Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/N0vXIca8WsjIzObaEnP4VNxKM0Q.roa
File:                     N0vXIca8WsjIzObaEnP4VNxKM0Q.roa (raw, json)
Hash identifier:          d85lC1upN2ULJUrvLb6n5CyMLfdhiXaxBrCfUkEX9+I=
Subject key identifier:   37:4B:D7:21:C6:BC:5A:C8:C8:CC:E6:DA:12:73:F8:54:DC:4A:33:44
Certificate issuer:       /CN=0a30b635d357468d7f932d3e1f59d5373cf9f465
Certificate serial:       07DF4EEB
Authority key identifier: 0A:30:B6:35:D3:57:46:8D:7F:93:2D:3E:1F:59:D5:37:3C:F9:F4:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CjC2NdNXRo1_ky0-H1nVNzz59GU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/N0vXIca8WsjIzObaEnP4VNxKM0Q.roa
Signing time:             Sat 01 Jan 2022 05:52:11 +0000
ROA not before:           Sat 01 Jan 2022 05:52:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35085
IP address blocks:        45.12.184.0/24 maxlen: 24
                          2a0e:b700::/32 maxlen: 48
                          2a0e:b702::/32 maxlen: 48
                          2a0e:b701::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 132075243 (0x7df4eeb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a30b635d357468d7f932d3e1f59d5373cf9f465
        Validity
            Not Before: Jan  1 05:52:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=374bd721c6bc5ac8c8cce6da1273f854dc4a3344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:80:64:57:1c:69:3c:39:6f:e3:e0:c0:a8:22:
                    19:3f:4f:0a:5a:a6:9e:53:cc:06:c8:9e:a1:cf:6f:
                    8e:84:14:20:f1:d6:4e:93:57:4b:67:d7:22:60:0c:
                    7f:63:71:fb:d0:6e:33:ae:bf:e7:70:c4:86:f9:3a:
                    57:2e:48:90:44:ec:a2:ee:8b:99:c3:e4:3d:e4:db:
                    13:d5:21:bd:85:c0:95:9b:f7:74:90:ea:cb:05:b2:
                    f5:b9:23:d4:d1:6e:52:cf:a7:ab:0e:7f:4f:31:8f:
                    08:43:4b:c0:b0:3c:c7:ce:5f:74:3a:56:0d:f5:1b:
                    46:3d:72:ad:75:be:60:fa:85:20:dd:c6:55:20:7d:
                    ca:63:43:7e:37:ee:9c:f3:25:f7:ad:2d:88:20:19:
                    aa:ee:5c:4c:d6:ce:ef:93:94:36:b3:6d:84:39:10:
                    da:fe:17:cf:8e:d0:f0:37:96:dc:63:7f:2a:58:b4:
                    91:70:b6:1f:a0:22:af:3f:7c:ad:e8:25:9a:52:63:
                    3f:b2:de:66:49:8c:a3:a5:f3:f4:db:b6:9e:f2:de:
                    17:02:90:1f:33:d4:55:52:ce:12:79:ac:43:0c:7b:
                    fb:08:cd:35:51:be:6b:ec:c8:b0:00:ff:d0:15:5d:
                    be:b5:8b:c4:57:bf:fb:a2:c0:17:f3:be:fd:90:23:
                    be:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:4B:D7:21:C6:BC:5A:C8:C8:CC:E6:DA:12:73:F8:54:DC:4A:33:44
            X509v3 Authority Key Identifier:
                keyid:0A:30:B6:35:D3:57:46:8D:7F:93:2D:3E:1F:59:D5:37:3C:F9:F4:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjC2NdNXRo1_ky0-H1nVNzz59GU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/N0vXIca8WsjIzObaEnP4VNxKM0Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/CjC2NdNXRo1_ky0-H1nVNzz59GU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.184.0/24
