Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/dcxGEq9DmfHMnt5Cj32V7um2aPo.roa
File:                     dcxGEq9DmfHMnt5Cj32V7um2aPo.roa (raw, json)
Hash identifier:          EHU4AmCoJabROb14bgkYf1tyTTArUqpD+/+/MTnwRR8=
Subject key identifier:   75:CC:46:12:AF:43:99:F1:CC:9E:DE:42:8F:7D:95:EE:E9:B6:68:FA
Certificate issuer:       /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial:       0182CAE66FA380CBE5473D041075766304D8
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/dcxGEq9DmfHMnt5Cj32V7um2aPo.roa
Signing time:             Tue 23 Aug 2022 13:31:15 +0000
ROA not before:           Tue 23 Aug 2022 13:31:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202945
IP address blocks:        45.154.60.0/24 maxlen: 24
                          2a0f:b100::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ca:e6:6f:a3:80:cb:e5:47:3d:04:10:75:76:63:04:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
        Validity
            Not Before: Aug 23 13:31:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75cc4612af4399f1cc9ede428f7d95eee9b668fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:4f:bd:7b:7f:d1:5d:e6:5f:f1:1d:b9:55:dd:
                    9f:0a:74:21:c0:97:7d:95:69:8c:6c:c0:ca:6c:a0:
                    98:3a:0e:39:c7:8b:79:df:6c:81:3e:2b:4c:6a:13:
                    25:a2:b0:25:52:b3:f9:13:a8:4f:95:a3:6d:3e:4d:
                    f3:a7:c9:77:e8:a3:9e:dd:c6:9c:81:85:1e:94:a2:
                    2b:31:0c:aa:1c:b6:14:d8:67:98:e3:c0:89:a5:fb:
                    99:77:8f:49:bd:60:2b:dd:c0:7c:58:39:94:2d:77:
                    f9:df:a8:7d:5c:65:a8:d3:e9:58:71:d6:77:c4:d4:
                    93:44:8e:75:89:d5:06:e7:d2:40:19:00:18:f3:6a:
                    9f:e1:c2:19:34:eb:e1:2d:b1:13:8f:4d:f0:0d:af:
                    c2:4c:70:8c:74:aa:8f:e0:db:8f:7a:7c:37:07:89:
                    8a:7d:d2:6b:d0:44:ec:7f:be:f1:08:d6:aa:83:ee:
                    d8:d9:7f:3f:3b:52:c9:de:7c:84:f0:b7:00:d5:44:
                    91:9d:f5:cf:19:14:4e:a3:8c:eb:e3:84:80:40:d7:
                    d2:a8:30:76:69:c3:ae:33:c8:2e:7a:7b:df:99:ef:
                    a4:c8:12:7b:c0:c2:cc:9b:65:b0:10:b4:66:8d:a2:
                    8b:b0:b9:27:6c:1d:a5:38:0c:ea:0a:71:79:dc:33:
                    e0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:CC:46:12:AF:43:99:F1:CC:9E:DE:42:8F:7D:95:EE:E9:B6:68:FA
            X509v3 Authority Key Identifier:
                keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/dcxGEq9DmfHMnt5Cj32V7um2aPo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.60.0/24
                IPv6:
                  2a0f:b100::/40

    Signature Algorithm: sha256WithRSAEncryption
         bd:65:62:d3:78:a9:5d:42:8c:8a:1f:ec:6d:1f:d1:93:ed:56:
         b4:ee:26:8a:59:78:f3:db:58:2c:60:89:69:f8:de:9f:0f:b0:
         8e:ba:39:9f:b6:2d:cb:d1:84:fb:4a:a1:c4:3b:43:c5:55:d0:
         6b:8b:fa:6f:0f:34:17:e4:60:52:0d:6f:2b:a3:75:c8:d7:0a:
         30:03:a0:d3:cd:a6:63:32:47:b5:44:57:e2:19:e3:2e:da:a1:
         4d:86:c1:32:8f:31:8d:dc:82:13:d1:2b:38:06:d4:a4:e2:b5:
         77:3b:d6:f0:09:4a:96:1d:41:51:2b:89:ca:4b:d6:42:27:19:
         4f:50:2f:a3:f0:39:68:93:92:92:b8:c5:ea:11:27:f3:77:55:
         76:4f:d5:d1:60:46:c3:e6:0a:5e:8d:77:5c:05:b3:45:1d:a9:
         5a:fe:25:f2:35:9e:f5:9d:88:a9:c1:6f:35:eb:fc:34:c0:05:
         3f:6a:88:fa:28:68:c0:a9:2b:ea:86:2b:d7:66:24:9e:e6:c1:
         28:44:8c:e5:71:65:9a:16:f4:91:ed:ed:4b:0a:db:8f:80:f5:
         38:78:c4:6a:a3:b6:3f:10:f4:60:fa:ee:e6:88:fc:c3:59:eb:
         b2:88:4c:fb:c2:c8:dc:0a:f9:a3:44:f2:a6:da:f0:38:79:28:
         5d:af:31:85
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYLK5m+jgMvlRz0EEHV2YwTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjIwODIzMTMzMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWNjNDYxMmFmNDM5OWYxY2M5ZWRlNDI4ZjdkOTVlZWU5YjY2OGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtU+9e3/RXeZf8R25Vd2fCnQhwJd9
lWmMbMDKbKCYOg45x4t532yBPitMahMlorAlUrP5E6hPlaNtPk3zp8l36KOe3cac
gYUelKIrMQyqHLYU2GeY48CJpfuZd49JvWAr3cB8WDmULXf536h9XGWo0+lYcdZ3
xNSTRI51idUG59JAGQAY82qf4cIZNOvhLbETj03wDa/CTHCMdKqP4NuPenw3B4mK
fdJr0ETsf77xCNaqg+7Y2X8/O1LJ3nyE8LcA1USRnfXPGRROo4zr44SAQNfSqDB2
acOuM8guenvfme+kyBJ7wMLMm2WwELRmjaKLsLknbB2lOAzqCnF53DPgPwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHXMRhKvQ5nxzJ7eQo99le7ptmj6MB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvZGN4R0VxOURtZkhNbnQ1Q2ozMlY3dW0yYVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQALZo8MA4E
AgACMAgDBgAqD7EAADANBgkqhkiG9w0BAQsFAAOCAQEAvWVi03ipXUKMih/sbR/R
k+1WtO4mill489tYLGCJafjenw+wjro5n7Yty9GE+0qhxDtDxVXQa4v6bw80F+Rg
Ug1vK6N1yNcKMAOg082mYzJHtURX4hnjLtqhTYbBMo8xjdyCE9ErOAbUpOK1dzvW
8AlKlh1BUSuJykvWQicZT1Avo/A5aJOSkrjF6hEn83dVdk/V0WBGw+YKXo13XAWz
RR2pWv4l8jWe9Z2IqcFvNev8NMAFP2qI+ihowKkr6oYr12YknubBKESM5XFlmhb0
ke3tSwrbj4D1OHjEaqO2PxD0YPru5oj8w1nrsohM+8LI3Ar5o0TyptrwOHkoXa8x
hQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org