Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/31i_awI_ELZKmYh4O8O0JIfv3co.roa
File:                     31i_awI_ELZKmYh4O8O0JIfv3co.roa (raw, json)
Hash identifier:          FQwivx9CCnbsAck62Aa3SlCsVUg7f2XPkMkta6IjNtM=
Subject key identifier:   DF:58:BF:6B:02:3F:10:B6:4A:99:88:78:3B:C3:B4:24:87:EF:DD:CA
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       1A912DE7
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/31i_awI_ELZKmYh4O8O0JIfv3co.roa
Signing time:             Tue 01 Mar 2022 20:33:29 +0000
ROA not before:           Tue 01 Mar 2022 20:33:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206238
IP address blocks:        45.137.88.0/22 maxlen: 22
                          45.137.100.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 445722087 (0x1a912de7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Mar  1 20:33:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=df58bf6b023f10b64a9988783bc3b42487efddca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ff:db:c1:90:d2:aa:6b:e2:21:9e:a1:b5:e3:
                    26:c4:96:16:0d:2b:54:0e:74:09:ad:e8:3e:e9:4e:
                    72:41:8e:f2:a8:b5:12:70:3a:8c:25:3a:e0:2d:34:
                    29:92:61:f0:78:25:dd:8c:ca:c7:59:99:fd:5d:92:
                    21:d1:34:04:a5:4e:9e:26:53:04:9a:9a:87:90:c9:
                    37:e7:14:6f:1d:7a:65:89:78:f4:2d:c0:a5:13:01:
                    ae:a6:22:c5:38:8d:f1:40:cd:89:5d:c9:39:3e:7b:
                    66:d6:a3:9b:00:dd:45:ce:59:76:76:e6:83:15:5a:
                    6f:cb:c6:c6:6a:f1:03:53:cf:2f:f8:9d:d1:81:37:
                    bb:c1:d2:41:d1:b1:d5:dc:59:5b:3a:f5:2d:86:f3:
                    13:75:bc:66:78:76:5d:41:52:fb:3e:c8:5e:eb:c5:
                    34:80:93:48:0f:eb:b3:c0:44:74:a3:6e:3f:f9:fd:
                    6f:b9:0c:7c:91:be:04:67:f6:aa:da:64:bc:90:03:
                    0d:a3:db:f4:4f:91:80:43:96:15:0b:ec:ca:d6:aa:
                    9c:fd:3a:9c:17:7c:f0:ba:31:c7:9a:ea:bc:ed:42:
                    5d:f2:63:86:a1:8c:fb:82:20:d0:8a:21:cb:47:ef:
                    af:d8:50:6b:f2:bb:1a:b1:b3:cb:c4:54:9b:84:8b:
                    a4:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:58:BF:6B:02:3F:10:B6:4A:99:88:78:3B:C3:B4:24:87:EF:DD:CA
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/31i_awI_ELZKmYh4O8O0JIfv3co.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.88.0/22
                  45.137.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6b:28:56:2b:24:44:8a:27:2b:a1:cb:26:58:08:44:a7:ff:27:
         84:da:04:ed:ef:10:a8:b3:a2:ca:22:d9:b5:b4:81:34:ed:57:
         15:3a:7e:9d:2e:65:96:57:74:f7:df:e7:cd:04:f6:92:e5:33:
         3f:94:ff:46:81:b7:9b:e6:2c:ad:4a:c9:55:a5:48:4e:54:02:
         ca:47:9f:29:0e:d8:68:b0:5d:b8:7a:b5:e5:a3:89:5e:27:bb:
         ae:fa:d6:8c:f1:41:7d:94:52:7b:43:41:99:f9:b7:14:1d:33:
         be:f8:61:d0:00:d1:4f:dc:11:03:ca:e0:35:b0:62:a6:55:dd:
         c7:cd:ff:cb:57:67:af:20:4c:7b:3d:15:42:fc:d5:77:0b:7e:
         3c:17:64:38:9f:db:a6:51:64:ef:67:48:d7:ed:e7:67:99:33:
         c8:2b:ab:2f:55:b3:aa:0f:fc:b9:3b:d1:6f:e4:30:6a:9a:fc:
         57:52:c3:b7:ea:b2:57:a0:5e:be:70:f3:d3:15:bc:e6:45:32:
         95:2d:af:e3:8b:9a:da:b5:c2:e1:43:5b:56:15:fb:f3:6b:95:
         89:a6:47:d2:19:26:bc:34:d7:77:fd:3d:4b:05:cd:c4:af:95:
         32:37:1a:5b:27:64:24:3a:22:73:b5:fd:45:39:61:74:f8:9e:
         99:67:20:77
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGpEt5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDMw
MTIwMzMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY1OGJmNmIwMjNm
MTBiNjRhOTk4ODc4M2JjM2I0MjQ4N2VmZGRjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALX/28GQ0qpr4iGeobXjJsSWFg0rVA50Ca3oPulOckGO8qi1
EnA6jCU64C00KZJh8Hgl3YzKx1mZ/V2SIdE0BKVOniZTBJqah5DJN+cUbx16ZYl4
9C3ApRMBrqYixTiN8UDNiV3JOT57ZtajmwDdRc5ZdnbmgxVab8vGxmrxA1PPL/id
0YE3u8HSQdGx1dxZWzr1LYbzE3W8Znh2XUFS+z7IXuvFNICTSA/rs8BEdKNuP/n9
b7kMfJG+BGf2qtpkvJADDaPb9E+RgEOWFQvsytaqnP06nBd88Loxx5rqvO1CXfJj
hqGM+4Ig0Iohy0fvr9hQa/K7GrGzy8RUm4SLpJcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTfWL9rAj8QtkqZiHg7w7Qkh+/dyjAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
LzMxaV9hd0lfRUxaS21ZaDRPOE8wSklmdjNjby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2JWAMEAi2JZDANBgkqhkiG9w0B
AQsFAAOCAQEAayhWKyREiicrocsmWAhEp/8nhNoE7e8QqLOiyiLZtbSBNO1XFTp+
nS5llld099/nzQT2kuUzP5T/RoG3m+YsrUrJVaVITlQCykefKQ7YaLBduHq15aOJ
Xie7rvrWjPFBfZRSe0NBmfm3FB0zvvhh0ADRT9wRA8rgNbBiplXdx83/y1dnryBM
ez0VQvzVdwt+PBdkOJ/bplFk72dI1+3nZ5kzyCurL1Wzqg/8uTvRb+Qwapr8V1LD
t+qyV6BevnDz0xW85kUylS2v44ua2rXC4UNbVhX782uViaZH0hkmvDTXd/09SwXN
xK+VMjcaWydkJDoic7X9RTlhdPiemWcgdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org