Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/mOMa4N26ErG_wEJGVYgSTyjYrBw.roa
File:                     mOMa4N26ErG_wEJGVYgSTyjYrBw.roa (raw, json)
Hash identifier:          K4lKkuJ4miq0rwV6kMvvBaH8LbrkXsfILM6ugwfsshs=
Subject key identifier:   98:E3:1A:E0:DD:BA:12:B1:BF:C0:42:46:55:88:12:4F:28:D8:AC:1C
Certificate issuer:       /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial:       018476D72C98AF2DEA514594D9F8C6D97A90
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/mOMa4N26ErG_wEJGVYgSTyjYrBw.roa
Signing time:             Mon 14 Nov 2022 15:52:03 +0000
ROA not before:           Mon 14 Nov 2022 15:52:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        45.149.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:76:d7:2c:98:af:2d:ea:51:45:94:d9:f8:c6:d9:7a:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
        Validity
            Not Before: Nov 14 15:52:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=98e31ae0ddba12b1bfc042465588124f28d8ac1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:32:a1:e5:42:9d:fc:cf:9e:7c:fd:40:e8:98:
                    14:88:80:16:9f:ef:f9:72:fb:79:40:98:a5:54:e8:
                    c1:2a:5a:8a:d9:70:58:c3:bc:b6:f4:f6:71:38:fc:
                    24:66:c3:47:c1:37:95:e6:d8:ad:fb:0e:c1:73:0f:
                    d1:66:ce:b4:b9:0a:a8:ed:59:8e:4e:b3:36:50:96:
                    05:39:d8:5f:90:1e:60:7a:4d:fc:8d:c0:61:df:19:
                    f2:ec:fb:fe:c1:82:b1:a8:13:db:33:65:d0:6a:53:
                    54:c3:46:d8:bd:7a:2e:f3:08:4a:68:11:5f:9b:c3:
                    1f:17:db:b4:0c:99:34:94:dc:90:dc:a8:71:60:c2:
                    9a:7f:27:79:2b:fa:93:9e:44:f1:50:fe:5f:6f:c2:
                    02:3e:07:b4:f6:c2:10:42:1f:88:4a:bf:b0:71:dd:
                    12:0b:bb:a5:5c:fd:8f:b8:2b:c3:71:de:96:69:12:
                    94:b6:17:b3:10:43:6f:d1:1b:46:e0:01:37:25:08:
                    19:bc:c9:84:d8:9f:9f:22:4d:45:0a:23:a4:0a:06:
                    8d:eb:14:8a:f5:f4:a3:52:1c:6c:8a:1b:2b:f9:4a:
                    5f:cd:95:2f:3b:cb:0c:cd:6a:64:13:7e:cf:ee:f8:
                    98:c0:17:d5:b0:23:92:11:e6:6f:0b:90:60:ae:79:
                    32:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:E3:1A:E0:DD:BA:12:B1:BF:C0:42:46:55:88:12:4F:28:D8:AC:1C
            X509v3 Authority Key Identifier:
                keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/mOMa4N26ErG_wEJGVYgSTyjYrBw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:3e:7c:bf:b6:88:0b:91:ff:a6:86:9c:6f:67:70:66:6e:55:
         3c:c4:c9:00:75:10:48:13:62:18:ba:27:5c:01:4c:b6:84:c4:
         b0:5d:06:97:36:3f:c3:4e:d1:e8:d1:e8:74:df:ac:fe:37:cb:
         ac:4c:1d:41:73:c1:f3:e6:97:69:02:96:05:69:93:42:8a:c7:
         bd:ff:e7:f8:4e:04:71:38:ff:00:ff:e7:19:17:7f:d5:53:e3:
         c5:ab:85:1d:ee:bc:b1:db:82:25:77:9a:3b:3e:7f:bf:36:32:
         ce:b0:9e:8c:88:e8:7c:a1:86:ca:73:dd:c5:6e:14:14:6d:b3:
         ed:57:e6:44:ec:d9:3a:5f:3d:7c:02:c6:6a:99:bd:ef:51:ea:
         1a:42:82:88:53:a1:28:c5:d1:2a:11:fc:9d:19:e4:62:eb:ab:
         79:05:3c:2d:81:d4:aa:6b:a9:ed:31:94:07:b5:c3:7e:43:5d:
         fa:8c:de:b2:91:00:7d:ef:a0:22:e3:32:69:f5:37:c4:2f:19:
         94:9a:d2:5c:1f:33:92:25:a0:88:d8:ca:bb:14:21:7e:31:bb:
         d2:69:38:40:a6:bc:40:27:36:1a:8f:ad:5b:1a:3d:d3:fb:88:
         e1:66:f6:80:25:6b:67:c6:59:d8:72:e4:1b:43:98:66:11:b5:
         ee:0e:08:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR21yyYry3qUUWU2fjG2XqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjIxMTE0MTU1MjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGUzMWFlMGRkYmExMmIxYmZjMDQyNDY1NTg4MTI0ZjI4ZDhhYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjKh5UKd/M+efP1A6JgUiIAWn+/5
cvt5QJilVOjBKlqK2XBYw7y29PZxOPwkZsNHwTeV5tit+w7Bcw/RZs60uQqo7VmO
TrM2UJYFOdhfkB5gek38jcBh3xny7Pv+wYKxqBPbM2XQalNUw0bYvXou8whKaBFf
m8MfF9u0DJk0lNyQ3KhxYMKafyd5K/qTnkTxUP5fb8ICPge09sIQQh+ISr+wcd0S
C7ulXP2PuCvDcd6WaRKUthezEENv0RtG4AE3JQgZvMmE2J+fIk1FCiOkCgaN6xSK
9fSjUhxsihsr+UpfzZUvO8sMzWpkE37P7viYwBfVsCOSEeZvC5BgrnkyzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjjGuDduhKxv8BCRlWIEk8o2KwcMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvbU9NYTROMjZFckdfd0VKR1ZZZ1NUeWpZckJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZWlMA0G
CSqGSIb3DQEBCwUAA4IBAQA+Pny/togLkf+mhpxvZ3BmblU8xMkAdRBIE2IYuidc
AUy2hMSwXQaXNj/DTtHo0eh036z+N8usTB1Bc8Hz5pdpApYFaZNCise9/+f4TgRx
OP8A/+cZF3/VU+PFq4Ud7ryx24Ild5o7Pn+/NjLOsJ6MiOh8oYbKc93FbhQUbbPt
V+ZE7Nk6Xz18AsZqmb3vUeoaQoKIU6EoxdEqEfydGeRi66t5BTwtgdSqa6ntMZQH
tcN+Q136jN6ykQB976Ai4zJp9TfELxmUmtJcHzOSJaCI2Mq7FCF+MbvSaThAprxA
JzYaj61bGj3T+4jhZvaAJWtnxlnYcuQbQ5hmEbXuDgj3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:08 2024 by rpki-client on console-ams.rpki-client.org