Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/f09759-6ceb-4754-bbe5-3b9e3c53bab0/1/G2bYjlp_vhkpPaVs2IyFGXaU36s.roa
File:                     G2bYjlp_vhkpPaVs2IyFGXaU36s.roa (raw, json)
Hash identifier:          y/gWhgHShtmfveWY0kXu4xYS27AWtXqagan7+L5EJYQ=
Subject key identifier:   1B:66:D8:8E:5A:7F:BE:19:29:3D:A5:6C:D8:8C:85:19:76:94:DF:AB
Certificate issuer:       /CN=e2dac150848325f0f72587064f8aba37c5ff3790
Certificate serial:       0384A6AF
Authority key identifier: E2:DA:C1:50:84:83:25:F0:F7:25:87:06:4F:8A:BA:37:C5:FF:37:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4trBUISDJfD3JYcGT4q6N8X_N5A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/f09759-6ceb-4754-bbe5-3b9e3c53bab0/1/G2bYjlp_vhkpPaVs2IyFGXaU36s.roa
Signing time:             Wed 30 Mar 2022 07:52:58 +0000
ROA not before:           Wed 30 Mar 2022 07:52:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197637
IP address blocks:        45.67.28.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59025071 (0x384a6af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2dac150848325f0f72587064f8aba37c5ff3790
        Validity
            Not Before: Mar 30 07:52:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1b66d88e5a7fbe19293da56cd88c85197694dfab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:1d:68:50:88:18:17:69:0f:81:ec:2b:18:6c:
                    55:4e:95:30:6d:3c:46:ef:f8:eb:fc:08:bc:d0:cb:
                    b2:db:5b:d3:ba:ce:2d:b9:b4:4f:aa:cd:f3:ae:e3:
                    59:2f:46:c3:b1:21:4f:e0:02:04:51:dd:34:10:37:
                    2b:72:fa:72:55:5f:22:53:3a:4a:df:18:f7:28:40:
                    54:b9:e3:53:ff:ba:9a:65:6d:f4:6b:02:6a:2c:89:
                    9f:fa:f3:bc:ad:12:41:36:5f:85:1c:ff:43:17:e3:
                    fd:06:ba:3c:eb:1c:53:e5:bb:72:da:16:1d:41:c1:
                    68:58:12:b9:47:69:51:4a:ed:e6:e8:52:b0:61:ed:
                    cc:f3:9b:ee:ed:32:5f:e3:c0:20:1f:74:0e:00:22:
                    bb:6c:d9:59:74:6b:b8:66:8b:19:2c:a8:46:c6:90:
                    3f:b3:a0:0b:36:75:27:63:59:4e:e5:3e:c5:d4:37:
                    75:06:88:73:b5:e1:64:dd:80:bf:50:f8:08:0a:d0:
                    da:75:2a:ad:46:77:0d:3d:7d:04:47:ae:85:39:3e:
                    84:7d:8d:de:e7:f1:65:a8:4f:bc:fb:6b:cc:4b:99:
                    09:1d:97:cb:b2:57:01:7c:7a:f6:b6:4c:39:88:63:
                    ef:5e:85:2b:bf:19:41:4e:35:19:b8:e2:f6:fb:4e:
                    68:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:66:D8:8E:5A:7F:BE:19:29:3D:A5:6C:D8:8C:85:19:76:94:DF:AB
            X509v3 Authority Key Identifier:
