Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/pmJNBDGQRPORx8w1AiM42vcQ7kw.roa
File:                     pmJNBDGQRPORx8w1AiM42vcQ7kw.roa (raw, json)
Hash identifier:          EJBJBkZ0MVqLnMUaOSOHUd4DoXgA8JrtTRCgYMlQR18=
Subject key identifier:   A6:62:4D:04:31:90:44:F3:91:C7:CC:35:02:23:38:DA:F7:10:EE:4C
Certificate issuer:       /CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Certificate serial:       067F3BA2
Authority key identifier: B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/pmJNBDGQRPORx8w1AiM42vcQ7kw.roa
Signing time:             Sat 01 Jan 2022 11:57:38 +0000
ROA not before:           Sat 01 Jan 2022 11:57:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        45.152.91.0/24 maxlen: 24
                          2a0f:5100:a01::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 109001634 (0x67f3ba2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9032bdb128c86e00b21c77959a8011c40d0650c
        Validity
            Not Before: Jan  1 11:57:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a6624d04319044f391c7cc35022338daf710ee4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:08:03:dc:49:13:a0:49:48:66:2d:36:a6:13:
                    45:8b:c3:88:a3:64:64:9e:8b:70:07:e5:3e:9d:28:
                    da:7a:b6:0a:21:23:22:0a:ac:04:88:42:0d:ca:f2:
                    0f:5d:43:5f:77:8e:bc:6f:ed:24:89:d9:2c:a2:fd:
                    7f:e9:36:05:19:9a:82:3b:2b:a3:c0:b4:1d:5f:d7:
                    5d:8e:f3:82:de:51:84:ef:10:77:9b:db:b1:9c:b7:
                    9f:2e:0e:de:5b:88:74:98:54:02:1b:6d:3e:d7:00:
                    d3:b9:1c:a0:c9:13:9e:ff:6d:90:5f:10:56:5a:68:
                    73:ff:e3:f2:d2:a6:46:2c:6b:8d:29:e7:d0:01:67:
                    e1:2f:11:b0:b2:db:c9:59:c9:73:09:0c:b3:d2:92:
                    f5:f5:1f:a1:24:ac:17:77:5e:97:09:9e:f9:fe:9f:
                    0d:69:bc:c2:1e:09:7e:68:f3:5a:98:51:fd:cd:6a:
                    ce:30:5e:30:b1:cc:91:ad:2e:ff:a2:5f:52:da:93:
                    21:19:19:6a:9c:52:a8:4d:16:ec:49:0d:19:2d:99:
                    93:35:70:be:79:b1:d8:a5:4c:82:f3:51:f8:ba:4c:
                    be:22:8d:aa:b5:3c:f2:75:c9:c0:cf:09:a7:ff:5d:
                    14:d3:06:6b:3e:ba:a9:e7:7a:4a:b8:3b:81:65:a1:
                    fe:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:62:4D:04:31:90:44:F3:91:C7:CC:35:02:23:38:DA:F7:10:EE:4C
            X509v3 Authority Key Identifier:
                keyid:B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/pmJNBDGQRPORx8w1AiM42vcQ7kw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/uQMr2xKMhuALIcd5WagBHEDQZQw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.91.0/24
                IPv6:
                  2a0f:5100:a01::/48

