Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/8ab976-e53a-4c43-a8e8-2014fe0a1611/1/zRROMljCDhiZqYelk_gCQzXHpMg.roa
File:                     zRROMljCDhiZqYelk_gCQzXHpMg.roa (raw, json)
Hash identifier:          ohkwKneURTrtPNtWwARX0YXX8iajdGstjXWhOJw2BBo=
Subject key identifier:   CD:14:4E:32:58:C2:0E:18:99:A9:87:A5:93:F8:02:43:35:C7:A4:C8
Certificate issuer:       /CN=323e300a7b63ad4fefbae671f51abc24f1128719
Certificate serial:       082F9281
Authority key identifier: 32:3E:30:0A:7B:63:AD:4F:EF:BA:E6:71:F5:1A:BC:24:F1:12:87:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mj4wCntjrU_vuuZx9Rq8JPEShxk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/8ab976-e53a-4c43-a8e8-2014fe0a1611/1/zRROMljCDhiZqYelk_gCQzXHpMg.roa
Signing time:             Sat 01 Jan 2022 11:57:22 +0000
ROA not before:           Sat 01 Jan 2022 11:57:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208418
IP address blocks:        45.81.52.0/24 maxlen: 24
                          45.81.52.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137335425 (0x82f9281)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=323e300a7b63ad4fefbae671f51abc24f1128719
        Validity
            Not Before: Jan  1 11:57:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cd144e3258c20e1899a987a593f8024335c7a4c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:9f:8e:9c:f1:17:65:bc:14:2b:f7:f2:a1:30:
                    1e:a8:41:65:60:39:41:4f:7b:00:57:2a:83:9b:81:
                    6a:05:5f:c9:1d:cd:55:94:4f:12:a6:10:5c:64:e0:
                    84:30:a4:dd:e4:de:d1:1c:a7:c8:34:1b:b2:73:db:
                    69:4b:ca:b6:52:13:0a:0c:2f:f6:f3:e3:46:70:94:
                    eb:e3:7d:e3:cf:3f:52:71:9b:10:7e:e5:55:a8:f3:
                    f7:3d:8a:0f:fe:c9:54:22:cf:64:bf:a7:51:74:12:
                    0d:12:f4:ac:3c:48:f5:a0:9d:46:04:b0:ab:72:7e:
                    e2:0c:d1:2d:4d:24:e1:e7:98:a8:ff:dc:41:ba:be:
                    f4:e4:e7:f3:08:55:d5:7c:80:10:93:ba:ae:f9:4d:
                    fc:fe:ba:9e:0b:49:52:07:8f:96:d4:c5:65:01:65:
                    e1:28:9f:0a:a4:f7:a0:5e:6b:d7:1d:b3:b9:df:b3:
                    7e:2f:4d:6c:20:76:ab:68:da:e1:db:02:e1:88:92:
                    1a:0f:35:ae:7d:ba:b3:40:05:4e:ed:fb:c5:21:8f:
                    09:50:08:20:60:2c:32:ee:7d:61:0d:d3:be:3a:01:
                    d3:df:ee:09:7b:66:bc:6e:4d:55:0b:08:8f:dc:e5:
                    80:62:19:87:54:02:b7:0c:6f:81:93:b3:15:91:cd:
                    43:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:14:4E:32:58:C2:0E:18:99:A9:87:A5:93:F8:02:43:35:C7:A4:C8
            X509v3 Authority Key Identifier:
                keyid:32:3E:30:0A:7B:63:AD:4F:EF:BA:E6:71:F5:1A:BC:24:F1:12:87:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mj4wCntjrU_vuuZx9Rq8JPEShxk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/8ab976-e53a-4c43-a8e8-2014fe0a1611/1/zRROMljCDhiZqYelk_gCQzXHpMg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/8ab976-e53a-4c43-a8e8-2014fe0a1611/1/Mj4wCntjrU_vuuZx9Rq8JPEShxk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:1b:86:9a:1c:d5:cd:6a:89:c3:2c:17:fc:29:99:b2:10:3c:
         4a:0e:01:a1:f5:1a:e0:5a:5f:68:df:ca:26:2e:de:65:89:f1:
         9d:70:83:51:3c:f2:4f:6d:87:d1:f6:10:1d:d9:c8:c2:5e:da:
         09:13:a4:0a:6e:f8:73:ef:82:8e:2d:19:d9:37:74:19:44:8a:
         18:58:58:86:7b:1e:8d:7e:4b:b9:ad:31:06:d9:a2:78:bf:eb:
         ca:e4:30:a7:0e:66:fb:b6:87:88:4a:c6:c3:ec:08:05:5a:85:
         26:0d:df:cd:13:bd:81:75:d8:82:68:17:2f:f6:05:62:cd:ec:
         d7:95:55:51:6c:5a:b3:19:81:97:7f:7c:15:94:eb:38:51:06:
         79:18:19:3c:af:70:7d:2c:b1:e3:b5:c0:87:c2:11:94:cf:a9:
         71:3d:d7:93:56:a8:86:36:5e:a6:51:c9:98:bd:31:98:de:70:
         30:40:2f:b5:29:40:62:45:7e:40:60:9b:c0:23:ef:83:71:df:
         e9:d6:4e:74:bb:3a:a1:10:e7:43:5a:40:72:a5:07:c1:12:b2:
         c6:d2:90:51:e9:9a:83:ea:5d:aa:72:5a:67:4a:8c:9b:6b:24:
         41:ff:d5:b2:56:6b:2d:5e:7a:6c:28:10:e0:a5:5f:68:7a:1a:
         ae:d6:16:87
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECC+SgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjNlMzAwYTdiNjNhZDRmZWZiYWU2NzFmNTFhYmMyNGYxMTI4NzE5MB4XDTIyMDEw
MTExNTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QxNDRlMzI1OGMy
MGUxODk5YTk4N2E1OTNmODAyNDMzNWM3YTRjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJafjpzxF2W8FCv38qEwHqhBZWA5QU97AFcqg5uBagVfyR3N
VZRPEqYQXGTghDCk3eTe0RynyDQbsnPbaUvKtlITCgwv9vPjRnCU6+N9488/UnGb
EH7lVajz9z2KD/7JVCLPZL+nUXQSDRL0rDxI9aCdRgSwq3J+4gzRLU0k4eeYqP/c
Qbq+9OTn8whV1XyAEJO6rvlN/P66ngtJUgePltTFZQFl4SifCqT3oF5r1x2zud+z
fi9NbCB2q2ja4dsC4YiSGg81rn26s0AFTu37xSGPCVAIIGAsMu59YQ3TvjoB09/u
CXtmvG5NVQsIj9zlgGIZh1QCtwxvgZOzFZHNQ/cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTNFE4yWMIOGJmph6WT+AJDNcekyDAfBgNVHSMEGDAWgBQyPjAKe2OtT++6
5nH1Grwk8RKHGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01qNHdDbnRqclVfdnV1Wng5UnE4SlBFU2h4ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvOGFiOTc2LWU1M2EtNGM0My1hOGU4LTIwMTRmZTBhMTYxMS8x
L3pSUk9NbGpDRGhpWnFZZWxrX2dDUXpYSHBNZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
OGFiOTc2LWU1M2EtNGM0My1hOGU4LTIwMTRmZTBhMTYxMS8xL01qNHdDbnRqclVf
dnV1Wng5UnE4SlBFU2h4ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1RNDANBgkqhkiG9w0BAQsFAAOC
AQEAlBuGmhzVzWqJwywX/CmZshA8Sg4BofUa4FpfaN/KJi7eZYnxnXCDUTzyT22H
0fYQHdnIwl7aCROkCm74c++Cji0Z2Td0GUSKGFhYhnsejX5Lua0xBtmieL/ryuQw
pw5m+7aHiErGw+wIBVqFJg3fzRO9gXXYgmgXL/YFYs3s15VVUWxasxmBl398FZTr
OFEGeRgZPK9wfSyx47XAh8IRlM+pcT3Xk1aohjZeplHJmL0xmN5wMEAvtSlAYkV+
QGCbwCPvg3Hf6dZOdLs6oRDnQ1pAcqUHwRKyxtKQUemag+pdqnJaZ0qMm2skQf/V
slZrLV56bCgQ4KVfaHoartYWhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:21 2024 by rpki-client on console-ams.rpki-client.org