Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/jbqqNX8gif7SYjibUhyW2sA2Nok.roa
File:                     jbqqNX8gif7SYjibUhyW2sA2Nok.roa (raw, json)
Hash identifier:          nSCBx9uGHwmfTJk1jtSod8KUje2cZt1kKm44GukQdhY=
Subject key identifier:   8D:BA:AA:35:7F:20:89:FE:D2:62:38:9B:52:1C:96:DA:C0:36:36:89
Certificate issuer:       /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial:       0829E3BC
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/jbqqNX8gif7SYjibUhyW2sA2Nok.roa
Signing time:             Sat 01 Jan 2022 05:06:12 +0000
ROA not before:           Sat 01 Jan 2022 05:06:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     64473
IP address blocks:        45.92.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136963004 (0x829e3bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
        Validity
            Not Before: Jan  1 05:06:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8dbaaa357f2089fed262389b521c96dac0363689
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b7:9e:8e:d7:d3:ce:48:8f:f9:56:d5:02:db:
                    d0:82:29:92:18:e9:2d:57:a7:a4:99:6c:e3:6e:5e:
                    08:6d:d7:bf:91:9f:7f:3c:74:fd:bd:10:c2:41:32:
                    9a:7d:6b:24:40:55:79:32:c1:fb:e2:30:bc:7a:5c:
                    ab:18:df:fb:ab:6a:dc:83:77:8b:87:0a:c6:04:d9:
                    35:13:02:8b:57:9a:72:b8:44:06:6f:75:62:e0:4b:
                    7c:e5:e7:58:90:50:06:a9:87:6f:c2:83:05:c6:52:
                    da:ab:95:24:f4:fc:fd:12:39:5f:d6:5f:60:90:a6:
                    4c:78:7a:36:5f:4c:14:af:c6:94:08:4d:ac:46:83:
                    e1:5c:67:6a:ad:fa:9b:89:1f:c0:3a:49:fd:58:93:
                    d4:28:79:55:62:71:a3:74:c1:1b:11:6f:a9:c5:ab:
                    6b:d9:e9:36:84:69:df:3a:62:86:65:bf:c0:04:e4:
                    92:76:76:34:d1:e4:41:df:fe:bc:19:d6:3c:c6:31:
                    23:56:fa:c1:5d:67:18:af:2d:83:64:97:91:e7:38:
                    c2:7a:cf:6c:66:61:28:4f:2d:4d:99:c0:20:cb:1e:
                    08:d2:af:53:01:89:6e:24:4b:e4:71:4e:99:34:23:
                    56:e3:0c:c9:3b:ae:71:92:69:32:50:ff:0f:15:a8:
                    ff:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:BA:AA:35:7F:20:89:FE:D2:62:38:9B:52:1C:96:DA:C0:36:36:89
            X509v3 Authority Key Identifier:
                keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/jbqqNX8gif7SYjibUhyW2sA2Nok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.92.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:4b:84:93:50:df:00:3d:60:f6:6a:79:bd:1b:6c:94:b1:c7:
         52:ef:64:bd:63:59:7c:0d:92:51:65:2a:6e:26:b0:84:a4:1b:
         51:b0:0c:24:f8:57:75:b5:55:ca:7f:c8:26:79:6b:24:4c:37:
         57:17:2e:ef:bd:2a:f2:f8:a6:72:9e:22:47:27:a1:f5:a1:c1:
         68:52:19:45:c4:c7:79:68:6e:3c:35:e9:c6:46:75:9a:54:6d:
         05:64:e2:42:9d:c9:0a:5a:b5:6e:dd:cf:1d:97:88:73:8c:c6:
         31:9f:3e:86:46:98:e7:8d:94:49:c4:45:f9:00:5a:e1:66:18:
         7f:2a:6c:c4:5f:63:61:7a:b6:8f:da:11:82:42:58:05:39:3e:
         38:0f:a6:c2:b6:d9:c3:b0:13:38:c8:e7:50:8a:68:70:45:46:
         4c:0e:65:7c:f1:aa:04:31:77:b7:83:3a:ab:1d:75:ee:80:40:
         c2:31:11:88:30:58:35:74:76:78:97:2b:d5:36:a7:e4:d3:4f:
         0f:b8:d2:07:1c:4f:13:da:19:f0:50:b8:58:1e:6c:43:0c:21:
         01:5c:d8:77:06:77:7e:c2:d0:9f:87:74:89:bc:3c:0c:d5:14:
         5d:9f:e7:44:8e:d6:f3:74:c8:08:e0:51:df:bf:6c:c8:f6:96:
         57:ef:89:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECCnjvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZTMxMzY3ZGY2ZDE4NjEwNzFjOTJiYWU3MjY1MjMzMjZmNDViYTJhMB4XDTIyMDEw
MTA1MDYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRiYWFhMzU3ZjIw
ODlmZWQyNjIzODliNTIxYzk2ZGFjMDM2MzY4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL23no7X085Ij/lW1QLb0IIpkhjpLVenpJls425eCG3Xv5Gf
fzx0/b0QwkEymn1rJEBVeTLB++IwvHpcqxjf+6tq3IN3i4cKxgTZNRMCi1eacrhE
Bm91YuBLfOXnWJBQBqmHb8KDBcZS2quVJPT8/RI5X9ZfYJCmTHh6Nl9MFK/GlAhN
rEaD4Vxnaq36m4kfwDpJ/ViT1Ch5VWJxo3TBGxFvqcWra9npNoRp3zpihmW/wATk
knZ2NNHkQd/+vBnWPMYxI1b6wV1nGK8tg2SXkec4wnrPbGZhKE8tTZnAIMseCNKv
UwGJbiRL5HFOmTQjVuMMyTuucZJpMlD/DxWo/2UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSNuqo1fyCJ/tJiOJtSHJbawDY2iTAfBgNVHSMEGDAWgBTuMTZ99tGGEHHJ
K65yZSMyb0W6KjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdqRTJmZmJSaGhCeHlTdXVjbVVqTW05RnVpby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMWJiNGRkLWU5YzQtNGQzZC05YTNiLTExNTlkYmZiZWQ1NC8x
L2picXFOWDhnaWY3U1lqaWJVaHlXMnNBMk5vay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MWJiNGRkLWU5YzQtNGQzZC05YTNiLTExNTlkYmZiZWQ1NC8xLzdqRTJmZmJSaGhC
eHlTdXVjbVVqTW05RnVpby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1cKDANBgkqhkiG9w0BAQsFAAOC
AQEAs0uEk1DfAD1g9mp5vRtslLHHUu9kvWNZfA2SUWUqbiawhKQbUbAMJPhXdbVV
yn/IJnlrJEw3Vxcu770q8vimcp4iRyeh9aHBaFIZRcTHeWhuPDXpxkZ1mlRtBWTi
Qp3JClq1bt3PHZeIc4zGMZ8+hkaY542UScRF+QBa4WYYfypsxF9jYXq2j9oRgkJY
BTk+OA+mwrbZw7ATOMjnUIpocEVGTA5lfPGqBDF3t4M6qx117oBAwjERiDBYNXR2
eJcr1Tan5NNPD7jSBxxPE9oZ8FC4WB5sQwwhAVzYdwZ3fsLQn4d0ibw8DNUUXZ/n
RI7W83TICOBR379syPaWV++JKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org