                    c5:8d:4e:9e:21:10:0b:a0:53:5b:93:57:ec:b2:12:
                    09:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:DE:C6:12:46:B8:C2:9E:D3:6B:B5:78:1F:9B:00:B9:EF:2C:08:EE
            X509v3 Authority Key Identifier:
                keyid:B0:DF:AF:D3:67:30:39:6F:E3:38:E7:72:DA:DB:E4:C3:C8:5C:D9:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/Dd7GEka4wp7Ta7V4H5sAue8sCO4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/sN-v02cwOW_jOOdy2tvkw8hc2VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.66.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:c5:3f:46:b9:77:fd:81:f4:29:f7:77:01:bb:92:a0:67:db:
         ca:a0:1a:4e:62:87:e2:8b:dc:87:92:f8:66:60:a4:11:7f:8e:
         8f:24:08:e0:b7:0e:4f:46:ec:84:88:d8:da:6a:6d:db:a6:60:
         85:e1:d1:a8:2e:b6:0c:92:f0:45:4f:3b:4d:70:2a:9f:57:a2:
         e3:9a:5d:4e:a5:99:ef:97:e9:d3:2f:b0:4a:be:6a:d1:cc:0e:
         e8:5e:e5:8f:17:74:a6:9f:9c:e6:34:36:67:c3:30:11:16:b6:
         f2:97:9f:97:98:97:c0:fc:c0:42:75:99:d0:fc:39:1b:7e:96:
         58:c5:a8:19:36:5c:f2:77:17:ac:89:de:5a:d7:fa:d0:d2:47:
         47:74:50:67:f5:d8:a4:62:66:94:e9:f1:50:6e:94:86:1e:81:
         40:99:dd:cd:6e:a9:19:fa:99:9f:ae:02:fd:7d:e0:85:12:61:
         a6:00:83:4b:2f:d1:c7:10:2b:0b:41:6f:05:48:79:0a:02:a9:
         4e:66:77:0b:c4:cc:24:0a:a7:2d:15:ac:bd:14:98:03:e4:b2:
         b0:56:4e:d4:d1:e7:b2:8b:c5:ad:01:bf:8c:89:86:24:93:89:
         5c:6c:df:cc:ec:45:9c:9f:1b:4a:9a:b4:86:55:22:75:f6:3f:
         6e:d3:90:22
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECSjXSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MGRmYWZkMzY3MzAzOTZmZTMzOGU3NzJkYWRiZTRjM2M4NWNkOTUyMB4XDTIyMDEw
MTE0MDUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRkZWM2MTI0NmI4
YzI5ZWQzNmJiNTc4MWY5YjAwYjllZjJjMDhlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPZTcQoQ65fatrS/mG5QE5O5lbI7gzf0lkZk3lkCBXJ3yW+
DDyPysNgPglpVjdnrlmX/rDG9RODreonXEc9kQdBWfv8A2nRS7SSPtwt5LDm43tD
LyUvqjjCMZmy8AbTSDJVE944SUTXEHsEmmM2pakjESingk2lwQgpe+uk34504jBZ
QFSE30u1ZELi06UEJQOlxZMpSMJYYq3UshDIJkEZqepiSlR15Dor/dGkD2pPliXy
azmrD6o4OEcsolhicGgr9EvgTqHmYu5jq7Z9OTbcFnXfylCmMPZOR2y8qGRXlhpG
x563CwJL1i2+he/3xY1OniEQC6BTW5NX7LISCYsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQN3sYSRrjCntNrtXgfmwC57ywI7jAfBgNVHSMEGDAWgBSw36/TZzA5b+M4
53La2+TDyFzZUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NOLXYwMmN3T1dfak9PZHkydHZrdzhoYzJWSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvZjY5NmZkLTRkOWQtNGUyOC05MjZlLTBhYTViNDZiZjhhYS8x
L0RkN0dFa2E0d3A3VGE3VjRINXNBdWU4c0NPNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
ZjY5NmZkLTRkOWQtNGUyOC05MjZlLTBhYTViNDZiZjhhYS8xL3NOLXYwMmN3T1df
ak9PZHkydHZrdzhoYzJWSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1CLjANBgkqhkiG9w0BAQsFAAOC
AQEAosU/Rrl3/YH0Kfd3AbuSoGfbyqAaTmKH4ovch5L4ZmCkEX+OjyQI4LcOT0bs
hIjY2mpt26ZgheHRqC62DJLwRU87TXAqn1ei45pdTqWZ75fp0y+wSr5q0cwO6F7l
jxd0pp+c5jQ2Z8MwERa28pefl5iXwPzAQnWZ0Pw5G36WWMWoGTZc8ncXrIneWtf6
0NJHR3RQZ/XYpGJmlOnxUG6Uhh6BQJndzW6pGfqZn64C/X3ghRJhpgCDSy/RxxAr
C0FvBUh5CgKpTmZ3C8TMJAqnLRWsvRSYA+SysFZO1NHnsovFrQG/jImGJJOJXGzf
zOxFnJ8bSpq0hlUidfY/btOQIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:24 2024 by rpki-client on console-fra.rpki-client.org