Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/CcLf4Xs4jfooFPhzkRSKYl9HIKY.roa
File:                     CcLf4Xs4jfooFPhzkRSKYl9HIKY.roa (raw, json)
Hash identifier:          qTrAAOqsD1ptMysGjz//9EjfpjdYp7fJ6m6FXnGl70k=
Subject key identifier:   09:C2:DF:E1:7B:38:8D:FA:28:14:F8:73:91:14:8A:62:5F:47:20:A6
Certificate issuer:       /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial:       01F18FAC
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/CcLf4Xs4jfooFPhzkRSKYl9HIKY.roa
Signing time:             Sat 01 Jan 2022 15:06:16 +0000
ROA not before:           Sat 01 Jan 2022 15:06:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19844
IP address blocks:        45.14.114.0/24 maxlen: 24
                          5.183.78.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32608172 (0x1f18fac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
        Validity
            Not Before: Jan  1 15:06:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=09c2dfe17b388dfa2814f87391148a625f4720a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a3:4f:da:66:77:d2:ac:36:e6:30:7a:f6:c7:
                    94:6b:02:e2:ab:e9:82:8b:59:dd:7e:64:5b:0a:2f:
                    65:8f:28:f4:82:a6:87:4f:7d:22:5f:83:a4:fd:67:
                    45:6d:17:cf:f9:2a:ca:de:5b:84:06:87:43:7b:1b:
                    cd:12:b0:45:14:f9:33:54:26:51:7d:7b:3d:53:c6:
                    17:7c:bd:f0:3d:a0:f5:a1:65:46:d7:d0:73:7a:a4:
                    89:f9:8e:f0:22:23:5f:bb:5c:ee:35:a1:51:4e:ff:
                    1a:20:86:12:46:fe:6c:7b:46:c8:46:82:36:6d:1e:
                    bc:22:be:36:dd:11:11:16:c4:25:4d:30:a9:c0:e8:
                    49:dd:d6:cb:74:9f:69:19:af:d8:2f:57:d5:e5:4f:
                    e6:25:1c:01:92:9c:9a:cf:6d:0b:34:c6:83:16:9a:
                    ee:c7:ea:ca:fd:54:a0:42:5e:33:e0:42:b9:d4:e3:
                    02:6d:9c:f6:7b:ca:fc:84:ba:87:1a:98:c8:ca:ab:
                    6c:fb:ae:c8:38:5c:19:54:d3:d1:c5:af:b9:95:d7:
                    22:28:21:9f:66:8f:86:6d:93:4f:1f:09:50:b0:ae:
                    3c:92:64:de:cd:75:bd:84:ed:4c:68:22:03:3e:d6:
                    22:a5:c8:f6:b9:6a:f7:71:01:2f:b1:c5:31:45:73:
                    0b:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:C2:DF:E1:7B:38:8D:FA:28:14:F8:73:91:14:8A:62:5F:47:20:A6
            X509v3 Authority Key Identifier:
                keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/CcLf4Xs4jfooFPhzkRSKYl9HIKY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.78.0/24
                  45.14.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:b7:02:84:ff:83:b2:ad:80:17:90:ba:44:0f:2e:55:9a:13:
         29:2e:53:bd:41:91:11:09:3c:d3:59:1c:34:4c:70:8e:01:ef:
         cc:4c:29:22:14:b6:97:25:ec:72:68:0f:e0:d0:97:94:64:33:
         15:a8:2d:23:70:10:95:49:82:86:51:00:ff:45:b6:45:ad:3d:
         b7:b0:5a:1f:d4:af:42:dc:ab:53:dd:1b:46:5b:4d:0d:03:e4:
         b7:63:12:58:53:20:fe:e5:9a:ca:7e:0c:9b:99:e7:f9:71:0b:
         c4:9e:cb:84:9c:21:a8:74:d5:5c:64:d3:00:00:39:c5:e3:bf:
         a2:54:eb:c4:3e:86:6c:20:e8:d1:40:d1:dd:13:4a:5d:00:7c:
         be:3d:29:88:48:97:08:9e:f4:63:e4:f1:80:f1:01:ee:85:5e:
         5e:5c:63:07:ee:3b:dc:06:b8:58:cb:a6:34:f8:53:17:42:07:
         c5:44:e6:5b:aa:ba:ea:e7:fe:a0:b4:23:f2:cf:fb:4d:42:c2:
         a4:d4:ef:d0:a4:d8:c6:d7:5c:e1:95:b0:3c:08:ea:e5:5f:dd:
         32:6c:45:ff:5c:35:3f:6b:9f:de:d2:64:75:1a:d9:47:dc:3d:
         53:7b:32:d7:61:ba:4a:7b:e8:2a:30:47:ae:73:9e:6d:a4:95:
         8b:65:67:4b
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAfGPrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTNhYzZjZDIyNDAyNDliYmE2MDE3MWYwODZlOTEwMWNjODdjYTI0MB4XDTIyMDEw
MTE1MDYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDljMmRmZTE3YjM4
OGRmYTI4MTRmODczOTExNDhhNjI1ZjQ3MjBhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyjT9pmd9KsNuYwevbHlGsC4qvpgotZ3X5kWwovZY8o9IKm
h099Il+DpP1nRW0Xz/kqyt5bhAaHQ3sbzRKwRRT5M1QmUX17PVPGF3y98D2g9aFl
RtfQc3qkifmO8CIjX7tc7jWhUU7/GiCGEkb+bHtGyEaCNm0evCK+Nt0RERbEJU0w
qcDoSd3Wy3SfaRmv2C9X1eVP5iUcAZKcms9tCzTGgxaa7sfqyv1UoEJeM+BCudTj
Am2c9nvK/IS6hxqYyMqrbPuuyDhcGVTT0cWvuZXXIighn2aPhm2TTx8JULCuPJJk
3s11vYTtTGgiAz7WIqXI9rlq93EBL7HFMUVzCz8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQJwt/heziN+igU+HORFIpiX0cgpjAfBgNVHSMEGDAWgBT5OsbNIkAkm7pg
Fx8IbpEBzIfKJDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzk4L2IwMzIxMy01ZTgwLTQ5MzEtODFjZS1mNzUyZDgxNjA1ZmIv
MS9DY0xmNFhzNGpmb29GUGh6a1JTS1lsOUhJS1kucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk4
L2IwMzIxMy01ZTgwLTQ5MzEtODFjZS1mNzUyZDgxNjA1ZmIvMS8xLVRyR3pTSkFK
SnU2WUJjZkNHNlJBY3lIeWlRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbdOAwQALQ5yMA0GCSqGSIb3
DQEBCwUAA4IBAQCqtwKE/4OyrYAXkLpEDy5VmhMpLlO9QZERCTzTWRw0THCOAe/M
TCkiFLaXJexyaA/g0JeUZDMVqC0jcBCVSYKGUQD/RbZFrT23sFof1K9C3KtT3RtG
W00NA+S3YxJYUyD+5ZrKfgybmef5cQvEnsuEnCGodNVcZNMAADnF47+iVOvEPoZs
IOjRQNHdE0pdAHy+PSmISJcInvRj5PGA8QHuhV5eXGMH7jvcBrhYy6Y0+FMXQgfF
ROZbqrrq5/6gtCPyz/tNQsKk1O/QpNjG11zhlbA8COrlX90ybEX/XDU/a5/e0mR1
GtlH3D1TezLXYbpKe+gqMEeuc55tpJWLZWdL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:12 2024 by rpki-client on console-fra.rpki-client.org