Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/HExiEr55ZlUhD5VGY2JOoueVPwU.roa
File:                     HExiEr55ZlUhD5VGY2JOoueVPwU.roa (raw, json)
Hash identifier:          paplkSUXUn4yTICyL1ww7SI3f+TgTWZtlW0X+AymfFY=
Subject key identifier:   1C:4C:62:12:BE:79:66:55:21:0F:95:46:63:62:4E:A2:E7:95:3F:05
Certificate issuer:       /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial:       166D84C2
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/HExiEr55ZlUhD5VGY2JOoueVPwU.roa
Signing time:             Thu 21 Apr 2022 13:27:50 +0000
ROA not before:           Thu 21 Apr 2022 13:27:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398464
IP address blocks:        45.146.203.0/24 maxlen: 24
                          45.146.202.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 376276162 (0x166d84c2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
        Validity
            Not Before: Apr 21 13:27:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1c4c6212be796655210f954663624ea2e7953f05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c4:1f:79:29:40:5c:c1:be:d0:6c:4e:60:01:
                    c1:55:53:5c:a3:8f:dc:a5:36:49:6f:f5:30:77:a1:
                    b7:d6:20:b4:60:33:ec:08:d4:4f:ae:39:1b:af:f9:
                    3c:8a:d7:89:cb:0f:60:42:ed:06:3e:2d:8b:90:2f:
                    9b:e6:d4:83:e0:76:47:bc:9f:0c:a3:81:21:7e:d5:
                    06:c8:0c:90:a0:c7:5a:9b:02:be:45:78:eb:88:89:
                    6d:ae:f5:06:b3:fb:b1:a3:f6:e1:6a:b1:ba:75:32:
                    f6:ea:d2:b3:04:f3:f1:35:e9:aa:e7:30:9f:dd:b0:
                    b1:38:d4:c4:24:5f:dc:de:3c:8a:13:4e:52:f7:8f:
                    88:05:04:bd:bd:ae:a3:f6:c7:c0:34:e4:d6:32:a9:
                    3c:3b:ca:e3:ec:5b:aa:4d:c4:7c:fe:1c:c1:e4:be:
                    c9:ab:52:29:40:ea:29:b2:01:50:71:dd:e5:80:24:
                    4b:a7:7a:33:ff:4d:c5:13:6e:7f:2b:26:6f:b2:ed:
                    e5:2e:3e:3e:3c:20:da:a5:04:f0:62:5d:56:12:57:
                    ac:bb:b6:d6:bd:fe:51:63:1d:8a:0c:ca:bf:c9:6c:
                    b1:a5:a9:b5:26:14:61:72:76:0e:cb:f5:94:ca:f9:
                    89:8a:2d:e1:a2:6a:9d:12:e6:d7:63:2b:08:61:2f:
                    6d:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:4C:62:12:BE:79:66:55:21:0F:95:46:63:62:4E:A2:E7:95:3F:05
            X509v3 Authority Key Identifier:
                keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/HExiEr55ZlUhD5VGY2JOoueVPwU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a4:f1:03:e6:af:fc:b9:6c:a1:98:0c:4a:e3:74:c4:0d:97:c4:
         00:d5:33:4f:9e:9e:ad:4a:30:73:7c:69:54:1e:f0:bf:0b:f5:
         c7:f8:b9:3f:6d:40:4c:c7:c7:ec:75:54:3e:0f:93:39:7b:f4:
         13:2e:81:f2:39:1c:f5:e6:49:57:62:f6:43:a7:31:7b:28:14:
         6f:7c:c2:74:0f:37:45:be:f7:f6:cc:2d:9a:f2:f9:7d:f3:eb:
         33:e8:e8:d9:18:6e:b8:26:00:d5:5d:62:f1:1e:9a:f6:72:26:
         cb:c2:88:b4:87:65:d8:c6:6e:f1:5e:8f:84:36:11:6e:e3:f4:
         8b:5b:bf:b7:28:27:79:8c:e5:5a:ff:e8:d7:79:7c:4a:d4:75:
         b9:98:fa:c1:d5:8d:ca:f2:7d:c7:8a:b0:28:6a:fa:c7:42:c8:
         01:95:b2:56:c7:06:a2:12:dd:dd:3c:a1:53:16:5f:b0:cc:99:
         75:73:ae:a9:ec:44:90:7e:50:f2:7e:61:08:35:46:b5:d7:16:
         5e:4d:84:30:66:cd:d0:52:16:59:c5:e5:e9:88:20:d6:64:db:
         6d:86:09:31:56:09:60:23:8c:49:eb:3a:fb:05:2c:0a:36:cc:
         fa:6c:89:e1:60:89:85:06:c7:85:69:c8:c7:f2:6d:7b:e6:e4:
         e5:7c:f1:15
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFm2EwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjU0YTlmM2EyNjY1MTNkZGM2OTM1ZDhiZTAyMmU3ZTUyMzBlYTEwMB4XDTIyMDQy
MTEzMjc1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM0YzYyMTJiZTc5
NjY1NTIxMGY5NTQ2NjM2MjRlYTJlNzk1M2YwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTEH3kpQFzBvtBsTmABwVVTXKOP3KU2SW/1MHeht9YgtGAz
7AjUT645G6/5PIrXicsPYELtBj4ti5Avm+bUg+B2R7yfDKOBIX7VBsgMkKDHWpsC
vkV464iJba71BrP7saP24WqxunUy9urSswTz8TXpqucwn92wsTjUxCRf3N48ihNO
UvePiAUEvb2uo/bHwDTk1jKpPDvK4+xbqk3EfP4cweS+yatSKUDqKbIBUHHd5YAk
S6d6M/9NxRNufysmb7Lt5S4+Pjwg2qUE8GJdVhJXrLu21r3+UWMdigzKv8lssaWp
tSYUYXJ2Dsv1lMr5iYot4aJqnRLm12MrCGEvbccCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQcTGISvnlmVSEPlUZjYk6i55U/BTAfBgNVHSMEGDAWgBSiVKnzomZRPdxp
Ndi+Ai5+UjDqEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29sU3A4NkptVVQzY2FUWFl2Z0l1ZmxJdzZoQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvYjYwMzczLTgxOGUtNDBhOS05MzE5LWFkZGYwZTE4NDllYi8x
L0hFeGlFcjU1WmxVaEQ1VkdZMkpPb3VlVlB3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
YjYwMzczLTgxOGUtNDBhOS05MzE5LWFkZGYwZTE4NDllYi8xL29sU3A4NkptVVQz
Y2FUWFl2Z0l1ZmxJdzZoQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2SyjANBgkqhkiG9w0BAQsFAAOC
AQEApPED5q/8uWyhmAxK43TEDZfEANUzT56erUowc3xpVB7wvwv1x/i5P21ATMfH
7HVUPg+TOXv0Ey6B8jkc9eZJV2L2Q6cxeygUb3zCdA83Rb739swtmvL5ffPrM+jo
2RhuuCYA1V1i8R6a9nImy8KItIdl2MZu8V6PhDYRbuP0i1u/tygneYzlWv/o13l8
StR1uZj6wdWNyvJ9x4qwKGr6x0LIAZWyVscGohLd3TyhUxZfsMyZdXOuqexEkH5Q
8n5hCDVGtdcWXk2EMGbN0FIWWcXl6Ygg1mTbbYYJMVYJYCOMSes6+wUsCjbM+myJ
4WCJhQbHhWnIx/Jte+bk5XzxFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:50 2024 by rpki-client on console-fra.rpki-client.org