Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/UyZSyEoWPanNmKEfB99pDvqxSs0.roa
File:                     UyZSyEoWPanNmKEfB99pDvqxSs0.roa (raw, json)
Hash identifier:          GEKxoCpTcB4zdp90c1K8VRIcuhfnmK8xJfZDfjHXFRU=
Subject key identifier:   53:26:52:C8:4A:16:3D:A9:CD:98:A1:1F:07:DF:69:0E:FA:B1:4A:CD
Certificate issuer:       /CN=0a30b635d357468d7f932d3e1f59d5373cf9f465
Certificate serial:       088FE15A
Authority key identifier: 0A:30:B6:35:D3:57:46:8D:7F:93:2D:3E:1F:59:D5:37:3C:F9:F4:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CjC2NdNXRo1_ky0-H1nVNzz59GU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/UyZSyEoWPanNmKEfB99pDvqxSs0.roa
Signing time:             Wed 23 Mar 2022 01:07:06 +0000
ROA not before:           Wed 23 Mar 2022 01:07:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        45.12.186.0/23 maxlen: 24
                          45.12.187.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 143647066 (0x88fe15a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a30b635d357468d7f932d3e1f59d5373cf9f465
        Validity
            Not Before: Mar 23 01:07:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=532652c84a163da9cd98a11f07df690efab14acd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e1:dc:d6:30:c4:c9:36:50:29:88:93:4d:78:
                    04:3d:35:65:23:40:ae:f6:bb:b3:b0:8b:e6:06:a0:
                    a1:8a:ca:2e:1d:30:75:cb:5c:70:01:bc:4d:7e:2b:
                    95:9b:1d:6d:ab:34:29:09:1a:4c:59:97:4c:66:8c:
                    9f:cc:a5:14:48:e3:75:e5:d7:f3:0a:cf:9f:c3:83:
                    19:94:3b:44:05:b0:a1:dc:d2:8f:23:66:9c:d9:81:
                    fb:92:10:61:6f:f8:c1:4b:26:71:6c:01:34:0e:95:
                    e9:21:f3:f1:8f:da:c3:05:e9:4d:af:85:e9:7a:19:
                    3a:6b:56:2d:08:f6:bb:7c:e7:b4:9d:ee:51:13:f9:
                    be:27:18:cf:af:aa:e4:f4:16:4c:a8:30:01:31:24:
                    aa:f0:d5:ba:be:96:ba:a2:45:23:fa:4d:7f:92:93:
                    0f:b2:ea:65:5c:71:08:6e:d7:9b:f0:30:de:a0:49:
                    3b:1f:5b:36:82:f6:d9:56:97:0f:1e:fd:5f:9f:b9:
                    3f:2e:e2:be:0d:db:fe:b0:de:e5:ed:66:0b:a6:14:
                    99:16:34:80:10:02:65:df:47:a4:27:a2:c7:2a:da:
                    e7:21:3c:d4:79:ce:e0:f6:90:76:d3:af:8c:03:65:
                    0b:a4:9d:77:7f:3c:e8:b5:c1:3d:13:e8:e8:e2:2c:
                    14:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:26:52:C8:4A:16:3D:A9:CD:98:A1:1F:07:DF:69:0E:FA:B1:4A:CD
            X509v3 Authority Key Identifier:
                keyid:0A:30:B6:35:D3:57:46:8D:7F:93:2D:3E:1F:59:D5:37:3C:F9:F4:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjC2NdNXRo1_ky0-H1nVNzz59GU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/UyZSyEoWPanNmKEfB99pDvqxSs0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/CjC2NdNXRo1_ky0-H1nVNzz59GU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         00:af:e3:b1:9f:fe:44:1d:e7:32:57:23:7a:c4:2e:d7:bd:c9:
         69:88:7e:79:4b:ed:71:e1:40:40:00:8c:5d:d9:9f:21:33:92:
         15:c7:c1:66:df:7a:ba:1c:c6:4c:26:d7:00:25:34:d3:9d:39:
         9e:9e:e8:3b:bb:a4:a5:f2:f8:40:60:76:f3:fc:95:63:5c:78:
         bd:1e:85:d4:b6:ef:57:35:07:ee:47:6b:33:39:f5:4e:82:53:
         58:70:0a:9e:f2:c3:18:ff:a5:bb:df:a6:f2:ac:dc:7c:f3:f4:
         51:92:dc:2f:f4:60:70:08:90:7f:96:92:69:be:b0:54:d8:64:
         3a:fb:ef:34:3a:94:69:c3:1a:94:6a:cf:cb:cf:de:da:0c:24:
         2d:58:39:fc:0e:0c:f2:7c:89:4d:b6:91:f9:c5:06:f4:89:ba:
         fe:43:1d:f5:49:3c:38:57:1a:87:86:97:2c:76:10:de:97:e1:
         45:79:99:49:8d:c6:b4:28:d7:b0:ba:16:c2:e4:df:42:30:9b:
         12:32:a1:d3:5b:b4:76:ab:f2:57:b4:e0:8c:ef:d7:1c:a4:25:
         02:b4:70:11:d3:29:44:4c:e8:47:89:78:fd:62:b1:b8:64:aa:
         98:38:f0:01:e9:a2:48:4c:45:3e:e4:95:36:e2:26:fc:1a:fc:
         eb:f8:21:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECI/hWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTMwYjYzNWQzNTc0NjhkN2Y5MzJkM2UxZjU5ZDUzNzNjZjlmNDY1MB4XDTIyMDMy
MzAxMDcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTMyNjUyYzg0YTE2
M2RhOWNkOThhMTFmMDdkZjY5MGVmYWIxNGFjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/h3NYwxMk2UCmIk014BD01ZSNArva7s7CL5gagoYrKLh0w
dctccAG8TX4rlZsdbas0KQkaTFmXTGaMn8ylFEjjdeXX8wrPn8ODGZQ7RAWwodzS
jyNmnNmB+5IQYW/4wUsmcWwBNA6V6SHz8Y/awwXpTa+F6XoZOmtWLQj2u3zntJ3u
URP5vicYz6+q5PQWTKgwATEkqvDVur6WuqJFI/pNf5KTD7LqZVxxCG7Xm/Aw3qBJ
Ox9bNoL22VaXDx79X5+5Py7ivg3b/rDe5e1mC6YUmRY0gBACZd9HpCeixyra5yE8
1HnO4PaQdtOvjANlC6Sdd3886LXBPRPo6OIsFM8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRTJlLIShY9qc2YoR8H32kO+rFKzTAfBgNVHSMEGDAWgBQKMLY101dGjX+T
LT4fWdU3PPn0ZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqQzJOZE5YUm8xX2t5MC1IMW5WTnp6NTlHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvMTc4NWYxLWFlMjMtNDBmMC04M2YyLTZkZWYzOThjZTVjOS8x
L1V5WlN5RW9XUGFuTm1LRWZCOTlwRHZxeFNzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
MTc4NWYxLWFlMjMtNDBmMC04M2YyLTZkZWYzOThjZTVjOS8xL0NqQzJOZE5YUm8x
X2t5MC1IMW5WTnp6NTlHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS0MujANBgkqhkiG9w0BAQsFAAOC
AQEAAK/jsZ/+RB3nMlcjesQu173JaYh+eUvtceFAQACMXdmfITOSFcfBZt96uhzG
TCbXACU00505np7oO7ukpfL4QGB28/yVY1x4vR6F1LbvVzUH7kdrMzn1ToJTWHAK
nvLDGP+lu9+m8qzcfPP0UZLcL/RgcAiQf5aSab6wVNhkOvvvNDqUacMalGrPy8/e
2gwkLVg5/A4M8nyJTbaR+cUG9Im6/kMd9Uk8OFcah4aXLHYQ3pfhRXmZSY3GtCjX
sLoWwuTfQjCbEjKh01u0dqvyV7TgjO/XHKQlArRwEdMpREzoR4l4/WKxuGSqmDjw
AemiSExFPuSVNuIm/Br86/ghRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:12 2024 by rpki-client on console-ams.rpki-client.org