Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/GEdBEEZfGLBqHkUUalN_cNgPzrw.roa
File:                     GEdBEEZfGLBqHkUUalN_cNgPzrw.roa (raw, json)
Hash identifier:          ZsqJ/WKiWYsZvk2K4o5Km47B9a16KK4/0oYcOaw5bl8=
Subject key identifier:   18:47:41:10:46:5F:18:B0:6A:1E:45:14:6A:53:7F:70:D8:0F:CE:BC
Certificate issuer:       /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial:       076DD427
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/GEdBEEZfGLBqHkUUalN_cNgPzrw.roa
Signing time:             Sat 01 Jan 2022 00:50:35 +0000
ROA not before:           Sat 01 Jan 2022 00:50:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208074
IP address blocks:        45.154.63.0/24 maxlen: 24
                          2a0f:b100:300::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124638247 (0x76dd427)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
        Validity
            Not Before: Jan  1 00:50:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=18474110465f18b06a1e45146a537f70d80fcebc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:e4:9b:e5:c2:7d:c7:9f:1d:eb:80:75:05:ef:
                    15:09:db:fa:ff:14:3a:25:86:42:e8:94:4b:8c:84:
                    1b:f8:09:b2:e5:db:f7:05:53:a9:7a:0c:89:94:b9:
                    e1:c2:02:d4:ee:3e:d2:09:64:32:0f:cb:fa:0e:6f:
                    fc:85:29:58:a2:cb:f1:62:2b:aa:26:45:38:48:83:
                    1c:cb:f2:61:c9:c1:c2:ff:f9:88:d0:ad:7d:1a:6f:
                    e5:70:a1:91:1c:6b:16:43:72:c4:2c:fd:05:d4:ba:
                    01:cc:9e:ad:df:6b:4a:24:27:9a:72:e5:fc:99:e6:
                    81:20:52:9a:99:f7:4d:e5:ad:f2:35:b2:16:b5:72:
                    71:10:cb:fa:4a:73:e5:9f:f5:08:7b:07:81:98:96:
                    8a:d4:5b:43:0b:0e:8f:ed:79:41:c6:99:fa:2e:5b:
                    a6:93:dd:ca:f1:82:e5:3a:ec:e7:12:38:82:7a:2d:
                    ed:a4:ca:e6:a4:a9:14:63:0a:d3:a3:ec:28:70:eb:
                    d7:52:16:6e:0f:28:c3:72:ce:35:af:9d:a1:21:d8:
                    dd:ec:d7:79:1d:39:6a:35:ff:67:90:44:3a:f4:e6:
                    b4:75:c0:dd:7e:f8:d4:51:ce:98:2c:f9:13:86:52:
                    74:57:53:85:93:04:f0:78:96:7c:2c:e1:84:2e:d7:
                    c9:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:47:41:10:46:5F:18:B0:6A:1E:45:14:6A:53:7F:70:D8:0F:CE:BC
            X509v3 Authority Key Identifier:
                keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/GEdBEEZfGLBqHkUUalN_cNgPzrw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.63.0/24
                IPv6:
                  2a0f:b100:300::/40

    Signature Algorithm: sha256WithRSAEncryption
         50:64:75:79:ef:5c:40:ac:5d:c6:99:00:48:85:51:ea:59:06:
         e3:ee:72:a9:78:ca:3f:25:1a:af:7d:98:6f:ce:ef:61:e0:e8:
         a0:27:f6:58:a3:11:fb:64:9a:0a:0e:ac:d3:fd:2e:d9:c8:7d:
         6a:42:aa:e1:37:5e:3b:44:b1:c5:c4:94:e9:fa:d6:cc:84:68:
         35:74:0a:1f:fd:02:c3:11:ff:9d:80:36:dd:18:41:a4:76:ad:
         fc:1e:23:59:dd:3a:b6:4e:e9:a8:bd:6f:f7:27:8f:20:0e:15:
         0b:8d:41:42:82:61:e8:73:66:d3:22:49:29:fe:a9:fc:33:f1:
         92:92:30:c9:0a:84:ec:2d:4f:12:bf:80:0d:21:80:c2:63:a6:
         9a:e8:2f:63:46:0a:8e:ec:dc:8d:c9:4f:f4:a9:ba:16:c3:22:
         bd:c6:ba:d0:a5:8b:12:86:f3:79:b7:12:12:61:f3:e2:72:08:
         89:58:04:a3:e9:74:03:e8:2c:48:3b:da:ec:9a:88:7e:63:49:
         7c:83:9d:3a:03:d7:2b:0b:5f:e7:d9:01:aa:ce:d8:23:d6:b2:
         70:e5:d4:e7:a5:12:59:3c:fc:4b:f5:0d:29:3b:28:65:fe:4c:
         94:3f:82:51:21:a1:8b:a2:45:25:97:01:47:8b:95:84:43:7c:
         b2:34:fe:f4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEB23UJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjU2MmQwODY5NDgwZGMxMWI3NGE1NTJjZDE2N2I2ZjYzMzljOGJhMB4XDTIyMDEw
MTAwNTAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTg0NzQxMTA0NjVm
MThiMDZhMWU0NTE0NmE1MzdmNzBkODBmY2ViYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjkm+XCfcefHeuAdQXvFQnb+v8UOiWGQuiUS4yEG/gJsuXb
9wVTqXoMiZS54cIC1O4+0glkMg/L+g5v/IUpWKLL8WIrqiZFOEiDHMvyYcnBwv/5
iNCtfRpv5XChkRxrFkNyxCz9BdS6Acyerd9rSiQnmnLl/JnmgSBSmpn3TeWt8jWy
FrVycRDL+kpz5Z/1CHsHgZiWitRbQwsOj+15QcaZ+i5bppPdyvGC5Trs5xI4gnot
7aTK5qSpFGMK06PsKHDr11IWbg8ow3LONa+doSHY3ezXeR05ajX/Z5BEOvTmtHXA
3X741FHOmCz5E4ZSdFdThZME8HiWfCzhhC7XyVkCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQYR0EQRl8YsGoeRRRqU39w2A/OvDAfBgNVHSMEGDAWgBSmVi0IaUgNwRt0
pVLNFntvYznIujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BsWXRDR2xJRGNFYmRLVlN6Ulo3YjJNNXlMby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvMjEyZGQyLWRhOGQtNDA0OC05MTZhLTQ1YThmZWQzYTJhNS8x
L0dFZEJFRVpmR0xCcUhrVVVhbE5fY05nUHpydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
MjEyZGQyLWRhOGQtNDA0OC05MTZhLTQ1YThmZWQzYTJhNS8xL3BsWXRDR2xJRGNF
YmRLVlN6Ulo3YjJNNXlMby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAC2aPzAOBAIAAjAIAwYAKg+xAAMw
DQYJKoZIhvcNAQELBQADggEBAFBkdXnvXECsXcaZAEiFUepZBuPucql4yj8lGq99
mG/O72Hg6KAn9lijEftkmgoOrNP9LtnIfWpCquE3XjtEscXElOn61syEaDV0Ch/9
AsMR/52ANt0YQaR2rfweI1ndOrZO6ai9b/cnjyAOFQuNQUKCYehzZtMiSSn+qfwz
8ZKSMMkKhOwtTxK/gA0hgMJjpproL2NGCo7s3I3JT/SpuhbDIr3GutClixKG83m3
EhJh8+JyCIlYBKPpdAPoLEg72uyaiH5jSXyDnToD1ysLX+fZAarO2CPWsnDl1Oel
Elk8/Ev1DSk7KGX+TJQ/glEhoYuiRSWXAUeLlYRDfLI0/vQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org