Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/hG2zwwjpH73UrurGvAGY188Ztgo.roa
File:                     hG2zwwjpH73UrurGvAGY188Ztgo.roa (raw, json)
Hash identifier:          205XorvPyujDrROlp2OqfK5djM74ueuBgpLouOonbfU=
Subject key identifier:   84:6D:B3:C3:08:E9:1F:BD:D4:AE:EA:C6:BC:01:98:D7:CF:19:B6:0A
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       19EDD337
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/hG2zwwjpH73UrurGvAGY188Ztgo.roa
Signing time:             Sat 01 Jan 2022 15:56:53 +0000
ROA not before:           Sat 01 Jan 2022 15:56:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209242
IP address blocks:        45.131.208.0/22 maxlen: 22
                          45.131.4.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 435016503 (0x19edd337)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 15:56:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=846db3c308e91fbdd4aeeac6bc0198d7cf19b60a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:16:71:44:b8:34:d2:ee:98:75:d6:75:1f:8c:
                    ef:fa:9f:9d:1e:99:11:30:06:23:94:00:ce:59:bb:
                    a3:47:b8:48:2f:63:f1:a5:9f:09:58:f4:bb:64:dc:
                    7d:7a:d7:24:33:9b:d1:a9:bb:51:03:1e:30:e0:17:
                    99:d4:7a:c0:6f:6b:94:5a:99:da:33:15:29:6a:ca:
                    9d:bf:75:40:7c:0f:33:6e:fa:86:74:e5:ef:40:f7:
                    ce:11:3d:78:eb:c5:26:e0:4b:d8:2f:00:59:50:d7:
                    82:b8:8f:49:e5:92:bb:35:54:b3:65:c8:dd:9e:1a:
                    3f:a8:40:31:56:fe:05:76:b3:45:b7:79:1f:4a:1c:
                    f5:d3:a3:7d:13:43:d7:56:68:60:bc:85:09:47:d1:
                    59:92:f4:d8:32:b2:b3:c9:2d:48:df:30:62:09:8b:
                    61:6a:51:fb:dc:bc:9c:bb:74:9a:a5:b4:06:af:61:
                    d4:cb:a8:7c:45:7f:c0:9d:d6:12:6a:f3:94:ee:5c:
                    e1:3f:4d:73:45:c0:fe:84:8f:ef:51:ed:6e:da:83:
                    65:55:35:8d:9e:7a:73:79:a9:76:66:49:22:13:7d:
                    b9:30:d6:5b:a4:1b:0d:76:13:dc:13:1e:5e:69:c9:
                    c2:fd:8e:b0:94:bb:fa:21:a0:48:0c:e6:81:dc:46:
                    df:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:6D:B3:C3:08:E9:1F:BD:D4:AE:EA:C6:BC:01:98:D7:CF:19:B6:0A
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/hG2zwwjpH73UrurGvAGY188Ztgo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.4.0/22
                  45.131.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:14:89:1d:68:c2:26:c9:68:ad:98:9b:90:aa:13:3f:5b:bf:
         7a:0d:af:15:d8:b0:ab:b4:92:23:09:c8:d7:2b:c9:4e:21:3b:
         39:35:8a:b8:0a:2e:63:e7:30:51:46:5c:9d:bf:00:92:ec:06:
         9e:86:b4:a7:cf:a6:0a:34:c7:5d:4d:96:89:07:ea:e2:cb:50:
         28:34:26:73:c4:cc:c3:54:49:37:83:40:7b:44:b2:67:3f:c6:
         14:57:bf:6f:6b:7c:2f:f9:c4:cb:1e:60:02:96:83:e9:2d:4d:
         45:27:a4:3d:22:f8:11:78:ac:5b:3a:0f:37:ec:6f:dc:b9:5f:
         cd:ea:09:04:3a:1c:32:0d:03:0a:2c:c9:03:c8:93:c6:dd:ff:
         cd:e2:dd:27:2a:cd:a0:53:ed:df:0b:73:b3:93:1c:97:b6:93:
         4a:e9:b1:c5:52:a0:28:d9:ec:3a:af:d9:48:a6:5b:12:e2:d2:
         65:25:b3:5a:45:36:70:8a:d9:2c:a4:0a:11:cb:e3:29:a4:bc:
         ee:04:95:2c:f5:97:2e:57:a0:3c:4d:f4:73:71:d8:7b:6c:15:
         ba:39:c5:71:74:fa:f9:4d:4d:4f:5c:d3:a0:e4:ef:15:a6:85:
         24:fa:28:f8:3f:5c:c8:8a:c1:e7:64:dc:09:d2:6c:74:0a:b1:
         0f:1a:fe:2b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGe3TNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
MTE1NTY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQ2ZGIzYzMwOGU5
MWZiZGQ0YWVlYWM2YmMwMTk4ZDdjZjE5YjYwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIkWcUS4NNLumHXWdR+M7/qfnR6ZETAGI5QAzlm7o0e4SC9j
8aWfCVj0u2TcfXrXJDOb0am7UQMeMOAXmdR6wG9rlFqZ2jMVKWrKnb91QHwPM276
hnTl70D3zhE9eOvFJuBL2C8AWVDXgriPSeWSuzVUs2XI3Z4aP6hAMVb+BXazRbd5
H0oc9dOjfRND11ZoYLyFCUfRWZL02DKys8ktSN8wYgmLYWpR+9y8nLt0mqW0Bq9h
1MuofEV/wJ3WEmrzlO5c4T9Nc0XA/oSP71HtbtqDZVU1jZ56c3mpdmZJIhN9uTDW
W6QbDXYT3BMeXmnJwv2OsJS7+iGgSAzmgdxG39sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSEbbPDCOkfvdSu6sa8AZjXzxm2CjAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L2hHMnp3d2pwSDczVXJ1ckd2QUdZMTg4WnRnby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2DBAMEAi2D0DANBgkqhkiG9w0B
AQsFAAOCAQEAeRSJHWjCJslorZibkKoTP1u/eg2vFdiwq7SSIwnI1yvJTiE7OTWK
uAouY+cwUUZcnb8AkuwGnoa0p8+mCjTHXU2WiQfq4stQKDQmc8TMw1RJN4NAe0Sy
Zz/GFFe/b2t8L/nEyx5gApaD6S1NRSekPSL4EXisWzoPN+xv3LlfzeoJBDocMg0D
CizJA8iTxt3/zeLdJyrNoFPt3wtzs5Mcl7aTSumxxVKgKNnsOq/ZSKZbEuLSZSWz
WkU2cIrZLKQKEcvjKaS87gSVLPWXLlegPE30c3HYe2wVujnFcXT6+U1NT1zToOTv
FaaFJPoo+D9cyIrB52TcCdJsdAqxDxr+Kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org