Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/67cCO93KF-5BNyPOpwZcu1pEHoI.roa
File:                     67cCO93KF-5BNyPOpwZcu1pEHoI.roa (raw, json)
Hash identifier:          hv3KSkUjt/844qgxgli+sUsggesdYxk9k+5QoaPDxvU=
Subject key identifier:   EB:B7:02:3B:DD:CA:17:EE:41:37:23:CE:A7:06:5C:BB:5A:44:1E:82
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       01856072EAD9044B81EC307BC536486AF441
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/67cCO93KF-5BNyPOpwZcu1pEHoI.roa
Signing time:             Fri 30 Dec 2022 00:33:42 +0000
ROA not before:           Fri 30 Dec 2022 00:33:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43624
IP address blocks:        45.67.228.0/24 maxlen: 24
                          45.67.231.0/24 maxlen: 24
                          2a09:7c40::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:60:72:ea:d9:04:4b:81:ec:30:7b:c5:36:48:6a:f4:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Dec 30 00:33:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ebb7023bddca17ee413723cea7065cbb5a441e82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:0d:71:c7:3f:6c:c4:3b:99:f9:b9:1e:a9:09:
                    03:4b:e6:9c:c1:23:1f:f5:1e:e7:6c:8c:77:44:99:
                    50:16:76:05:fd:1a:ee:f7:4a:d4:4e:d5:c8:29:bb:
                    e8:2e:4d:84:18:a2:83:2e:2e:9c:cc:b0:2b:36:1d:
                    2c:55:13:5f:5c:0b:e1:df:21:88:78:52:ca:a3:f4:
                    3e:e2:64:f6:2d:83:37:cb:0c:cc:59:ff:34:71:45:
                    e3:9d:c3:5b:f1:0b:da:79:ef:f4:1f:99:75:33:1a:
                    77:63:6e:4a:41:b4:45:cd:fc:29:55:88:d0:fa:43:
                    51:00:f1:55:2a:75:73:a7:86:67:ce:2f:8a:75:31:
                    4f:b8:e7:4c:c5:99:fd:95:d2:bf:14:59:cf:aa:66:
                    2f:41:3b:28:82:a6:73:7c:b2:1d:2f:3f:90:b2:95:
                    38:cf:39:c0:47:93:12:86:00:b6:c1:68:f2:87:3a:
                    d5:8f:a4:aa:ab:22:16:6c:fe:c6:16:f0:bd:57:ff:
                    3b:5e:38:2d:93:ca:0c:c6:6e:14:8c:a7:32:9c:8a:
                    38:1a:f5:5b:6f:3b:bd:3c:56:af:cf:4a:e6:ec:60:
                    85:66:9d:31:a4:66:c7:fa:fc:03:40:a9:64:22:5b:
                    2b:11:c5:fd:12:94:d7:6d:82:bb:b9:bc:29:75:fb:
                    16:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:B7:02:3B:DD:CA:17:EE:41:37:23:CE:A7:06:5C:BB:5A:44:1E:82
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/67cCO93KF-5BNyPOpwZcu1pEHoI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.228.0/24
                  45.67.231.0/24
                IPv6:
                  2a09:7c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:ba:41:f4:8a:61:00:15:8c:ee:1f:c6:90:7c:db:0a:c7:e2:
         3e:e5:7a:6d:fb:8f:21:71:6d:44:a0:c0:9c:fa:b6:28:58:8a:
         7b:41:00:f5:a2:ad:2e:6b:5f:2b:a0:e2:c6:45:bf:8f:f0:e2:
         89:73:1f:70:42:c7:90:4c:f9:e3:da:88:27:bb:c9:5f:e8:6f:
         96:e3:98:c9:20:6e:b4:3e:65:b2:aa:4e:76:7e:37:29:54:8e:
         c2:ab:98:35:45:e1:39:20:ee:8c:93:e9:4c:15:cd:54:c7:0e:
         8a:8a:7f:79:4a:5d:f5:9e:7d:75:df:6f:81:b5:41:7b:db:05:
         c2:b5:d3:51:e3:50:ea:90:9b:4e:2c:1f:c9:73:f1:e1:37:8a:
         86:b3:8d:42:b6:22:91:b5:52:a5:32:cf:91:e4:c4:60:7d:db:
         6c:eb:67:93:6f:b4:a0:8b:52:07:12:72:79:e0:01:b5:29:a7:
         09:e7:93:36:a3:b7:af:8c:2c:24:3e:c1:44:54:b9:f7:1f:fa:
         2b:8c:86:06:6b:cb:cb:74:86:6e:52:40:a1:76:da:2d:23:42:
         4f:40:a3:dd:d5:28:32:66:d5:64:bf:d5:ae:47:b2:85:fd:e5:
         98:5d:52:14:72:2f:db:26:df:7b:84:87:ef:af:6f:9f:e0:82:
         9f:46:b6:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVgcurZBEuB7DB7xTZIavRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjIxMjMwMDAzMzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmI3MDIzYmRkY2ExN2VlNDEzNzIzY2VhNzA2NWNiYjVhNDQxZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ1xxz9sxDuZ+bkeqQkDS+acwSMf
9R7nbIx3RJlQFnYF/Rru90rUTtXIKbvoLk2EGKKDLi6czLArNh0sVRNfXAvh3yGI
eFLKo/Q+4mT2LYM3ywzMWf80cUXjncNb8Qvaee/0H5l1Mxp3Y25KQbRFzfwpVYjQ
+kNRAPFVKnVzp4Znzi+KdTFPuOdMxZn9ldK/FFnPqmYvQTsogqZzfLIdLz+QspU4
zznAR5MShgC2wWjyhzrVj6SqqyIWbP7GFvC9V/87Xjgtk8oMxm4UjKcynIo4GvVb
bzu9PFavz0rm7GCFZp0xpGbH+vwDQKlkIlsrEcX9EpTXbYK7ubwpdfsWxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOu3AjvdyhfuQTcjzqcGXLtaRB6CMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvNjdjQ085M0tGLTVCTnlQT3B3WmN1MXBFSG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALUPkAwQA
LUPnMA0EAgACMAcDBQAqCXxAMA0GCSqGSIb3DQEBCwUAA4IBAQCJukH0imEAFYzu
H8aQfNsKx+I+5Xpt+48hcW1EoMCc+rYoWIp7QQD1oq0ua18roOLGRb+P8OKJcx9w
QseQTPnj2ognu8lf6G+W45jJIG60PmWyqk52fjcpVI7Cq5g1ReE5IO6Mk+lMFc1U
xw6Kin95Sl31nn1132+BtUF72wXCtdNR41DqkJtOLB/Jc/HhN4qGs41CtiKRtVKl
Ms+R5MRgfdts62eTb7Sgi1IHEnJ54AG1KacJ55M2o7evjCwkPsFEVLn3H/orjIYG
a8vLdIZuUkChdtotI0JPQKPd1SgyZtVkv9WuR7KF/eWYXVIUci/bJt97hIfvr2+f
4IKfRray
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org