Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/1-uPiDOroq8k17BmHz1JxBqoiMk4.roa
File:                     1-uPiDOroq8k17BmHz1JxBqoiMk4.roa (raw, json)
Hash identifier:          sONokeEZdoQZ9jz6TgW6LMFOqJ/2s3QyBnpZDbMzaCA=
Subject key identifier:   FA:E3:E2:0C:EA:E8:AB:C9:35:EC:19:87:CF:52:71:06:AA:22:32:4E
Certificate issuer:       /CN=0a30b635d357468d7f932d3e1f59d5373cf9f465
Certificate serial:       089429F4
Authority key identifier: 0A:30:B6:35:D3:57:46:8D:7F:93:2D:3E:1F:59:D5:37:3C:F9:F4:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CjC2NdNXRo1_ky0-H1nVNzz59GU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/1-uPiDOroq8k17BmHz1JxBqoiMk4.roa
Signing time:             Thu 24 Mar 2022 00:35:38 +0000
ROA not before:           Thu 24 Mar 2022 00:35:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        45.95.116.0/22 maxlen: 24
                          45.12.186.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 143927796 (0x89429f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a30b635d357468d7f932d3e1f59d5373cf9f465
        Validity
            Not Before: Mar 24 00:35:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fae3e20ceae8abc935ec1987cf527106aa22324e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:da:61:21:de:3f:ef:5d:f2:e2:06:b4:f3:f2:
                    5e:b5:f9:44:59:f2:f1:5a:23:94:20:aa:f9:ce:35:
                    db:25:71:3e:a3:08:f4:a7:f3:12:52:b5:e2:f5:12:
                    b2:89:7a:82:0c:4e:e3:f6:a8:4c:28:72:bb:d6:08:
                    31:2e:45:21:47:42:6d:87:75:d8:5a:67:3a:c9:06:
                    b4:03:d3:5f:6d:af:1f:e6:bf:9b:bb:9b:65:f3:59:
                    23:86:28:d7:ab:c8:ee:62:ba:45:5d:2b:ea:dc:47:
                    94:b3:29:e1:84:cb:fe:8b:f4:d1:43:de:02:11:73:
                    b0:51:17:40:cc:79:60:87:ea:ce:b4:13:63:d5:08:
                    38:83:07:bc:b7:b3:10:d1:50:b3:58:26:b6:cc:81:
                    43:f6:76:8e:ea:3c:9c:88:14:ef:7f:f9:92:61:22:
                    60:e5:d8:17:ff:90:33:bb:bf:1b:51:6b:d6:e8:4c:
                    d5:00:78:04:bc:2d:2e:ba:f3:2c:2f:9d:54:b6:53:
                    03:d3:d5:10:f0:72:4f:0e:27:10:88:3e:77:11:34:
                    d6:ee:3e:01:45:80:e3:e3:60:cb:0c:04:73:04:9d:
                    19:fb:66:d9:c4:bd:17:5e:e7:24:1d:b2:37:66:c1:
                    04:ff:6f:df:93:7e:5d:96:b9:ec:37:28:34:94:85:
                    60:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:E3:E2:0C:EA:E8:AB:C9:35:EC:19:87:CF:52:71:06:AA:22:32:4E
            X509v3 Authority Key Identifier:
                keyid:0A:30:B6:35:D3:57:46:8D:7F:93:2D:3E:1F:59:D5:37:3C:F9:F4:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjC2NdNXRo1_ky0-H1nVNzz59GU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/1-uPiDOroq8k17BmHz1JxBqoiMk4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/CjC2NdNXRo1_ky0-H1nVNzz59GU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.186.0/23
