Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/0730d1-c67b-435e-b329-d8310db97951/1/tEp6nrpm8_y7zIcoSpX_KR1-8Cg.roa
File:                     tEp6nrpm8_y7zIcoSpX_KR1-8Cg.roa (raw, json)
Hash identifier:          lweht3RdMnzi4Cw5ZgcBM3fDcwoX9X2b4pPrX1YCxEE=
Subject key identifier:   B4:4A:7A:9E:BA:66:F3:FC:BB:CC:87:28:4A:95:FF:29:1D:7E:F0:28
Certificate issuer:       /CN=a3b2f4daed7bef2a6ab4bbb9aafac5654ddc53c1
Certificate serial:       02C6D62E
Authority key identifier: A3:B2:F4:DA:ED:7B:EF:2A:6A:B4:BB:B9:AA:FA:C5:65:4D:DC:53:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o7L02u177ypqtLu5qvrFZU3cU8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/0730d1-c67b-435e-b329-d8310db97951/1/tEp6nrpm8_y7zIcoSpX_KR1-8Cg.roa
Signing time:             Sat 01 Jan 2022 12:56:39 +0000
ROA not before:           Sat 01 Jan 2022 12:56:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203714
IP address blocks:        45.134.62.0/23 maxlen: 23
                          45.134.62.0/24 maxlen: 24
                          45.134.60.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46585390 (0x2c6d62e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3b2f4daed7bef2a6ab4bbb9aafac5654ddc53c1
        Validity
            Not Before: Jan  1 12:56:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b44a7a9eba66f3fcbbcc87284a95ff291d7ef028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:82:20:a1:33:10:cf:12:de:5b:ef:4c:09:ec:
                    19:f9:89:52:73:4f:e4:7f:89:81:75:7d:27:d9:4b:
                    a3:be:b6:40:86:dd:39:4b:21:b7:e3:17:c2:9a:25:
                    2d:b0:ff:f9:43:0c:34:54:5c:96:f2:b2:b6:2a:e8:
                    b1:c0:88:97:bd:6d:70:83:59:36:97:36:2a:61:41:
                    0d:aa:9d:20:e0:40:3b:16:af:b5:72:12:18:de:f2:
                    eb:a4:a5:e1:38:7f:73:bf:91:51:f5:22:4b:2a:44:
                    90:25:32:3d:54:21:c8:73:72:14:86:19:6d:76:80:
                    61:ee:60:c8:8e:22:9e:be:a8:28:78:13:80:92:d1:
                    2b:69:3b:cf:01:df:8f:ac:31:f2:74:07:4e:ef:f2:
                    9e:e1:7f:0b:62:89:80:81:35:92:4e:97:30:d9:ff:
                    e4:2c:ae:bb:77:9e:62:b6:27:48:88:1e:e8:c0:96:
                    e7:41:9e:1d:85:73:c1:59:89:95:02:84:8f:bb:58:
                    b1:77:38:6c:d4:cc:1e:92:72:55:4c:0f:79:0a:11:
                    bd:16:46:32:31:a0:ca:13:f2:98:c3:57:07:63:44:
                    0b:f0:e8:32:e1:ab:55:bf:af:56:0e:cb:64:53:00:
                    5c:d3:17:c4:4c:cd:73:1c:98:3a:f0:98:c8:d8:a0:
                    3f:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:4A:7A:9E:BA:66:F3:FC:BB:CC:87:28:4A:95:FF:29:1D:7E:F0:28
            X509v3 Authority Key Identifier:
