Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/EZt6VhzhXv-qA9vUZG92PVmhRoI.roa
File:                     EZt6VhzhXv-qA9vUZG92PVmhRoI.roa (raw, json)
Hash identifier:          3VCJchpGXBbEK9GTFlsbQ2yxD797XxvImFkG882TVl4=
Subject key identifier:   11:9B:7A:56:1C:E1:5E:FF:AA:03:DB:D4:64:6F:76:3D:59:A1:46:82
Certificate issuer:       /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial:       080B6D34
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/EZt6VhzhXv-qA9vUZG92PVmhRoI.roa
Signing time:             Sun 13 Feb 2022 13:27:02 +0000
ROA not before:           Sun 13 Feb 2022 13:27:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43624
IP address blocks:        45.140.206.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 134966580 (0x80b6d34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
        Validity
            Not Before: Feb 13 13:27:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=119b7a561ce15effaa03dbd4646f763d59a14682
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:42:89:df:69:34:f2:13:27:50:67:a0:43:e8:
                    5d:75:cb:8f:24:7c:31:6a:6c:f2:32:50:59:b3:7b:
                    50:0d:7d:cd:e4:f0:70:af:35:eb:21:61:e4:5c:d8:
                    54:e9:7e:57:9c:11:7b:d0:91:dd:09:74:f4:79:c5:
                    cb:23:2d:34:bd:ef:83:61:7d:91:bd:fa:6a:da:42:
                    7c:ce:9e:03:82:88:83:51:99:50:d2:e5:6e:1a:be:
                    c7:73:14:99:cf:bc:a7:4b:bf:92:53:af:d7:ad:60:
                    ff:10:25:8c:ab:97:d0:c5:63:2a:2a:be:57:2c:33:
                    6e:a9:cb:b5:95:6e:0b:2f:d7:47:67:f9:29:78:20:
                    1c:dc:33:d7:d8:fe:26:89:33:42:89:33:a7:1e:5e:
                    89:96:5a:6b:aa:02:be:5d:41:2a:fd:5f:d9:44:2f:
                    88:75:3b:e6:e2:c0:6b:48:b8:90:d8:d3:4e:0f:38:
                    c9:33:33:09:1a:4a:7e:d0:df:0d:7c:ca:48:f2:a9:
                    9b:60:07:7d:02:18:66:32:65:47:15:0d:b1:2f:e6:
                    09:2e:0f:1b:6c:11:e5:76:7c:82:d3:d9:af:ed:e3:
                    c5:6c:60:4a:bd:bb:d7:6a:2e:06:35:41:44:c8:49:
                    a9:05:a3:96:4a:10:aa:9d:bc:12:9d:5a:0a:1b:64:
                    4d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:9B:7A:56:1C:E1:5E:FF:AA:03:DB:D4:64:6F:76:3D:59:A1:46:82
            X509v3 Authority Key Identifier:
                keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/EZt6VhzhXv-qA9vUZG92PVmhRoI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:b7:dd:6b:7c:b4:76:94:fd:0c:86:f7:8a:64:9e:f4:89:bd:
         34:4c:14:86:64:87:7c:dd:a5:6e:1e:15:bc:6f:02:42:de:dc:
         e1:63:eb:f1:c0:eb:f2:e2:37:01:fd:84:2b:51:01:fb:0e:76:
         8c:56:70:6d:81:5f:a3:b5:ad:8a:4c:06:9d:29:a0:f1:3c:fb:
         a9:ef:02:df:fe:c5:b8:93:70:aa:ba:7f:cb:62:63:e6:fb:c2:
         dc:ce:df:1e:80:d6:04:d5:1c:45:0a:d0:02:c5:87:f6:1b:6a:
         f3:42:fc:10:58:b9:b0:0c:57:24:4f:f1:0a:de:0d:31:53:2e:
         cc:94:2a:a1:cc:c9:c7:55:bb:8d:1b:25:e2:27:22:52:5c:e8:
         b9:74:bd:21:a1:ca:f5:25:cc:ba:51:25:ec:9e:2c:c3:03:25:
         d3:21:85:f0:8b:23:ad:b3:80:a1:48:2e:14:dd:8a:47:1d:d7:
         53:90:0e:6e:92:71:43:b9:47:46:ff:70:9b:2a:b4:f0:7f:86:
         76:e4:9e:4d:bf:cb:0d:29:bc:04:45:6c:09:eb:1d:98:80:8e:
         40:9b:24:8b:fc:28:84:33:a6:08:75:91:2c:f6:fd:a1:67:06:
         d2:75:15:d7:e0:af:31:fd:b4:66:87:18:c7:5b:b0:fa:e0:98:
         73:d4:0c:9d
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECAttNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODY1MWIxMTk0ZjEyZTk4ZTcwZDNkYTc4ZWZlNGRkMjQ2N2NkNDIzMB4XDTIyMDIx
MzEzMjcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTE5YjdhNTYxY2Ux
NWVmZmFhMDNkYmQ0NjQ2Zjc2M2Q1OWExNDY4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1Cid9pNPITJ1BnoEPoXXXLjyR8MWps8jJQWbN7UA19zeTw
cK816yFh5FzYVOl+V5wRe9CR3Ql09HnFyyMtNL3vg2F9kb36atpCfM6eA4KIg1GZ
UNLlbhq+x3MUmc+8p0u/klOv161g/xAljKuX0MVjKiq+VywzbqnLtZVuCy/XR2f5
KXggHNwz19j+JokzQokzpx5eiZZaa6oCvl1BKv1f2UQviHU75uLAa0i4kNjTTg84
yTMzCRpKftDfDXzKSPKpm2AHfQIYZjJlRxUNsS/mCS4PG2wR5XZ8gtPZr+3jxWxg
Sr2712ouBjVBRMhJqQWjlkoQqp28Ep1aChtkTe0CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQRm3pWHOFe/6oD29Rkb3Y9WaFGgjAfBgNVHSMEGDAWgBT4ZRsRlPEumOcN
PaeO/k3SRnzUIzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzRlLzgyMjQwMC0zMjQ4LTQ3MDItYjI5Yi1hMWI3Y2VlZmExNmMv
MS9FWnQ2Vmh6aFh2LXFBOXZVWkc5MlBWbWhSb0kucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRl
LzgyMjQwMC0zMjQ4LTQ3MDItYjI5Yi1hMWI3Y2VlZmExNmMvMS8xLUdVYkVaVHhM
cGpuRFQybmp2NU4wa1o4MUNNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYzOMA0GCSqGSIb3DQEBCwUA
A4IBAQBNt91rfLR2lP0MhveKZJ70ib00TBSGZId83aVuHhW8bwJC3tzhY+vxwOvy
4jcB/YQrUQH7DnaMVnBtgV+jta2KTAadKaDxPPup7wLf/sW4k3Cqun/LYmPm+8Lc
zt8egNYE1RxFCtACxYf2G2rzQvwQWLmwDFckT/EK3g0xUy7MlCqhzMnHVbuNGyXi
JyJSXOi5dL0hocr1Jcy6USXsnizDAyXTIYXwiyOts4ChSC4U3YpHHddTkA5uknFD
uUdG/3CbKrTwf4Z25J5Nv8sNKbwERWwJ6x2YgI5AmySL/CiEM6YIdZEs9v2hZwbS
dRXX4K8x/bRmhxjHW7D64Jhz1Ayd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:14 2024 by rpki-client on console-ams.rpki-client.org