Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/pv4fBMjZxPzecHGxcStTfNkF-GQ.roa
File:                     pv4fBMjZxPzecHGxcStTfNkF-GQ.roa (raw, json)
Hash identifier:          RGGyPc05SDtPEVUQ/OQSi7fdiKLR7sIpxu+Hje9vCsA=
Subject key identifier:   A6:FE:1F:04:C8:D9:C4:FC:DE:70:71:B1:71:2B:53:7C:D9:05:F8:64
Certificate issuer:       /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial:       FE0AEC
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/pv4fBMjZxPzecHGxcStTfNkF-GQ.roa
Signing time:             Sat 01 Jan 2022 13:01:01 +0000
ROA not before:           Sat 01 Jan 2022 13:01:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206150
IP address blocks:        45.152.32.0/24 maxlen: 24
                          45.152.33.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16648940 (0xfe0aec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
        Validity
            Not Before: Jan  1 13:01:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a6fe1f04c8d9c4fcde7071b1712b537cd905f864
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:6c:72:4f:00:7e:0e:2e:6a:6e:2c:eb:0a:b0:
                    5a:ff:80:4d:4f:3b:53:47:85:0b:29:40:47:53:14:
                    5d:d8:a9:e3:1f:7b:8c:69:9c:9c:8b:bd:05:3a:79:
                    db:1a:68:5c:85:f3:c1:5c:3c:73:68:d6:9a:e0:a5:
                    1b:11:52:41:09:1c:d0:e4:1b:5e:26:ce:d9:cd:92:
                    59:a6:79:45:98:a8:0a:e8:4c:cf:07:59:d6:c8:10:
                    1d:f8:c4:64:8f:ca:cc:0f:c5:d5:ae:9a:b8:95:1c:
                    a9:ff:3e:d1:6b:78:28:54:1e:76:05:85:f3:69:81:
                    c0:6b:a6:9f:ef:ce:03:a6:30:41:ab:b5:54:57:d7:
                    8a:3a:60:77:36:77:68:2d:c3:3e:a1:f2:35:8e:aa:
                    2d:28:72:5c:da:64:19:75:2c:57:c6:24:27:8c:24:
                    d7:c0:55:19:6b:14:05:40:b5:7b:e0:24:ed:8f:cd:
                    9b:6c:a3:fd:83:db:ac:ac:9f:84:ef:2b:e9:33:f5:
                    4c:c8:5d:a4:c8:22:b7:0b:e8:d7:75:8a:02:34:7d:
                    2d:8c:25:14:11:eb:f6:9d:57:ca:18:a0:76:7d:11:
                    86:70:da:0f:60:f7:1c:f6:c4:b3:55:71:f4:e9:f4:
                    46:99:89:9d:0b:b1:b0:19:86:0e:47:74:51:26:96:
                    dd:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:FE:1F:04:C8:D9:C4:FC:DE:70:71:B1:71:2B:53:7C:D9:05:F8:64
            X509v3 Authority Key Identifier:
                keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/pv4fBMjZxPzecHGxcStTfNkF-GQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         48:7a:b4:ac:85:e4:87:c0:ec:e3:21:b4:20:f4:67:73:a8:89:
         63:6f:5e:71:0e:8a:92:45:75:00:bf:62:d9:56:5f:ff:99:f5:
         3c:91:69:d6:98:f8:52:b6:55:15:de:88:f7:d3:ed:65:9d:7e:
         0c:47:55:f2:14:97:20:a6:70:f1:7d:0c:1a:4e:f3:62:d3:85:
         a0:e1:60:55:20:8b:6a:e0:41:68:7f:bb:08:77:a9:00:c5:96:
         9e:c7:1c:a3:19:a6:b4:9c:da:b0:e2:18:3b:ec:91:4f:90:ba:
         6a:f8:29:bd:1f:ae:14:fc:dc:67:12:14:62:ed:33:8a:d4:ba:
         5b:20:1e:67:de:73:0e:76:e8:b3:1e:4e:f8:5e:b4:0d:10:7e:
         86:41:37:2f:7a:fa:93:5f:ea:b0:37:84:86:88:88:7b:09:d9:
         00:8e:6e:8e:dc:dc:b8:01:80:9b:70:ff:4e:0a:0b:2a:ac:0b:
         19:fd:d8:7d:3c:9a:18:44:8c:6f:e3:c2:45:4a:e0:b7:1d:b2:
         4d:8b:f3:8a:b6:d6:92:3f:0a:a2:1f:96:d5:c2:6d:01:7e:b2:
         15:fd:6b:5a:11:86:ff:c4:69:2b:30:fb:ef:69:62:b8:28:b6:
         08:f3:25:33:3e:9f:04:53:bf:fc:2a:de:2b:bb:32:24:5f:56:
         9c:31:74:5e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAP4K7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MmQyMWU4MDRhYjc3MTNhZDc4NzdkZGU2MDNhYTc4MjRiMzE5ODNjMB4XDTIyMDEw
MTEzMDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZmZTFmMDRjOGQ5
YzRmY2RlNzA3MWIxNzEyYjUzN2NkOTA1Zjg2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZsck8Afg4uam4s6wqwWv+ATU87U0eFCylAR1MUXdip4x97
jGmcnIu9BTp52xpoXIXzwVw8c2jWmuClGxFSQQkc0OQbXibO2c2SWaZ5RZioCuhM
zwdZ1sgQHfjEZI/KzA/F1a6auJUcqf8+0Wt4KFQedgWF82mBwGumn+/OA6YwQau1
VFfXijpgdzZ3aC3DPqHyNY6qLShyXNpkGXUsV8YkJ4wk18BVGWsUBUC1e+Ak7Y/N
m2yj/YPbrKyfhO8r6TP1TMhdpMgitwvo13WKAjR9LYwlFBHr9p1Xyhigdn0RhnDa
D2D3HPbEs1Vx9On0RpmJnQuxsBmGDkd0USaW3WkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSm/h8EyNnE/N5wcbFxK1N82QX4ZDAfBgNVHSMEGDAWgBTC0h6ASrdxOteH
fd5gOqeCSzGYPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3d0SWVnRXEzY1RyWGgzM2VZRHFuZ2tzeG1Edy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMDRiNDQ2LTRhZTEtNGZlNS1iNjQ2LTU5YWUwOWVkYmViOS8x
L3B2NGZCTWpaeFB6ZWNIR3hjU3RUZk5rRi1HUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MDRiNDQ2LTRhZTEtNGZlNS1iNjQ2LTU5YWUwOWVkYmViOS8xL3d0SWVnRXEzY1Ry
WGgzM2VZRHFuZ2tzeG1Edy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2YIDANBgkqhkiG9w0BAQsFAAOC
AQEASHq0rIXkh8Ds4yG0IPRnc6iJY29ecQ6KkkV1AL9i2VZf/5n1PJFp1pj4UrZV
Fd6I99PtZZ1+DEdV8hSXIKZw8X0MGk7zYtOFoOFgVSCLauBBaH+7CHepAMWWnscc
oxmmtJzasOIYO+yRT5C6avgpvR+uFPzcZxIUYu0zitS6WyAeZ95zDnbosx5O+F60
DRB+hkE3L3r6k1/qsDeEhoiIewnZAI5ujtzcuAGAm3D/TgoLKqwLGf3YfTyaGESM
b+PCRUrgtx2yTYvzirbWkj8Koh+W1cJtAX6yFf1rWhGG/8RpKzD772liuCi2CPMl
Mz6fBFO//CreK7syJF9WnDF0Xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:14 2024 by rpki-client on console-ams.rpki-client.org