                  45.95.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:ff:75:d2:35:21:1f:15:00:41:2b:de:da:82:35:f8:64:97:
         e3:53:c5:0e:28:29:44:71:a2:47:e3:4b:a1:ea:f3:6d:b4:af:
         87:e1:a6:d9:1e:7b:cb:a6:1e:bd:82:54:7b:ac:7c:05:b7:ba:
         63:e4:c5:d3:83:53:46:bf:5e:ec:45:fc:3a:8a:f5:78:7d:b3:
         f4:dd:0e:47:cb:e9:dd:6a:eb:4c:c2:5e:1f:68:8b:fc:8b:a6:
         08:6f:22:04:53:d3:5b:a7:4c:15:62:7e:03:92:92:c0:dc:87:
         fb:be:fe:e4:d6:76:5e:fc:8e:85:c2:fe:f1:18:64:b1:92:13:
         8e:4f:0a:40:61:e4:10:12:6f:95:8e:45:61:bf:be:49:b5:5b:
         62:cb:d9:35:e1:24:c8:a5:34:e0:55:1e:3e:02:3c:88:9f:49:
         92:94:05:2c:4b:fe:d1:f1:01:a9:47:5c:98:84:a8:ba:7b:fe:
         dd:98:a3:09:25:18:36:f5:61:d6:1e:25:55:a9:6b:f8:fb:bf:
         75:83:17:9e:87:e1:69:82:29:79:9b:72:07:39:72:45:96:d6:
         8c:9a:4d:58:4d:d9:b6:e8:67:0a:df:a5:fe:a5:a0:9f:e1:8a:
         8d:0f:65:46:0b:60:de:a5:5e:f7:cc:04:cb:9b:0d:14:40:d1:
         1e:0c:cf:75
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIECJQp9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTMwYjYzNWQzNTc0NjhkN2Y5MzJkM2UxZjU5ZDUzNzNjZjlmNDY1MB4XDTIyMDMy
NDAwMzUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFlM2UyMGNlYWU4
YWJjOTM1ZWMxOTg3Y2Y1MjcxMDZhYTIyMzI0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjaYSHeP+9d8uIGtPPyXrX5RFny8VojlCCq+c412yVxPqMI
9KfzElK14vUSsol6ggxO4/aoTChyu9YIMS5FIUdCbYd12FpnOskGtAPTX22vH+a/
m7ubZfNZI4Yo16vI7mK6RV0r6txHlLMp4YTL/ov00UPeAhFzsFEXQMx5YIfqzrQT
Y9UIOIMHvLezENFQs1gmtsyBQ/Z2juo8nIgU73/5kmEiYOXYF/+QM7u/G1Fr1uhM
1QB4BLwtLrrzLC+dVLZTA9PVEPByTw4nEIg+dxE01u4+AUWA4+NgywwEcwSdGftm
2cS9F17nJB2yN2bBBP9v35N+XZa57DcoNJSFYJ8CAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT64+IM6uiryTXsGYfPUnEGqiIyTjAfBgNVHSMEGDAWgBQKMLY101dGjX+T
LT4fWdU3PPn0ZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqQzJOZE5YUm8xX2t5MC1IMW5WTnp6NTlHVS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvMTc4NWYxLWFlMjMtNDBmMC04M2YyLTZkZWYzOThjZTVjOS8x
LzEtdVBpRE9yb3E4azE3Qm1IejFKeEJxb2lNazQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc1
LzE3ODVmMS1hZTIzLTQwZjAtODNmMi02ZGVmMzk4Y2U1YzkvMS9DakMyTmROWFJv
MV9reTAtSDFuVk56ejU5R1UuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAEtDLoDBAItX3QwDQYJKoZIhvcN
AQELBQADggEBADD/ddI1IR8VAEEr3tqCNfhkl+NTxQ4oKURxokfjS6Hq8220r4fh
ptkee8umHr2CVHusfAW3umPkxdODU0a/XuxF/DqK9Xh9s/TdDkfL6d1q60zCXh9o
i/yLpghvIgRT01unTBVifgOSksDch/u+/uTWdl78joXC/vEYZLGSE45PCkBh5BAS
b5WORWG/vkm1W2LL2TXhJMilNOBVHj4CPIifSZKUBSxL/tHxAalHXJiEqLp7/t2Y
owklGDb1YdYeJVWpa/j7v3WDF56H4WmCKXmbcgc5ckWW1oyaTVhN2bboZwrfpf6l
oJ/hio0PZUYLYN6lXvfMBMubDRRA0R4Mz3U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:12 2024 by rpki-client on console-ams.rpki-client.org