Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/DbE4LrO5h5RiJh8mZhU_bWMCZhE.roa
File:                     DbE4LrO5h5RiJh8mZhU_bWMCZhE.roa (raw, json)
Hash identifier:          ipGp+r6X+VCRJSqQvzGCnwOBbXIBsWbRYHti7buNa4s=
Subject key identifier:   0D:B1:38:2E:B3:B9:87:94:62:26:1F:26:66:15:3F:6D:63:02:66:11
Certificate issuer:       /CN=7c4b917dc9046a065678ae0df4d3e30369c59c69
Certificate serial:       0A283EFC
Authority key identifier: 7C:4B:91:7D:C9:04:6A:06:56:78:AE:0D:F4:D3:E3:03:69:C5:9C:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/DbE4LrO5h5RiJh8mZhU_bWMCZhE.roa
Signing time:             Sun 26 Jun 2022 12:48:21 +0000
ROA not before:           Sun 26 Jun 2022 12:48:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48550
IP address blocks:        45.12.121.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 170409724 (0xa283efc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c4b917dc9046a065678ae0df4d3e30369c59c69
        Validity
            Not Before: Jun 26 12:48:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0db1382eb3b9879462261f2666153f6d63026611
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:0c:35:43:8f:fc:8c:16:60:c4:9a:e1:83:c9:
                    14:41:bc:8d:a0:58:ce:01:d8:de:bb:bb:22:b1:cf:
                    aa:58:5e:d2:16:93:ec:14:e5:8f:55:c4:ce:da:f0:
                    0f:11:ee:7b:89:8b:2f:9b:74:91:b7:82:10:fa:1a:
                    a2:a4:a1:27:c4:fd:61:7b:df:88:80:ba:f2:61:e4:
                    ca:a7:ba:b0:39:4e:71:5b:d5:60:97:21:4f:e6:4c:
                    6c:bc:c8:6a:0d:8d:15:92:78:b8:8f:75:4c:b4:ae:
                    33:d0:6c:04:d5:d8:0e:24:f1:05:1f:4d:22:16:98:
                    90:fc:37:43:b4:d7:38:c4:21:1b:f7:64:57:70:7c:
                    55:89:bc:67:94:25:21:ce:dc:b5:cc:a2:74:8e:0f:
                    ba:d3:49:11:4d:73:45:68:1b:84:04:6b:f4:b3:4c:
                    ce:73:d7:9f:8d:5f:13:a8:21:74:e9:d4:f1:1b:72:
                    eb:37:33:8e:0e:14:d8:82:cf:56:25:8e:e6:52:be:
                    91:7b:65:f1:dd:e4:3c:8b:7e:3c:f3:15:17:7c:76:
                    b8:62:d1:5c:9f:80:02:5b:b3:8c:0b:ca:70:2c:db:
                    17:6f:77:6f:74:47:ef:20:33:89:14:db:1f:44:7c:
                    2f:7a:cc:2a:ae:ea:77:41:90:f8:4e:04:09:ea:c9:
                    ee:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:B1:38:2E:B3:B9:87:94:62:26:1F:26:66:15:3F:6D:63:02:66:11
            X509v3 Authority Key Identifier:
                keyid:7C:4B:91:7D:C9:04:6A:06:56:78:AE:0D:F4:D3:E3:03:69:C5:9C:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/DbE4LrO5h5RiJh8mZhU_bWMCZhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/fEuRfckEagZWeK4N9NPjA2nFnGk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:2b:97:79:72:b0:82:ab:34:0a:37:ad:f9:f9:47:5d:95:3c:
         b3:42:63:bb:d8:d6:d2:0f:7d:d2:a0:dc:fc:51:64:7d:c0:c7:
         4e:b1:c5:4f:50:0d:f9:16:43:58:dd:c4:9b:5b:a5:70:de:5f:
         88:4e:22:e2:c8:4c:4d:84:92:32:c4:7c:85:ec:dc:07:38:f4:
         5b:44:cb:03:80:a9:c4:36:e0:39:06:58:c0:3a:f5:16:5d:31:
         34:a0:79:bd:c9:10:e4:64:aa:04:64:7e:37:d4:f2:92:cd:41:
         f3:77:99:4b:95:f8:e2:26:78:76:4b:26:46:6c:41:aa:e8:32:
         32:45:af:02:74:f2:e7:c1:f7:e6:aa:47:c7:0b:46:6e:61:d1:
         5b:ac:43:79:c5:9f:ec:4b:32:24:e8:35:53:00:a2:b5:14:c9:
         10:66:88:1a:e9:33:e4:a2:ff:88:d2:6e:f3:c4:d8:d6:c4:00:
         c4:1d:52:4e:e1:ae:54:aa:e5:d5:eb:00:75:4c:49:2f:14:d6:
         6a:c0:7e:e0:42:37:27:c0:cc:43:d2:e3:89:c2:c9:dc:70:c2:
         53:33:a2:c6:22:06:a9:d7:af:5d:96:0e:1d:53:6c:c1:f6:91:
         cb:39:b8:d3:b5:d0:4f:95:dd:90:bf:9c:e7:08:14:1a:67:0d:
         7c:86:a4:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECig+/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzRiOTE3ZGM5MDQ2YTA2NTY3OGFlMGRmNGQzZTMwMzY5YzU5YzY5MB4XDTIyMDYy
NjEyNDgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRiMTM4MmViM2I5
ODc5NDYyMjYxZjI2NjYxNTNmNmQ2MzAyNjYxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIAMNUOP/IwWYMSa4YPJFEG8jaBYzgHY3ru7IrHPqlhe0haT
7BTlj1XEztrwDxHue4mLL5t0kbeCEPoaoqShJ8T9YXvfiIC68mHkyqe6sDlOcVvV
YJchT+ZMbLzIag2NFZJ4uI91TLSuM9BsBNXYDiTxBR9NIhaYkPw3Q7TXOMQhG/dk
V3B8VYm8Z5QlIc7ctcyidI4PutNJEU1zRWgbhARr9LNMznPXn41fE6ghdOnU8Rty
6zczjg4U2ILPViWO5lK+kXtl8d3kPIt+PPMVF3x2uGLRXJ+AAluzjAvKcCzbF293
b3RH7yAziRTbH0R8L3rMKq7qd0GQ+E4ECerJ7u8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQNsTgus7mHlGImHyZmFT9tYwJmETAfBgNVHSMEGDAWgBR8S5F9yQRqBlZ4
rg300+MDacWcaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZFdVJmY2tFYWdaV2VLNE45TlBqQTJuRm5Hay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvOGQ4NWQ3LTQwNDktNGI1YS05YmY3LTkxYzcwZjYxYTA2Ny8x
L0RiRTRMck81aDVSaUpoOG1aaFVfYldNQ1poRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
OGQ4NWQ3LTQwNDktNGI1YS05YmY3LTkxYzcwZjYxYTA2Ny8xL2ZFdVJmY2tFYWda
V2VLNE45TlBqQTJuRm5Hay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0MeTANBgkqhkiG9w0BAQsFAAOC
AQEAmSuXeXKwgqs0Cjet+flHXZU8s0Jju9jW0g990qDc/FFkfcDHTrHFT1AN+RZD
WN3Em1ulcN5fiE4i4shMTYSSMsR8hezcBzj0W0TLA4CpxDbgOQZYwDr1Fl0xNKB5
vckQ5GSqBGR+N9Tyks1B83eZS5X44iZ4dksmRmxBqugyMkWvAnTy58H35qpHxwtG
bmHRW6xDecWf7EsyJOg1UwCitRTJEGaIGukz5KL/iNJu88TY1sQAxB1STuGuVKrl
1esAdUxJLxTWasB+4EI3J8DMQ9LjicLJ3HDCUzOixiIGqdevXZYOHVNswfaRyzm4
07XQT5XdkL+c5wgUGmcNfIakCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:53 2024 by rpki-client on console-ams.rpki-client.org