                keyid:E2:DA:C1:50:84:83:25:F0:F7:25:87:06:4F:8A:BA:37:C5:FF:37:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4trBUISDJfD3JYcGT4q6N8X_N5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/f09759-6ceb-4754-bbe5-3b9e3c53bab0/1/G2bYjlp_vhkpPaVs2IyFGXaU36s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/f09759-6ceb-4754-bbe5-3b9e3c53bab0/1/4trBUISDJfD3JYcGT4q6N8X_N5A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:2b:a6:6e:d7:b0:a9:fa:d3:82:29:d8:fa:76:cb:fb:68:c3:
         15:c0:ea:0c:ca:6d:9a:9f:a6:56:fa:da:dd:72:de:71:e5:e9:
         de:05:c7:1e:91:dd:60:e9:25:75:b4:f9:f0:ba:34:1f:c0:5c:
         37:e2:8c:a7:9c:2d:17:e8:b0:ac:17:1b:bb:b2:72:9e:f6:b2:
         f8:b6:dd:17:d4:1e:67:5f:b4:d5:f8:51:3d:5f:32:0d:46:09:
         54:13:26:e1:56:d8:89:d0:2a:4b:1f:03:01:32:be:74:1c:ba:
         4f:cc:7f:03:a5:e5:1f:cd:73:ff:9e:b0:c4:79:66:ec:d9:ab:
         14:32:f7:d0:00:b8:3c:e4:95:46:65:7e:dc:15:57:ed:3f:41:
         12:41:be:4b:db:31:53:ad:49:e1:78:12:c1:a5:f5:3d:89:90:
         d1:96:db:04:83:1a:b0:d4:15:93:52:f5:03:5a:54:e1:fa:59:
         9e:11:19:b9:64:22:d5:20:ca:9b:10:d4:3e:f6:26:eb:ff:28:
         21:5f:ff:84:ff:01:66:01:73:ab:c6:30:9b:10:ff:4d:07:6e:
         f7:a0:2e:7c:58:b7:fe:5e:4d:d6:67:50:bb:6b:bd:05:7e:96:
         17:53:db:40:bd:00:af:64:55:87:59:cf:34:58:1f:de:c6:f7:
         67:42:79:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA4SmrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmRhYzE1MDg0ODMyNWYwZjcyNTg3MDY0ZjhhYmEzN2M1ZmYzNzkwMB4XDTIyMDMz
MDA3NTI1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI2NmQ4OGU1YTdm
YmUxOTI5M2RhNTZjZDg4Yzg1MTk3Njk0ZGZhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIdaFCIGBdpD4HsKxhsVU6VMG08Ru/46/wIvNDLsttb07rO
Lbm0T6rN867jWS9Gw7EhT+ACBFHdNBA3K3L6clVfIlM6St8Y9yhAVLnjU/+6mmVt
9GsCaiyJn/rzvK0SQTZfhRz/Qxfj/Qa6POscU+W7ctoWHUHBaFgSuUdpUUrt5uhS
sGHtzPOb7u0yX+PAIB90DgAiu2zZWXRruGaLGSyoRsaQP7OgCzZ1J2NZTuU+xdQ3
dQaIc7XhZN2Av1D4CArQ2nUqrUZ3DT19BEeuhTk+hH2N3ufxZahPvPtrzEuZCR2X
y7JXAXx69rZMOYhj716FK78ZQU41Gbji9vtOaNUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQbZtiOWn++GSk9pWzYjIUZdpTfqzAfBgNVHSMEGDAWgBTi2sFQhIMl8Pcl
hwZPiro3xf83kDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR0ckJVSVNESmZEM0pZY0dUNHE2TjhYX041QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvZjA5NzU5LTZjZWItNDc1NC1iYmU1LTNiOWUzYzUzYmFiMC8x
L0cyYllqbHBfdmhrcFBhVnMySXlGR1hhVTM2cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
ZjA5NzU5LTZjZWItNDc1NC1iYmU1LTNiOWUzYzUzYmFiMC8xLzR0ckJVSVNESmZE
M0pZY0dUNHE2TjhYX041QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1DHDANBgkqhkiG9w0BAQsFAAOC
AQEAIiumbtewqfrTginY+nbL+2jDFcDqDMptmp+mVvra3XLeceXp3gXHHpHdYOkl
dbT58Lo0H8BcN+KMp5wtF+iwrBcbu7Jynvay+LbdF9QeZ1+01fhRPV8yDUYJVBMm
4VbYidAqSx8DATK+dBy6T8x/A6XlH81z/56wxHlm7NmrFDL30AC4POSVRmV+3BVX
7T9BEkG+S9sxU61J4XgSwaX1PYmQ0ZbbBIMasNQVk1L1A1pU4fpZnhEZuWQi1SDK
mxDUPvYm6/8oIV//hP8BZgFzq8YwmxD/TQdu96AufFi3/l5N1mdQu2u9BX6WF1Pb
QL0Ar2RVh1nPNFgf3sb3Z0J55w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:56 2024 by rpki-client on console-fra.rpki-client.org