Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/CDANEar7NUFM8p31KwhJG39Weh8.roa
File:                     CDANEar7NUFM8p31KwhJG39Weh8.roa (raw, json)
Hash identifier:          yJRO2G48Oh+WfUN+Wrg4BxphCpKdaN++pulGOyhKDQk=
Subject key identifier:   08:30:0D:11:AA:FB:35:41:4C:F2:9D:F5:2B:08:49:1B:7F:56:7A:1F
Certificate issuer:       /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial:       04EBA249
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/CDANEar7NUFM8p31KwhJG39Weh8.roa
Signing time:             Thu 12 May 2022 11:20:02 +0000
ROA not before:           Thu 12 May 2022 11:20:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44854
IP address blocks:        45.113.236.0/23 maxlen: 24
                          103.229.81.0/24 maxlen: 24
                          185.219.6.0/24 maxlen: 24
                          93.114.180.0/23 maxlen: 24
                          2a10:e300:35::/48 maxlen: 48
                          2a10:e300::/32 maxlen: 48
                          2a10:e300:26::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82551369 (0x4eba249)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
        Validity
            Not Before: May 12 11:20:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=08300d11aafb35414cf29df52b08491b7f567a1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d2:68:3b:4b:18:e7:19:2e:a1:d9:1d:68:d4:
                    e5:be:80:67:b7:e5:1a:50:d3:93:e8:b3:12:89:eb:
                    81:cd:29:94:f0:59:4d:23:db:31:fe:7d:f2:74:8d:
                    4b:e1:18:73:5f:1d:c5:b8:46:e4:e5:e4:71:5d:9b:
                    1a:e1:5c:90:8b:ff:ce:46:f5:12:42:2a:47:55:9c:
                    1d:03:50:da:57:48:bc:ba:d3:48:e7:27:7a:41:e7:
                    d1:80:e3:2c:9f:45:37:98:05:05:2a:61:ae:05:18:
                    8e:4b:ec:c8:0f:ce:55:be:6e:49:08:0f:e3:f6:9a:
                    a5:8d:52:2e:4c:4d:26:19:7c:da:e4:82:1b:64:ff:
                    16:57:08:92:09:39:a4:e7:b8:8a:78:1e:3e:e6:83:
                    e1:31:e2:c6:62:c4:9f:32:b9:ee:3e:03:c7:74:7c:
                    15:62:19:ff:69:cc:e8:94:9f:8d:fa:64:f2:1c:5b:
                    32:d6:fb:25:be:65:75:4f:55:a0:41:43:a7:ca:17:
                    f1:12:36:46:00:24:c6:ba:40:eb:d6:1c:05:51:e8:
                    4e:67:69:63:60:fa:41:99:f7:37:ca:56:da:83:35:
                    07:69:ec:2e:7a:93:45:b4:f1:7f:4a:b5:cb:30:ac:
                    fd:cc:31:1c:a8:f8:fd:84:f7:c2:38:17:ba:1a:66:
                    e0:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:30:0D:11:AA:FB:35:41:4C:F2:9D:F5:2B:08:49:1B:7F:56:7A:1F
            X509v3 Authority Key Identifier:
                keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/CDANEar7NUFM8p31KwhJG39Weh8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.113.236.0/23
                  93.114.180.0/23
