Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/pHmFVzi4xHA2g32wkIhVY6IhYT8.roa
File:                     pHmFVzi4xHA2g32wkIhVY6IhYT8.roa (raw, json)
Hash identifier:          VBfzLSrkXRfzWJ91LyitSb2Cpq2gneLJbKUwBydoxbk=
Subject key identifier:   A4:79:85:57:38:B8:C4:70:36:83:7D:B0:90:88:55:63:A2:21:61:3F
Certificate issuer:       /CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Certificate serial:       026E5B5F
Authority key identifier: AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/pHmFVzi4xHA2g32wkIhVY6IhYT8.roa
Signing time:             Mon 23 May 2022 22:43:29 +0000
ROA not before:           Mon 23 May 2022 22:43:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        45.13.30.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40786783 (0x26e5b5f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
        Validity
            Not Before: May 23 22:43:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a479855738b8c47036837db090885563a221613f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:09:ff:d0:bd:ba:32:bf:bf:f5:45:1f:fc:f0:
                    79:0b:03:31:11:4e:87:b9:d8:eb:c1:da:34:c9:ec:
                    fd:46:06:30:28:80:a2:53:91:8a:59:c6:20:8e:4c:
                    13:d1:5b:e9:32:73:96:44:30:2c:16:eb:91:b7:c3:
                    83:42:65:d8:e0:e0:4a:b0:d9:ed:dd:6a:12:0e:26:
                    32:87:9b:ad:44:8f:96:47:34:16:21:67:9d:9d:d0:
                    5e:8f:b9:f3:8e:b9:47:b8:12:10:25:95:74:b4:fd:
                    39:b0:d3:7c:c2:f1:10:d5:dd:fe:8c:bb:34:56:f1:
                    ad:fe:ee:c6:38:bf:11:46:7d:09:f4:6c:8d:6f:64:
                    92:d3:74:45:42:c6:88:c5:cb:96:15:20:db:fc:89:
                    4b:c4:eb:1f:39:7c:94:7c:5c:11:fe:c2:42:1c:8c:
                    a5:d2:1e:21:b9:89:02:2b:50:cb:7d:1f:74:c1:c4:
                    97:10:fc:0e:2c:ad:17:c7:cc:9b:96:87:9f:c0:9b:
                    ac:97:6d:53:e9:25:b4:0f:29:ba:c1:2e:44:b9:44:
                    5c:20:c2:4e:bf:43:28:6a:d0:dc:5c:9d:9a:16:16:
                    61:58:7a:fa:8a:bc:f7:8a:b6:f3:11:30:c8:2b:aa:
                    82:99:b1:88:e4:fc:de:41:5c:de:aa:1d:5d:e9:87:
                    6b:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:79:85:57:38:B8:C4:70:36:83:7D:B0:90:88:55:63:A2:21:61:3F
            X509v3 Authority Key Identifier:
                keyid:AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/pHmFVzi4xHA2g32wkIhVY6IhYT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.30.0/23

    Signature Algorithm: sha256WithRSAEncryption
         91:33:14:6a:f1:13:2c:74:d3:23:2b:08:0b:50:e7:b4:50:38:
         a0:ab:be:0a:9c:2e:de:f5:0d:fa:1b:98:ae:43:04:08:70:13:
         41:f0:4d:d7:d9:f8:56:ba:c8:d5:b9:2d:7f:92:b6:8a:10:fa:
         6e:1f:0c:9c:bc:77:f6:0b:28:60:f3:aa:75:dd:f5:e2:fb:9e:
         76:b4:dd:a6:6f:cd:1d:01:4b:9a:40:63:6c:02:de:56:83:18:
         31:65:eb:48:e6:4b:03:0b:bd:2f:d0:78:22:19:a3:f4:df:84:
         42:de:69:22:87:96:f1:29:0d:98:3b:a8:66:02:39:5d:8c:86:
         53:72:39:31:49:75:1c:c6:47:38:b9:08:5e:37:99:8a:23:68:
         80:87:a2:e8:40:bb:be:b7:4c:6e:6e:ca:35:3a:5f:8f:07:46:
         de:dc:ab:f0:85:ec:1a:0e:80:c2:66:ec:70:4a:02:8c:6f:93:
         a5:38:22:48:35:92:c0:66:ad:a5:e3:ed:3c:7d:5c:03:78:17:
         9b:b1:e0:8d:fc:5e:7d:6e:a7:c4:00:20:37:2e:29:ac:8b:7a:
         5a:0e:63:fd:b2:fc:2a:83:c8:39:e6:37:8a:ed:99:c2:e7:95:
         63:e7:72:59:87:ad:e1:67:f2:53:15:69:3e:39:b5:9e:72:64:
         79:46:75:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAm5bXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZmY2Zjg1YWFkMTAxYzQ1NmMxYWM5YTAxYTcxOTJmYzU3ODhlOTJjMB4XDTIyMDUy
MzIyNDMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ3OTg1NTczOGI4
YzQ3MDM2ODM3ZGIwOTA4ODU1NjNhMjIxNjEzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQJ/9C9ujK/v/VFH/zweQsDMRFOh7nY68HaNMns/UYGMCiA
olORilnGII5ME9Fb6TJzlkQwLBbrkbfDg0Jl2ODgSrDZ7d1qEg4mMoebrUSPlkc0
FiFnnZ3QXo+58465R7gSECWVdLT9ObDTfMLxENXd/oy7NFbxrf7uxji/EUZ9CfRs
jW9kktN0RULGiMXLlhUg2/yJS8TrHzl8lHxcEf7CQhyMpdIeIbmJAitQy30fdMHE
lxD8DiytF8fMm5aHn8CbrJdtU+kltA8pusEuRLlEXCDCTr9DKGrQ3FydmhYWYVh6
+oq894q28xEwyCuqgpmxiOT83kFc3qodXemHa7cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSkeYVXOLjEcDaDfbCQiFVjoiFhPzAfBgNVHSMEGDAWgBSv9vharRAcRWwa
yaAacZL8V4jpLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JfYjRXcTBRSEVWc0dzbWdHbkdTX0ZlSTZTdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvZGY3MTlhLTQ5MmYtNDdjYi05MjEyLTY0NGJkMGZjN2Y4MC8x
L3BIbUZWemk0eEhBMmczMndrSWhWWTZJaFlUOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
ZGY3MTlhLTQ5MmYtNDdjYi05MjEyLTY0NGJkMGZjN2Y4MC8xL3JfYjRXcTBRSEVW
c0dzbWdHbkdTX0ZlSTZTdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS0NHjANBgkqhkiG9w0BAQsFAAOC
AQEAkTMUavETLHTTIysIC1DntFA4oKu+Cpwu3vUN+huYrkMECHATQfBN19n4VrrI
1bktf5K2ihD6bh8MnLx39gsoYPOqdd314vuedrTdpm/NHQFLmkBjbALeVoMYMWXr
SOZLAwu9L9B4Ihmj9N+EQt5pIoeW8SkNmDuoZgI5XYyGU3I5MUl1HMZHOLkIXjeZ
iiNogIei6EC7vrdMbm7KNTpfjwdG3tyr8IXsGg6AwmbscEoCjG+TpTgiSDWSwGat
pePtPH1cA3gXm7HgjfxefW6nxAAgNy4prIt6Wg5j/bL8KoPIOeY3iu2ZwueVY+dy
WYet4WfyUxVpPjm1nnJkeUZ1Vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:38 2024 by rpki-client on console-ams.rpki-client.org