                keyid:A3:B2:F4:DA:ED:7B:EF:2A:6A:B4:BB:B9:AA:FA:C5:65:4D:DC:53:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o7L02u177ypqtLu5qvrFZU3cU8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0730d1-c67b-435e-b329-d8310db97951/1/tEp6nrpm8_y7zIcoSpX_KR1-8Cg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0730d1-c67b-435e-b329-d8310db97951/1/o7L02u177ypqtLu5qvrFZU3cU8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.134.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         d5:80:b6:a2:b6:61:f4:ab:0e:b7:7a:19:e4:d6:9e:de:d6:8c:
         cc:60:20:98:20:30:91:62:a7:f6:e2:2d:fa:f4:96:a5:e3:86:
         49:c7:5c:d7:4d:5a:95:47:e7:32:fe:54:34:ae:a2:fe:59:0b:
         5e:ce:8c:26:51:ce:6b:64:44:6e:ae:14:4f:3f:7c:69:1e:0d:
         7f:f2:99:c7:20:a6:7d:7b:41:9d:24:4a:e1:1e:27:30:2f:5c:
         82:40:5f:f5:90:a1:e5:20:bc:59:1f:5d:ab:69:d4:d5:c2:b4:
         39:88:f7:98:55:eb:1b:d6:8c:8b:b9:6a:13:af:be:a0:d9:6c:
         63:15:aa:f1:61:a8:71:ac:e7:f9:2f:35:31:17:87:4a:26:4a:
         bf:dd:45:f2:a8:c8:ce:3c:f6:3c:f5:46:7e:fa:80:a7:0b:8a:
         20:e4:9c:ed:44:87:10:28:1c:2d:c5:86:32:b5:48:13:1a:d1:
         28:9e:08:68:ee:85:aa:2e:cb:1f:5f:a4:92:bb:aa:80:66:13:
         97:08:a7:97:27:49:74:f4:27:7a:ab:c0:39:50:84:95:85:f1:
         c0:2c:13:c8:81:5d:fc:c0:e4:38:df:05:00:c4:aa:22:07:21:
         93:5e:db:f5:83:f7:a7:7b:a3:e4:d9:e0:c2:34:ad:8b:25:e0:
         27:74:70:c5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAsbWLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
M2IyZjRkYWVkN2JlZjJhNmFiNGJiYjlhYWZhYzU2NTRkZGM1M2MxMB4XDTIyMDEw
MTEyNTYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ0YTdhOWViYTY2
ZjNmY2JiY2M4NzI4NGE5NWZmMjkxZDdlZjAyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmCIKEzEM8S3lvvTAnsGfmJUnNP5H+JgXV9J9lLo762QIbd
OUsht+MXwpolLbD/+UMMNFRclvKytiroscCIl71tcINZNpc2KmFBDaqdIOBAOxav
tXISGN7y66Sl4Th/c7+RUfUiSypEkCUyPVQhyHNyFIYZbXaAYe5gyI4inr6oKHgT
gJLRK2k7zwHfj6wx8nQHTu/ynuF/C2KJgIE1kk6XMNn/5Cyuu3eeYrYnSIge6MCW
50GeHYVzwVmJlQKEj7tYsXc4bNTMHpJyVUwPeQoRvRZGMjGgyhPymMNXB2NEC/Do
MuGrVb+vVg7LZFMAXNMXxEzNcxyYOvCYyNigP2ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS0Snqeumbz/LvMhyhKlf8pHX7wKDAfBgNVHSMEGDAWgBSjsvTa7XvvKmq0
u7mq+sVlTdxTwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L283TDAydTE3N3lwcXRMdTVxdnJGWlUzY1U4RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvMDczMGQxLWM2N2ItNDM1ZS1iMzI5LWQ4MzEwZGI5Nzk1MS8x
L3RFcDZucnBtOF95N3pJY29TcFhfS1IxLThDZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
MDczMGQxLWM2N2ItNDM1ZS1iMzI5LWQ4MzEwZGI5Nzk1MS8xL283TDAydTE3N3lw
cXRMdTVxdnJGWlUzY1U4RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2GPDANBgkqhkiG9w0BAQsFAAOC
AQEA1YC2orZh9KsOt3oZ5Nae3taMzGAgmCAwkWKn9uIt+vSWpeOGScdc101alUfn
Mv5UNK6i/lkLXs6MJlHOa2REbq4UTz98aR4Nf/KZxyCmfXtBnSRK4R4nMC9cgkBf
9ZCh5SC8WR9dq2nU1cK0OYj3mFXrG9aMi7lqE6++oNlsYxWq8WGocazn+S81MReH
SiZKv91F8qjIzjz2PPVGfvqApwuKIOSc7USHECgcLcWGMrVIExrRKJ4IaO6Fqi7L
H1+kkruqgGYTlwinlydJdPQneqvAOVCElYXxwCwTyIFd/MDkON8FAMSqIgchk17b
9YP3p3uj5NngwjStiyXgJ3RwxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:59 2024 by rpki-client on console-fra.rpki-client.org