                  103.229.81.0/24
                  185.219.6.0/24
                IPv6:
                  2a10:e300::/32

    Signature Algorithm: sha256WithRSAEncryption
         97:d8:81:ae:4f:ca:e8:2a:46:de:e0:6f:a2:40:0b:ac:55:ed:
         bf:8d:d1:fa:ff:76:85:51:b7:a9:e2:b2:84:cb:c9:4c:51:a0:
         4f:c1:8e:02:c2:dd:bf:54:fa:06:0e:26:ad:43:78:3f:31:d3:
         d8:00:39:8e:f0:09:3c:3e:10:14:2a:62:ed:95:2c:7b:c2:fe:
         fa:60:a9:e7:3a:dd:3e:5c:3c:d9:c9:7d:c9:64:54:7c:02:80:
         c4:91:16:3d:73:8f:35:db:0b:6c:ff:61:2d:cb:41:f7:68:54:
         f3:32:d1:8a:b5:64:1c:c3:db:19:99:eb:ed:a7:93:8b:4f:a0:
         e2:88:44:d8:e9:e4:7d:73:81:32:62:65:95:92:c2:12:14:8a:
         65:fa:67:e2:e9:ed:2c:1e:5e:75:2f:d1:af:aa:da:36:9e:3a:
         ec:f0:b7:4d:ef:93:6e:84:f2:da:9b:44:7c:15:80:49:4f:18:
         e4:ea:49:ce:af:a2:5e:65:27:10:97:ff:55:37:da:41:f4:91:
         e8:8f:8f:c6:d5:94:6f:e0:f3:10:c1:74:9f:7b:7c:1a:56:94:
         a3:3c:1d:e3:c3:04:e2:67:d2:4b:ed:5e:3a:22:e1:54:b8:e4:
         50:b8:c3:45:8e:f5:91:62:5b:97:b7:83:b1:c9:f8:e1:b7:26:
         7b:51:b7:05
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBOuiSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjkyYjVkYTRiNGZmZWFmNzIwNjQ5NTE4ZmJhYWExMGM1Y2IyODExMB4XDTIyMDUx
MjExMjAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgzMDBkMTFhYWZi
MzU0MTRjZjI5ZGY1MmIwODQ5MWI3ZjU2N2ExZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHSaDtLGOcZLqHZHWjU5b6AZ7flGlDTk+izEonrgc0plPBZ
TSPbMf598nSNS+EYc18dxbhG5OXkcV2bGuFckIv/zkb1EkIqR1WcHQNQ2ldIvLrT
SOcnekHn0YDjLJ9FN5gFBSphrgUYjkvsyA/OVb5uSQgP4/aapY1SLkxNJhl82uSC
G2T/FlcIkgk5pOe4ingePuaD4THixmLEnzK57j4Dx3R8FWIZ/2nM6JSfjfpk8hxb
Mtb7Jb5ldU9VoEFDp8oX8RI2RgAkxrpA69YcBVHoTmdpY2D6QZn3N8pW2oM1B2ns
LnqTRbTxf0q1yzCs/cwxHKj4/YT3wjgXuhpm4JECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQIMA0Rqvs1QUzynfUrCEkbf1Z6HzAfBgNVHSMEGDAWgBRCkrXaS0/+r3IG
SVGPuqoQxcsoETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FwSzEya3RQX3E5eUJrbFJqN3FxRU1YTEtCRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvNDUyMmZiLWMxZGEtNGNjYy1hN2M3LWEwNDNlMWI2N2I5NC8x
L0NEQU5FYXI3TlVGTThwMzFLd2hKRzM5V2VoOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
NDUyMmZiLWMxZGEtNGNjYy1hN2M3LWEwNDNlMWI2N2I5NC8xL1FwSzEya3RQX3E5
eUJrbFJqN3FxRU1YTEtCRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAS1x7AMEAV1ytAMEAGflUQMEALnb
BjANBAIAAjAHAwUAKhDjADANBgkqhkiG9w0BAQsFAAOCAQEAl9iBrk/K6CpG3uBv
okALrFXtv43R+v92hVG3qeKyhMvJTFGgT8GOAsLdv1T6Bg4mrUN4PzHT2AA5jvAJ
PD4QFCpi7ZUse8L++mCp5zrdPlw82cl9yWRUfAKAxJEWPXOPNdsLbP9hLctB92hU
8zLRirVkHMPbGZnr7aeTi0+g4ohE2OnkfXOBMmJllZLCEhSKZfpn4untLB5edS/R
r6raNp467PC3Te+TboTy2ptEfBWASU8Y5OpJzq+iXmUnEJf/VTfaQfSR6I+PxtWU
b+DzEMF0n3t8GlaUozwd48ME4mfSS+1eOiLhVLjkULjDRY71kWJbl7eDscn44bcm
e1G3BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:15 2024 by rpki-client on console-ams.rpki-client.org