                IPv6:
                  2a0e:b700::-2a0e:b702:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         72:eb:82:a1:d2:96:75:a8:aa:7c:86:17:09:1f:04:6e:e8:d0:
         ad:5a:d4:6b:a8:45:97:9a:94:be:a5:b6:a5:6f:90:2e:57:6e:
         dd:9e:2b:bc:7f:46:a7:81:02:f8:f3:09:e9:c9:77:72:16:9b:
         34:ea:c5:08:0b:04:c8:3f:96:5f:47:7b:d0:6a:35:68:d6:ae:
         4b:2b:57:fc:4e:9d:28:62:d0:d0:01:84:7d:3e:93:47:85:6e:
         c3:21:30:da:05:ea:fc:1d:29:c5:5c:b0:ed:75:55:58:ac:16:
         b9:05:64:67:06:72:f4:7e:67:ca:b0:be:11:f0:18:54:71:4f:
         86:23:a9:80:9a:c1:b9:4f:c8:6b:d8:b0:50:32:b2:5c:2f:93:
         25:f6:8f:f9:46:77:6b:10:eb:54:ea:72:40:47:50:08:f3:e6:
         42:2b:b6:a8:e2:54:9a:da:3d:da:f6:87:7b:07:f7:ad:f6:09:
         f8:c8:72:8f:31:5d:8a:8c:9e:5e:45:f7:d8:e9:41:64:d4:f8:
         30:eb:18:17:18:b1:3e:47:c1:c5:fb:66:78:52:aa:09:44:71:
         72:24:86:9f:57:93:2a:47:82:45:ff:37:dd:31:a3:b8:1b:72:
         48:21:1d:78:45:53:f5:4f:f5:01:42:f3:61:73:a7:ae:d8:0b:
         74:ce:ca:b9
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEB99O6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTMwYjYzNWQzNTc0NjhkN2Y5MzJkM2UxZjU5ZDUzNzNjZjlmNDY1MB4XDTIyMDEw
MTA1NTIxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzc0YmQ3MjFjNmJj
NWFjOGM4Y2NlNmRhMTI3M2Y4NTRkYzRhMzM0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiAZFccaTw5b+PgwKgiGT9PClqmnlPMBsieoc9vjoQUIPHW
TpNXS2fXImAMf2Nx+9BuM66/53DEhvk6Vy5IkETsou6LmcPkPeTbE9UhvYXAlZv3
dJDqywWy9bkj1NFuUs+nqw5/TzGPCENLwLA8x85fdDpWDfUbRj1yrXW+YPqFIN3G
VSB9ymNDfjfunPMl960tiCAZqu5cTNbO75OUNrNthDkQ2v4Xz47Q8DeW3GN/Kli0
kXC2H6Airz98reglmlJjP7LeZkmMo6Xz9Nu2nvLeFwKQHzPUVVLOEnmsQwx7+wjN
NVG+a+zIsAD/0BVdvrWLxFe/+6LAF/O+/ZAjvmsCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQ3S9chxrxayMjM5toSc/hU3EozRDAfBgNVHSMEGDAWgBQKMLY101dGjX+T
LT4fWdU3PPn0ZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqQzJOZE5YUm8xX2t5MC1IMW5WTnp6NTlHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvMTc4NWYxLWFlMjMtNDBmMC04M2YyLTZkZWYzOThjZTVjOS8x
L04wdlhJY2E4V3NqSXpPYmFFblA0Vk54S00wUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
MTc4NWYxLWFlMjMtNDBmMC04M2YyLTZkZWYzOThjZTVjOS8xL0NqQzJOZE5YUm8x
X2t5MC1IMW5WTnp6NTlHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwDAQCAAEwBgMEAC0MuDAVBAIAAjAPMA0DBAAqDrcD
BQAqDrcCMA0GCSqGSIb3DQEBCwUAA4IBAQBy64Kh0pZ1qKp8hhcJHwRu6NCtWtRr
qEWXmpS+pbalb5AuV27dniu8f0angQL48wnpyXdyFps06sUICwTIP5ZfR3vQajVo
1q5LK1f8Tp0oYtDQAYR9PpNHhW7DITDaBer8HSnFXLDtdVVYrBa5BWRnBnL0fmfK
sL4R8BhUcU+GI6mAmsG5T8hr2LBQMrJcL5Ml9o/5RndrEOtU6nJAR1AI8+ZCK7ao
4lSa2j3a9od7B/et9gn4yHKPMV2KjJ5eRffY6UFk1Pgw6xgXGLE+R8HF+2Z4UqoJ
RHFyJIafV5MqR4JF/zfdMaO4G3JIIR14RVP1T/UBQvNhc6eu2At0zsq5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:12 2024 by rpki-client on console-ams.rpki-client.org