    Signature Algorithm: sha256WithRSAEncryption
         b8:64:61:fb:3e:f8:fe:bc:4d:68:f4:26:4a:de:b7:fd:5c:09:
         f3:67:6c:23:53:49:cc:fc:35:8a:41:4d:d4:4e:83:09:37:5e:
         5c:1a:8b:db:28:de:58:b0:7a:f2:7e:a5:25:34:f8:ec:bd:55:
         ea:08:42:25:8b:42:ea:71:44:32:08:36:63:f5:0d:ca:69:29:
         64:25:92:86:6a:10:23:b8:a3:de:76:3a:ca:70:90:27:88:64:
         12:21:fb:0e:38:f7:5b:10:e8:64:b2:dd:41:f3:16:c7:53:ed:
         17:cd:5f:3e:8f:0b:9c:19:9b:a0:67:fa:5f:1a:dd:76:48:0c:
         29:84:ec:bd:96:e3:86:55:58:a7:f1:84:6c:45:7f:37:5b:1c:
         87:86:16:0f:4f:ff:40:2a:3a:10:a4:10:a9:79:62:8a:ff:0a:
         cc:b5:7c:dc:c6:45:2e:37:1f:5c:d5:67:cd:b7:02:2d:aa:9e:
         77:55:40:6f:75:85:60:24:ae:bc:8f:cf:1d:ae:08:e2:2f:0f:
         aa:38:27:97:61:3b:85:94:cb:88:69:6c:45:56:14:2b:2c:29:
         aa:35:57:b9:45:65:47:9b:1a:ae:c3:9d:d9:2a:f7:bc:12:06:
         6a:99:e2:2d:96:66:c9:63:23:fd:c0:3e:e3:7d:41:f7:10:0f:
         eb:fe:b8:6e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBn87ojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTAzMmJkYjEyOGM4NmUwMGIyMWM3Nzk1OWE4MDExYzQwZDA2NTBjMB4XDTIyMDEw
MTExNTczOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY2MjRkMDQzMTkw
NDRmMzkxYzdjYzM1MDIyMzM4ZGFmNzEwZWU0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAIA9xJE6BJSGYtNqYTRYvDiKNkZJ6LcAflPp0o2nq2CiEj
IgqsBIhCDcryD11DX3eOvG/tJInZLKL9f+k2BRmagjsro8C0HV/XXY7zgt5RhO8Q
d5vbsZy3ny4O3luIdJhUAhttPtcA07kcoMkTnv9tkF8QVlpoc//j8tKmRixrjSnn
0AFn4S8RsLLbyVnJcwkMs9KS9fUfoSSsF3delwme+f6fDWm8wh4JfmjzWphR/c1q
zjBeMLHMka0u/6JfUtqTIRkZapxSqE0W7EkNGS2ZkzVwvnmx2KVMgvNR+LpMviKN
qrU88nXJwM8Jp/9dFNMGaz66qed6Srg7gWWh/hcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSmYk0EMZBE85HHzDUCIzja9xDuTDAfBgNVHSMEGDAWgBS5AyvbEoyG4Ash
x3lZqAEcQNBlDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VRTXIyeEtNaHVBTEljZDVXYWdCSEVEUVpRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvYmNiMDNkLTFjMTEtNDUxNi1hODhmLWZlODQ2Zjc1ZDE3MC8x
L3BtSk5CREdRUlBPUng4dzFBaU00MnZjUTdrdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
YmNiMDNkLTFjMTEtNDUxNi1hODhmLWZlODQ2Zjc1ZDE3MC8xL3VRTXIyeEtNaHVB
TEljZDVXYWdCSEVEUVpRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAC2YWzAPBAIAAjAJAwcAKg9RAAoB
MA0GCSqGSIb3DQEBCwUAA4IBAQC4ZGH7Pvj+vE1o9CZK3rf9XAnzZ2wjU0nM/DWK
QU3UToMJN15cGovbKN5YsHryfqUlNPjsvVXqCEIli0LqcUQyCDZj9Q3KaSlkJZKG
ahAjuKPedjrKcJAniGQSIfsOOPdbEOhkst1B8xbHU+0XzV8+jwucGZugZ/pfGt12
SAwphOy9luOGVVin8YRsRX83WxyHhhYPT/9AKjoQpBCpeWKK/wrMtXzcxkUuNx9c
1WfNtwItqp53VUBvdYVgJK68j88drgjiLw+qOCeXYTuFlMuIaWxFVhQrLCmqNVe5
RWVHmxquw53ZKve8EgZqmeItlmbJYyP9wD7jfUH3EA/r/rhu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:57 2024 by rpki-client on console-ams.rpki-client.org