Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/LHqCHqHdKjjPWXb4yIhpVs3Vax4.roa
File:                     LHqCHqHdKjjPWXb4yIhpVs3Vax4.roa (raw, json)
Hash identifier:          5vKUKjZq6QqHzZy4Dca5xA3Tqp1IDZZva9kGl6Xxo1A=
Subject key identifier:   2C:7A:82:1E:A1:DD:2A:38:CF:59:76:F8:C8:88:69:56:CD:D5:6B:1E
Certificate issuer:       /CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
Certificate serial:       059D886A
Authority key identifier: 4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/LHqCHqHdKjjPWXb4yIhpVs3Vax4.roa
Signing time:             Sat 01 Jan 2022 07:58:21 +0000
ROA not before:           Sat 01 Jan 2022 07:58:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        45.133.144.0/24 maxlen: 24
                          45.133.144.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 94210154 (0x59d886a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
        Validity
            Not Before: Jan  1 07:58:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2c7a821ea1dd2a38cf5976f8c8886956cdd56b1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c2:5e:c4:94:b0:d0:0a:3d:82:f1:9f:2d:a1:
                    a3:82:e7:f5:69:45:a8:02:7b:48:b0:ae:08:8b:8a:
                    31:c6:9e:e1:f5:38:6d:f8:2b:e7:e9:e0:7f:41:a5:
                    40:2e:f7:c7:eb:64:48:11:02:78:f8:06:55:3c:52:
                    4a:47:5d:0a:1a:d2:90:f7:ed:da:5e:06:4d:d6:fd:
                    82:d8:91:a8:17:0c:54:b6:40:b9:d2:b8:12:99:a5:
                    38:9f:ec:e5:04:8a:07:21:63:57:90:be:3b:70:63:
                    fa:8d:f8:c8:62:ff:8b:96:87:4b:c8:7d:f7:d7:f5:
                    e9:70:f5:ac:fd:ed:a7:08:8a:36:2d:79:3c:ac:b9:
                    e9:27:16:fd:af:dc:30:98:04:d4:65:dc:c1:2f:5f:
                    3f:64:fc:06:68:7b:d0:a7:64:bc:d6:43:8e:a8:6a:
                    f4:3b:33:cc:12:1b:98:31:92:36:0e:eb:28:78:dc:
                    d1:79:8a:58:bf:34:d4:7d:0b:5a:f0:dd:14:10:26:
                    9c:4b:01:3c:58:51:43:d3:63:23:d9:f5:18:ba:3d:
                    e2:99:8e:47:2d:21:4a:2a:1c:8a:28:56:30:b7:8d:
                    62:e6:e3:29:31:23:69:23:94:c5:5f:ed:7e:f0:25:
                    92:e6:aa:ba:f3:eb:d1:49:69:ad:7d:94:da:f8:7d:
                    84:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:7A:82:1E:A1:DD:2A:38:CF:59:76:F8:C8:88:69:56:CD:D5:6B:1E
            X509v3 Authority Key Identifier:
                keyid:4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/LHqCHqHdKjjPWXb4yIhpVs3Vax4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7d:ae:71:0f:98:73:08:e1:73:e7:db:71:ee:18:a8:d8:b8:76:
         a5:4c:d0:5e:fe:1d:6a:12:1c:45:93:db:57:6d:2c:37:13:9e:
         d9:8e:eb:99:6e:9e:0f:a0:ea:f6:98:29:40:9e:a3:c8:25:88:
         82:36:a4:74:25:e0:24:e2:c2:01:4e:17:c0:81:02:5c:0e:60:
         69:1d:91:cb:e6:f5:41:ce:3e:a4:11:fb:6a:0c:63:8f:bd:67:
         f4:58:36:8c:d1:18:df:fe:3a:1f:c8:14:4b:9d:2f:0b:bd:64:
         42:96:a1:d0:36:bf:f3:18:43:a1:ed:00:76:99:89:37:56:b4:
         be:80:09:08:75:f1:1d:b8:ad:3d:7c:db:d8:8c:31:75:e3:8c:
         5c:a2:60:e1:2e:10:00:98:62:e4:c9:15:81:22:2e:48:99:be:
         11:fa:87:92:38:9d:7a:fc:26:c8:40:b7:de:4e:cb:93:ed:4b:
         b3:d0:0d:98:2e:38:c8:6d:33:56:d3:e9:f1:4e:15:06:8a:53:
         c5:57:44:47:85:f2:b9:32:c6:a1:57:c7:b0:ec:e1:81:89:93:
         df:32:6b:0b:62:13:4a:d8:6e:cd:c0:da:0b:c2:2b:b2:12:5e:
         6c:79:d9:43:22:cb:0e:3a:39:6d:88:78:95:10:8a:74:67:37:
         dc:bd:f4:c1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBZ2IajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzAwMDZlMDU4OTZmNmZmYjMwMTYxZTdjOGRkYTJmOWFkMDViNTYxMB4XDTIyMDEw
MTA3NTgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM3YTgyMWVhMWRk
MmEzOGNmNTk3NmY4Yzg4ODY5NTZjZGQ1NmIxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLCXsSUsNAKPYLxny2ho4Ln9WlFqAJ7SLCuCIuKMcae4fU4
bfgr5+ngf0GlQC73x+tkSBECePgGVTxSSkddChrSkPft2l4GTdb9gtiRqBcMVLZA
udK4EpmlOJ/s5QSKByFjV5C+O3Bj+o34yGL/i5aHS8h999f16XD1rP3tpwiKNi15
PKy56ScW/a/cMJgE1GXcwS9fP2T8Bmh70KdkvNZDjqhq9DszzBIbmDGSNg7rKHjc
0XmKWL801H0LWvDdFBAmnEsBPFhRQ9NjI9n1GLo94pmORy0hSiociihWMLeNYubj
KTEjaSOUxV/tfvAlkuaquvPr0UlprX2U2vh9hBsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQseoIeod0qOM9ZdvjIiGlWzdVrHjAfBgNVHSMEGDAWgBRMAAbgWJb2/7MB
YefI3aL5rQW1YTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RBQUc0RmlXOXYtekFXSG55TjJpLWEwRnRXRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvYjdmODM5LWM2ODAtNDVlYS1hOGVlLTEzMDg3YmViZDFlNC8x
L0xIcUNIcUhkS2pqUFdYYjR5SWhwVnMzVmF4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
YjdmODM5LWM2ODAtNDVlYS1hOGVlLTEzMDg3YmViZDFlNC8xL1RBQUc0RmlXOXYt
ekFXSG55TjJpLWEwRnRXRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2FkDANBgkqhkiG9w0BAQsFAAOC
AQEAfa5xD5hzCOFz59tx7hio2Lh2pUzQXv4dahIcRZPbV20sNxOe2Y7rmW6eD6Dq
9pgpQJ6jyCWIgjakdCXgJOLCAU4XwIECXA5gaR2Ry+b1Qc4+pBH7agxjj71n9Fg2
jNEY3/46H8gUS50vC71kQpah0Da/8xhDoe0AdpmJN1a0voAJCHXxHbitPXzb2Iwx
deOMXKJg4S4QAJhi5MkVgSIuSJm+EfqHkjidevwmyEC33k7Lk+1Ls9ANmC44yG0z
VtPp8U4VBopTxVdER4XyuTLGoVfHsOzhgYmT3zJrC2ITSthuzcDaC8IrshJebHnZ
QyLLDjo5bYh4lRCKdGc33L30wQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:50 2024 by rpki-client on console-fra.rpki-client.org