Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/MuarnqklI3DDM8k3kwWWSiMzVec.roa
File:                     MuarnqklI3DDM8k3kwWWSiMzVec.roa (raw, json)
Hash identifier:          20oLEbDTceRZTtMfPwWwURZj/8BKIX7Jtr8sWSfIN4g=
Subject key identifier:   32:E6:AB:9E:A9:25:23:70:C3:33:C9:37:93:05:96:4A:23:33:55:E7
Certificate issuer:       /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial:       0184DA424CF94857AC2CC78DAC93369EC636
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/MuarnqklI3DDM8k3kwWWSiMzVec.roa
Signing time:             Sat 03 Dec 2022 23:11:28 +0000
ROA not before:           Sat 03 Dec 2022 23:11:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202945
IP address blocks:        45.154.60.0/24 maxlen: 24
                          2a0f:b100:2::/48 maxlen: 48
                          2a0f:b100:5::/48 maxlen: 48
                          2a0f:b100::/44 maxlen: 48
                          2a0f:b100:4::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:da:42:4c:f9:48:57:ac:2c:c7:8d:ac:93:36:9e:c6:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
        Validity
            Not Before: Dec  3 23:11:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=32e6ab9ea9252370c333c9379305964a233355e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b4:95:31:08:c1:80:37:dc:4d:f9:d3:44:c6:
                    4b:8e:6f:79:d3:a9:89:b7:8d:31:6e:70:33:9b:09:
                    f9:22:77:69:e8:5f:0e:af:71:30:cb:92:a5:ea:d8:
                    d8:da:b7:1c:00:2f:ac:b0:12:eb:4a:7e:0c:e5:03:
                    61:94:83:d6:23:e0:13:fe:0c:8e:2e:39:15:a0:d1:
                    00:7a:cf:8f:2a:0d:0a:67:8c:d4:ac:42:ea:d6:f7:
                    84:07:c0:cc:e0:cc:20:a4:ff:61:2a:23:f3:6f:e9:
                    db:6d:66:a2:12:6c:47:bb:50:e4:01:14:2d:0a:a3:
                    84:58:e3:46:38:2b:85:fc:f9:d5:f6:00:4f:08:38:
                    32:b6:6d:01:e6:c7:61:ce:06:f8:8b:6a:99:13:3d:
                    7d:9e:6b:c1:7e:fd:61:1f:22:56:fc:d0:f7:d7:8c:
                    68:bd:ac:03:e1:30:48:8c:91:4f:3b:9a:07:3b:2a:
                    78:2b:33:70:8a:bf:ea:5a:66:d1:f7:1d:fe:5c:bd:
                    a4:0f:be:77:a3:bc:64:53:4f:b3:f7:5a:bc:7f:06:
                    1a:f3:e3:47:10:fb:93:5c:41:6b:05:31:99:04:68:
                    77:f8:9a:ca:7f:a6:1b:db:d2:56:6e:3d:28:12:bb:
                    9d:5d:c4:70:98:83:b4:e8:53:56:61:ad:6b:66:b2:
                    2e:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:E6:AB:9E:A9:25:23:70:C3:33:C9:37:93:05:96:4A:23:33:55:E7
            X509v3 Authority Key Identifier:
                keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/MuarnqklI3DDM8k3kwWWSiMzVec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.60.0/24
                IPv6:
                  2a0f:b100::/44

    Signature Algorithm: sha256WithRSAEncryption
         a7:7c:5c:33:86:15:a4:7d:90:c7:ef:7a:d5:8b:14:6f:74:79:
         33:18:53:76:da:6f:8b:22:23:ad:54:78:a9:bd:1c:70:6e:df:
         eb:35:9f:ba:19:a3:db:eb:ea:35:d6:fb:8e:14:bb:ef:d1:80:
         69:45:a8:b6:d6:ce:31:85:e9:5e:b1:a5:12:a7:cb:11:ff:d0:
         6d:f4:e9:8f:db:61:e5:b7:aa:5f:9c:66:84:e8:eb:56:fb:74:
         b9:06:2d:1b:8f:e9:c8:8f:b6:92:1e:fa:f7:be:17:fb:ab:06:
         95:fe:0c:82:ae:83:31:bd:6c:ad:ac:f2:35:d9:f0:50:0e:10:
         7a:e4:92:d0:0d:35:4e:11:39:51:bc:9a:48:5a:36:21:c0:52:
         9a:f5:d1:81:d6:67:9e:33:d9:c8:18:84:d3:50:b2:73:58:38:
         ad:23:7a:f2:d0:b0:af:e6:fb:d4:52:ac:ca:2d:9a:4b:48:ab:
         cc:06:54:9d:57:1c:fe:8f:3c:b7:a6:09:fc:e0:e6:18:f4:80:
         9a:f9:3d:a3:18:a0:5e:97:38:f8:93:46:3e:57:c3:3d:a7:8c:
         e1:ce:5f:37:8d:e8:e7:db:4d:be:7b:61:28:89:8d:b3:bd:50:
         ac:d1:53:d9:25:d0:a4:6a:f0:21:83:a2:93:9c:df:59:c9:dd:
         71:9b:81:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTaQkz5SFesLMeNrJM2nsY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjIxMjAzMjMxMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmU2YWI5ZWE5MjUyMzcwYzMzM2M5Mzc5MzA1OTY0YTIzMzM1NWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7SVMQjBgDfcTfnTRMZLjm9506mJ
t40xbnAzmwn5Indp6F8Or3Ewy5Kl6tjY2rccAC+ssBLrSn4M5QNhlIPWI+AT/gyO
LjkVoNEAes+PKg0KZ4zUrELq1veEB8DM4MwgpP9hKiPzb+nbbWaiEmxHu1DkARQt
CqOEWONGOCuF/PnV9gBPCDgytm0B5sdhzgb4i2qZEz19nmvBfv1hHyJW/ND314xo
vawD4TBIjJFPO5oHOyp4KzNwir/qWmbR9x3+XL2kD753o7xkU0+z91q8fwYa8+NH
EPuTXEFrBTGZBGh3+JrKf6Yb29JWbj0oErudXcRwmIO06FNWYa1rZrIuRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDLmq56pJSNwwzPJN5MFlkojM1XnMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvTXVhcm5xa2xJM0RETThrM2t3V1dTaU16VmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZo8MA8E
AgACMAkDBwQqD7EAAAAwDQYJKoZIhvcNAQELBQADggEBAKd8XDOGFaR9kMfvetWL
FG90eTMYU3bab4siI61UeKm9HHBu3+s1n7oZo9vr6jXW+44Uu+/RgGlFqLbWzjGF
6V6xpRKnyxH/0G306Y/bYeW3ql+cZoTo61b7dLkGLRuP6ciPtpIe+ve+F/urBpX+
DIKugzG9bK2s8jXZ8FAOEHrkktANNU4ROVG8mkhaNiHAUpr10YHWZ54z2cgYhNNQ
snNYOK0jevLQsK/m+9RSrMotmktIq8wGVJ1XHP6PPLemCfzg5hj0gJr5PaMYoF6X
OPiTRj5Xwz2njOHOXzeN6OfbTb57YSiJjbO9UKzRU9kl0KRq8CGDopOc31nJ3XGb
gT0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:50 2024 by rpki-client on console-ams.rpki-client.org