Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Sr4Vkti4TKIqBMpPC1sZ4Rgf9aA.roa
File:                     Sr4Vkti4TKIqBMpPC1sZ4Rgf9aA.roa (raw, json)
Hash identifier:          NQAcgzMQASB8kFl5Di2WreoD70lTrO5giPjGb9zn+7g=
Subject key identifier:   4A:BE:15:92:D8:B8:4C:A2:2A:04:CA:4F:0B:5B:19:E1:18:1F:F5:A0
Certificate issuer:       /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial:       01848B42303E98414A4FA45D8EC708EAAAF3
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Sr4Vkti4TKIqBMpPC1sZ4Rgf9aA.roa
Signing time:             Fri 18 Nov 2022 15:01:21 +0000
ROA not before:           Fri 18 Nov 2022 15:01:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212335
IP address blocks:        45.150.197.0/24 maxlen: 24
                          45.83.239.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:8b:42:30:3e:98:41:4a:4f:a4:5d:8e:c7:08:ea:aa:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
        Validity
            Not Before: Nov 18 15:01:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4abe1592d8b84ca22a04ca4f0b5b19e1181ff5a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:95:3c:93:e2:1a:b0:cd:ab:fe:45:69:7d:3a:
                    3b:21:38:40:a9:09:3b:b2:22:28:07:10:6b:ab:b4:
                    08:0b:e3:63:ce:18:9b:bf:98:1b:14:75:1b:88:ae:
                    28:52:e5:bd:b8:0d:2c:34:ff:bd:14:53:61:da:6e:
                    b5:a5:1a:9e:d6:14:39:83:50:80:48:bf:47:1a:87:
                    ec:ef:39:54:ae:6a:2e:85:f4:f6:46:0c:15:fc:15:
                    35:44:f1:45:42:df:42:e3:00:07:99:17:43:e0:f8:
                    39:ce:91:3a:ee:7e:70:e2:f1:b3:93:83:af:d1:d3:
                    fc:f6:2f:63:31:2d:41:c5:89:5a:25:f5:59:7f:9e:
                    81:cb:73:00:6e:ea:c3:d3:5e:da:0d:e5:66:ed:e4:
                    ce:a4:9e:be:ff:57:f4:5b:98:83:0e:53:95:79:6f:
                    76:68:fc:df:4a:8a:c4:b3:a5:15:43:00:09:d8:3c:
                    45:21:b4:e6:51:5f:2e:70:41:8e:5b:92:87:ea:e8:
                    bf:76:03:e9:24:cc:73:5f:db:05:99:e9:50:97:d1:
                    18:7a:3a:a3:81:fb:42:d6:74:ca:08:1f:2c:5b:9a:
                    c4:33:42:0c:99:f0:63:b1:7b:9a:fa:ba:82:a9:b8:
                    97:b1:57:da:a9:45:ff:64:0c:9f:52:75:9e:0e:8f:
                    af:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:BE:15:92:D8:B8:4C:A2:2A:04:CA:4F:0B:5B:19:E1:18:1F:F5:A0
            X509v3 Authority Key Identifier:
                keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Sr4Vkti4TKIqBMpPC1sZ4Rgf9aA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.83.239.0/24
                  45.150.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:16:df:5c:8e:d4:63:3f:c1:57:2c:09:b6:15:f4:d8:1e:c5:
         19:0a:6a:56:cc:a0:4b:9e:fb:c3:4c:e8:9b:4f:c3:0f:eb:34:
         de:e5:07:12:af:40:79:3c:e3:1b:6d:0c:ee:13:02:03:2a:c5:
         52:41:5a:cf:82:6a:d1:f3:e1:15:98:ac:4f:65:0b:1f:36:b1:
         c5:9d:e6:a2:ef:e8:b8:77:26:47:f6:59:b4:df:ba:a6:a5:12:
         2d:21:5d:c1:81:bf:79:54:40:b4:84:84:07:09:77:1d:ac:4c:
         20:45:0f:5f:a1:8f:f2:01:7a:42:e1:da:83:e3:b5:b9:db:08:
         82:56:92:b5:b3:8f:55:6c:81:b7:d1:db:09:d0:c6:ca:7e:3f:
         eb:a1:e7:30:fa:58:82:d9:bd:ef:09:c1:25:a0:9a:b9:18:ac:
         44:8b:c7:cf:d9:2d:db:23:ea:55:1f:e4:68:4b:75:f9:4c:0a:
         ed:d1:53:d3:80:45:a4:97:bb:59:4d:9f:c7:51:63:9f:6a:c3:
         d7:96:fe:eb:9f:a7:d4:7d:e8:66:5b:4b:55:3e:78:f1:f0:3f:
         cb:53:39:8a:51:47:57:5b:58:c2:ab:64:99:85:91:10:22:4a:
         46:52:d5:7b:bc:de:20:e8:c2:29:ee:17:62:91:28:3e:90:cd:
         4f:62:99:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSLQjA+mEFKT6RdjscI6qrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjIxMTE4MTUwMTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWJlMTU5MmQ4Yjg0Y2EyMmEwNGNhNGYwYjViMTllMTE4MWZmNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJU8k+IasM2r/kVpfTo7IThAqQk7
siIoBxBrq7QIC+Njzhibv5gbFHUbiK4oUuW9uA0sNP+9FFNh2m61pRqe1hQ5g1CA
SL9HGofs7zlUrmouhfT2RgwV/BU1RPFFQt9C4wAHmRdD4Pg5zpE67n5w4vGzk4Ov
0dP89i9jMS1BxYlaJfVZf56By3MAburD017aDeVm7eTOpJ6+/1f0W5iDDlOVeW92
aPzfSorEs6UVQwAJ2DxFIbTmUV8ucEGOW5KH6ui/dgPpJMxzX9sFmelQl9EYejqj
gftC1nTKCB8sW5rEM0IMmfBjsXua+rqCqbiXsVfaqUX/ZAyfUnWeDo+vqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEq+FZLYuEyiKgTKTwtbGeEYH/WgMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvU3I0Vmt0aTRUS0lxQk1wUEMxc1o0UmdmOWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVPvAwQA
LZbFMA0GCSqGSIb3DQEBCwUAA4IBAQBlFt9cjtRjP8FXLAm2FfTYHsUZCmpWzKBL
nvvDTOibT8MP6zTe5QcSr0B5POMbbQzuEwIDKsVSQVrPgmrR8+EVmKxPZQsfNrHF
neai7+i4dyZH9lm037qmpRItIV3Bgb95VEC0hIQHCXcdrEwgRQ9foY/yAXpC4dqD
47W52wiCVpK1s49VbIG30dsJ0MbKfj/roecw+liC2b3vCcEloJq5GKxEi8fP2S3b
I+pVH+RoS3X5TArt0VPTgEWkl7tZTZ/HUWOfasPXlv7rn6fUfehmW0tVPnjx8D/L
UzmKUUdXW1jCq2SZhZEQIkpGUtV7vN4g6MIp7hdikSg+kM1PYplZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org