Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/9BMQdrvZUSgBk0Hyyow01yEMMT8.roa
File:                     9BMQdrvZUSgBk0Hyyow01yEMMT8.roa (raw, json)
Hash identifier:          3bSW7Ktl2vGfwAu66Eg+ugCXoaDDfo1ppY+sEW0ynng=
Subject key identifier:   F4:13:10:76:BB:D9:51:28:01:93:41:F2:CA:8C:34:D7:21:0C:31:3F
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       05C34B37
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/9BMQdrvZUSgBk0Hyyow01yEMMT8.roa
Signing time:             Sat 01 Jan 2022 11:59:16 +0000
ROA not before:           Sat 01 Jan 2022 11:59:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207746
IP address blocks:        45.146.232.0/22 maxlen: 22
                          45.141.168.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96684855 (0x5c34b37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jan  1 11:59:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f4131076bbd95128019341f2ca8c34d7210c313f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:26:ba:df:20:44:db:7e:a6:35:db:ce:69:3c:
                    c3:8b:11:74:cc:1e:a3:11:68:d6:42:f6:d3:74:22:
                    b2:6d:f9:8d:fa:f0:48:53:12:a6:76:39:6d:fb:3b:
                    36:04:84:1a:2f:36:99:4e:6d:a7:6c:99:04:32:67:
                    cd:43:9c:2f:5d:f4:75:64:c1:18:99:b5:18:1a:28:
                    83:bf:42:6d:f5:1e:52:ec:82:3b:b1:d6:f1:af:e2:
                    3e:c5:36:f5:93:ec:95:80:bb:56:5d:2c:5f:cb:f6:
                    90:de:04:df:b1:38:79:eb:0a:cb:8b:7a:5e:27:31:
                    f3:5d:8e:7a:18:64:b1:dc:ec:ab:10:4c:38:00:ba:
                    87:ed:fd:12:ba:d2:1f:78:2f:1d:04:ab:8d:f2:94:
                    90:66:76:07:8d:23:8a:46:af:14:14:81:47:62:81:
                    9d:1f:12:16:83:9e:7e:fc:23:d0:f8:8b:96:e1:9c:
                    73:c7:d6:ac:4e:46:2e:e5:85:d4:05:fd:ab:1f:fd:
                    ce:c3:fb:65:04:b4:44:13:bb:ac:bc:2f:5e:12:db:
                    68:b1:20:fa:f1:c3:12:fc:d7:66:74:17:fd:8b:b4:
                    5f:ca:97:b1:cb:95:1b:e7:70:e5:8c:24:1c:78:13:
                    55:e6:aa:9c:38:fc:8d:dd:da:a1:3e:2a:50:46:ea:
                    45:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:13:10:76:BB:D9:51:28:01:93:41:F2:CA:8C:34:D7:21:0C:31:3F
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/9BMQdrvZUSgBk0Hyyow01yEMMT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.168.0/22
                  45.146.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:06:4d:ae:81:44:e8:f5:fd:08:4f:79:0e:3f:67:5d:6e:64:
         22:78:36:ee:3e:f0:8c:3a:bc:45:7f:d4:94:63:7f:f3:fe:a5:
         00:96:26:16:57:a4:20:4c:52:81:21:ab:d3:fe:e8:e7:1c:fb:
         ac:74:14:ff:4b:9a:07:28:71:0c:ca:dd:32:93:89:08:85:58:
         06:69:44:25:43:68:8d:ea:8b:b4:3d:6e:a7:a2:ed:96:80:18:
         78:3e:e5:2f:b5:59:a1:31:5b:c2:3c:b0:53:ce:80:a9:52:0c:
         84:e8:0d:84:31:32:e1:87:fc:71:ed:98:b9:8b:ec:29:b5:10:
         f6:ff:f1:35:7f:22:08:cc:c2:cb:5f:24:22:bf:fc:51:af:36:
         e0:7a:bb:ed:a2:0f:a5:d0:03:85:ab:94:90:c4:6f:67:93:15:
         cf:83:f0:f1:13:70:e4:2a:84:35:ae:54:87:b8:ab:1d:80:27:
         83:76:fb:4c:33:ea:25:b5:7e:25:ef:95:c5:1d:18:5c:f6:45:
         96:99:b5:75:e4:d9:7a:9f:b4:31:3a:2f:6e:d6:9b:cc:91:a1:
         65:07:2c:9e:1f:5c:7b:9c:3a:d5:83:06:6c:5f:ec:0e:d6:37:
         ce:b5:4f:5a:27:76:a9:0c:1b:f9:df:02:8d:99:e0:78:d3:e7:
         fe:0b:3e:0b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBcNLNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODEwMTc3MjI0ODk5NmI4N2Q5MDg0MGMyZDI3ZDYyNTQ5NDU4MTczMB4XDTIyMDEw
MTExNTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQxMzEwNzZiYmQ5
NTEyODAxOTM0MWYyY2E4YzM0ZDcyMTBjMzEzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwmut8gRNt+pjXbzmk8w4sRdMweoxFo1kL203Qism35jfrw
SFMSpnY5bfs7NgSEGi82mU5tp2yZBDJnzUOcL130dWTBGJm1GBoog79CbfUeUuyC
O7HW8a/iPsU29ZPslYC7Vl0sX8v2kN4E37E4eesKy4t6Xicx812OehhksdzsqxBM
OAC6h+39ErrSH3gvHQSrjfKUkGZ2B40jikavFBSBR2KBnR8SFoOefvwj0PiLluGc
c8fWrE5GLuWF1AX9qx/9zsP7ZQS0RBO7rLwvXhLbaLEg+vHDEvzXZnQX/Yu0X8qX
scuVG+dw5YwkHHgTVeaqnDj8jd3aoT4qUEbqRa8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT0ExB2u9lRKAGTQfLKjDTXIQwxPzAfBgNVHSMEGDAWgBQYEBdyJImWuH2Q
hAwtJ9YlSUWBczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8x
LzlCTVFkcnZaVVNnQmswSHl5b3cwMXlFTU1UOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8xL0dCQVhjaVNKbHJo
OWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2NqAMEAi2S6DANBgkqhkiG9w0B
AQsFAAOCAQEAgwZNroFE6PX9CE95Dj9nXW5kIng27j7wjDq8RX/UlGN/8/6lAJYm
FlekIExSgSGr0/7o5xz7rHQU/0uaByhxDMrdMpOJCIVYBmlEJUNojeqLtD1up6Lt
loAYeD7lL7VZoTFbwjywU86AqVIMhOgNhDEy4Yf8ce2YuYvsKbUQ9v/xNX8iCMzC
y18kIr/8Ua824Hq77aIPpdADhauUkMRvZ5MVz4Pw8RNw5CqENa5Uh7irHYAng3b7
TDPqJbV+Je+VxR0YXPZFlpm1deTZep+0MTovbtabzJGhZQcsnh9ce5w61YMGbF/s
DtY3zrVPWid2qQwb+d8CjZngeNPn/gs+Cw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org