Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/C4SyZ8DfbegKyZZadAUzDpb2O3A.roa
File:                     C4SyZ8DfbegKyZZadAUzDpb2O3A.roa (raw, json)
Hash identifier:          yZ42a6EH+vXFYr0K7RxqWSGoAMCArbYmkJHrYtOEdAg=
Subject key identifier:   0B:84:B2:67:C0:DF:6D:E8:0A:C9:96:5A:74:05:33:0E:96:F6:3B:70
Certificate issuer:       /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial:       14CEEDF7
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/C4SyZ8DfbegKyZZadAUzDpb2O3A.roa
Signing time:             Sat 01 Jan 2022 16:04:07 +0000
ROA not before:           Sat 01 Jan 2022 16:04:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57795
IP address blocks:        45.154.46.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 349105655 (0x14ceedf7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
        Validity
            Not Before: Jan  1 16:04:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0b84b267c0df6de80ac9965a7405330e96f63b70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:07:f4:62:ec:57:3c:10:17:b4:99:3c:f3:76:
                    9a:d2:ae:3b:6f:bf:5e:09:3f:9f:d4:11:2f:31:d2:
                    81:af:4c:c2:9a:2d:81:f1:24:48:79:de:73:1e:4a:
                    78:6c:da:b2:a5:08:8f:fe:e9:a3:36:3b:11:5e:ce:
                    c4:ce:6d:93:d1:63:88:06:05:54:a8:3d:39:59:96:
                    bc:3f:e8:3a:4c:a1:cd:34:66:a9:b3:1a:6a:31:43:
                    f7:fd:4a:24:14:81:f2:04:ab:1c:4f:7c:37:6a:40:
                    59:45:f8:ff:00:9a:6c:ed:f0:f1:56:95:65:06:7b:
                    04:41:7c:47:45:83:59:d4:d5:3d:ba:d2:1e:7c:5d:
                    62:28:64:72:8a:19:61:de:b8:08:e1:30:65:7d:e9:
                    38:43:d4:bb:fc:b0:19:b6:59:e4:8b:8e:0e:19:6c:
                    86:a6:0f:06:a7:cd:35:41:53:62:3d:91:e7:6e:05:
                    5a:ed:43:8b:43:91:4e:61:d6:df:6d:57:04:81:47:
                    3c:f5:fa:71:f9:04:5d:66:f4:92:6e:14:18:c7:a1:
                    f5:1e:d2:e1:b8:cb:73:af:00:3d:07:4c:3d:67:d5:
                    a4:29:d1:ce:21:38:ef:b9:d8:ae:40:95:f2:6a:9b:
                    6b:87:10:bf:ac:a2:1d:c8:33:f5:e6:1a:64:ae:66:
                    58:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:84:B2:67:C0:DF:6D:E8:0A:C9:96:5A:74:05:33:0E:96:F6:3B:70
            X509v3 Authority Key Identifier:
                keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/C4SyZ8DfbegKyZZadAUzDpb2O3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:6d:c5:a9:b8:4b:9c:a1:a5:a2:1e:e8:74:8e:6f:91:56:f6:
         ec:29:63:f0:10:8b:f4:77:e4:37:91:c8:6f:f1:28:ec:e2:5f:
         3a:6b:a9:2e:67:72:51:be:00:87:2c:84:ec:84:63:8c:9e:73:
         d1:42:1d:47:20:22:21:ce:bb:9a:ed:53:82:d4:c7:21:b4:b7:
         a6:0a:32:90:5d:73:42:79:71:e9:5f:cd:60:d7:35:0a:81:97:
         bf:09:1b:a2:fb:3c:f0:02:0b:9a:1e:ed:82:fe:b0:19:b8:83:
         59:eb:c8:af:b1:a1:a7:c0:12:6e:69:b3:62:aa:f0:45:f6:a2:
         be:cb:9c:7d:14:fe:cf:17:84:59:ca:b2:18:83:fe:3d:35:3f:
         26:9d:de:97:fa:3c:d9:de:f7:d5:5a:20:67:48:ed:de:78:77:
         eb:a1:e6:c4:28:a3:e7:80:70:80:d3:0e:49:c0:93:29:ee:bb:
         94:10:37:a8:ed:a4:6e:95:82:cb:02:07:e8:76:e6:1f:8f:43:
         79:23:7c:f1:99:d9:56:01:4a:58:07:94:57:59:81:89:81:4d:
         39:13:d6:ef:21:6d:30:0c:9e:f5:7d:bd:3a:f3:92:66:11:05:
         b7:ca:87:05:6e:68:71:0b:2c:cb:df:bb:46:b8:e8:d0:8b:76:
         15:99:1f:54
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFM7t9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NWVhODk0ZWUwNTc3NWUwZWYwNjFkMDg2Y2EyNTIxNDdmNWM5MWRlMB4XDTIyMDEw
MTE2MDQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI4NGIyNjdjMGRm
NmRlODBhYzk5NjVhNzQwNTMzMGU5NmY2M2I3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4H9GLsVzwQF7SZPPN2mtKuO2+/Xgk/n9QRLzHSga9Mwpot
gfEkSHnecx5KeGzasqUIj/7pozY7EV7OxM5tk9FjiAYFVKg9OVmWvD/oOkyhzTRm
qbMaajFD9/1KJBSB8gSrHE98N2pAWUX4/wCabO3w8VaVZQZ7BEF8R0WDWdTVPbrS
HnxdYihkcooZYd64COEwZX3pOEPUu/ywGbZZ5IuODhlshqYPBqfNNUFTYj2R524F
Wu1Di0ORTmHW321XBIFHPPX6cfkEXWb0km4UGMeh9R7S4bjLc68APQdMPWfVpCnR
ziE477nYrkCV8mqba4cQv6yiHcgz9eYaZK5mWO0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQLhLJnwN9t6ArJllp0BTMOlvY7cDAfBgNVHSMEGDAWgBR16olO4Fd14O8G
HQhsolIUf1yR3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RlcUpUdUJYZGVEdkJoMEliS0pTRkg5Y2tkNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMWNkY2UyLWEzZjgtNDRiNi1iNWUxLWI3ZjI5ODRlYjY1My8x
L0M0U3laOERmYmVnS3laWmFkQVV6RHBiMk8zQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MWNkY2UyLWEzZjgtNDRiNi1iNWUxLWI3ZjI5ODRlYjY1My8xL2RlcUpUdUJYZGVE
dkJoMEliS0pTRkg5Y2tkNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2aLjANBgkqhkiG9w0BAQsFAAOC
AQEAe23FqbhLnKGloh7odI5vkVb27Clj8BCL9HfkN5HIb/Eo7OJfOmupLmdyUb4A
hyyE7IRjjJ5z0UIdRyAiIc67mu1TgtTHIbS3pgoykF1zQnlx6V/NYNc1CoGXvwkb
ovs88AILmh7tgv6wGbiDWevIr7Ghp8ASbmmzYqrwRfaivsucfRT+zxeEWcqyGIP+
PTU/Jp3el/o82d731VogZ0jt3nh366HmxCij54BwgNMOScCTKe67lBA3qO2kbpWC
ywIH6HbmH49DeSN88ZnZVgFKWAeUV1mBiYFNORPW7yFtMAye9X29OvOSZhEFt8qH
BW5ocQssy9+7Rrjo0It2FZkfVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:17 2024 by rpki-client on console-ams.rpki-client.org