Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e2df0e-7bfe-44a9-bf86-f9ef97420764/1/Q6d_ZzNjJrunLSxfmZfRIVAaZ70.roa
File:                     Q6d_ZzNjJrunLSxfmZfRIVAaZ70.roa (raw, json)
Hash identifier:          zZAvquWZf16j4siBz/phwDiVyYXejLYOnwwpKKloRss=
Subject key identifier:   43:A7:7F:67:33:63:26:BB:A7:2D:2C:5F:99:97:D1:21:50:1A:67:BD
Certificate issuer:       /CN=16e9aaace50279585b5c5a5d8ee85610686c26c0
Certificate serial:       075C4B68
Authority key identifier: 16:E9:AA:AC:E5:02:79:58:5B:5C:5A:5D:8E:E8:56:10:68:6C:26:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FumqrOUCeVhbXFpdjuhWEGhsJsA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/e2df0e-7bfe-44a9-bf86-f9ef97420764/1/Q6d_ZzNjJrunLSxfmZfRIVAaZ70.roa
Signing time:             Sat 01 Jan 2022 08:57:07 +0000
ROA not before:           Sat 01 Jan 2022 08:57:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35367
IP address blocks:        45.155.72.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123489128 (0x75c4b68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16e9aaace50279585b5c5a5d8ee85610686c26c0
        Validity
            Not Before: Jan  1 08:57:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=43a77f67336326bba72d2c5f9997d121501a67bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:db:67:aa:c5:40:c0:20:50:ef:c9:e2:e7:2e:
                    b2:4f:8d:9a:60:8b:ad:45:bf:eb:19:13:c2:19:6b:
                    fa:4a:fc:b0:23:f1:05:c6:6a:b3:03:b9:a6:d0:e1:
                    69:09:a6:ed:79:9f:91:27:eb:f4:68:46:51:5d:56:
                    c8:09:cc:e8:b4:15:0a:d1:cf:bd:a6:38:97:87:4f:
                    d6:dd:f4:56:37:7c:2a:a6:fc:3b:a4:72:fc:4b:b6:
                    0c:d5:11:d3:d5:ae:70:12:fe:ce:18:9b:cd:49:31:
                    62:69:a5:74:11:c8:77:b3:b2:2a:8b:e3:e9:e4:42:
                    2c:ed:1f:91:a5:b6:6d:1c:cb:41:d7:e3:31:7b:68:
                    ce:68:74:e8:80:48:d2:66:25:d3:d2:d4:0b:5b:40:
                    cd:26:cf:6d:e1:c2:bd:73:b1:28:03:78:1f:21:59:
                    b0:5f:62:9f:d8:59:cc:18:d0:3a:63:14:17:1e:6f:
                    ed:89:ab:b6:08:50:61:3d:d7:a5:59:ca:23:ca:59:
                    ce:95:e0:e6:96:91:4a:77:98:51:97:7d:19:01:4b:
                    bc:dc:93:c8:c3:da:6e:de:51:97:a4:98:5b:fd:a9:
                    0c:3a:7a:bc:36:18:bc:84:44:d3:ad:41:97:22:89:
                    47:c1:32:b7:d4:22:67:be:bb:b4:b8:98:d5:d4:8c:
                    2e:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:A7:7F:67:33:63:26:BB:A7:2D:2C:5F:99:97:D1:21:50:1A:67:BD
            X509v3 Authority Key Identifier:
                keyid:16:E9:AA:AC:E5:02:79:58:5B:5C:5A:5D:8E:E8:56:10:68:6C:26:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FumqrOUCeVhbXFpdjuhWEGhsJsA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e2df0e-7bfe-44a9-bf86-f9ef97420764/1/Q6d_ZzNjJrunLSxfmZfRIVAaZ70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e2df0e-7bfe-44a9-bf86-f9ef97420764/1/FumqrOUCeVhbXFpdjuhWEGhsJsA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:73:fc:3b:6b:ac:48:9f:16:cf:73:aa:d2:86:a7:35:ae:8d:
         91:bf:96:eb:95:eb:0e:2c:d1:01:e8:c4:aa:92:5a:99:f0:fa:
         dc:39:20:43:8a:f4:7f:fb:67:c9:a1:49:f7:cc:05:84:fd:88:
         62:02:ad:86:83:fe:14:9d:03:ce:bb:78:67:1d:14:10:ad:11:
         3a:06:c7:3a:e9:82:2b:2c:67:fa:1f:8b:98:d3:3c:8b:7b:b7:
         cf:45:bd:c3:12:bb:88:ab:80:c6:38:4a:70:4a:0b:62:db:d1:
         ca:90:38:7d:78:05:e4:84:bd:60:16:56:78:49:fd:76:45:cc:
         e4:5e:5b:8b:34:48:ac:0a:67:6d:5e:2b:78:80:ac:5b:d7:59:
         83:fd:c2:56:96:5d:d2:13:5a:d0:fe:3d:ce:15:80:ba:ac:d6:
         4e:a1:62:76:de:cc:05:85:1b:96:a3:1d:b1:0a:63:d9:53:d9:
         1c:76:fe:1a:eb:fd:8c:2c:98:81:49:57:b0:6f:ee:7c:00:97:
         64:af:f8:91:1e:01:d0:20:d0:97:4a:7b:f9:09:dd:a3:87:c4:
         3b:5e:c4:31:99:cb:74:90:bb:71:df:37:e3:39:11:35:46:85:
         ba:d7:0d:79:e1:ea:3e:62:10:51:b8:be:cf:bf:82:05:60:9c:
         db:1d:c6:fb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB1xLaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NmU5YWFhY2U1MDI3OTU4NWI1YzVhNWQ4ZWU4NTYxMDY4NmMyNmMwMB4XDTIyMDEw
MTA4NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNhNzdmNjczMzYz
MjZiYmE3MmQyYzVmOTk5N2QxMjE1MDFhNjdiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKLbZ6rFQMAgUO/J4ucusk+NmmCLrUW/6xkTwhlr+kr8sCPx
BcZqswO5ptDhaQmm7XmfkSfr9GhGUV1WyAnM6LQVCtHPvaY4l4dP1t30Vjd8Kqb8
O6Ry/Eu2DNUR09WucBL+zhibzUkxYmmldBHId7OyKovj6eRCLO0fkaW2bRzLQdfj
MXtozmh06IBI0mYl09LUC1tAzSbPbeHCvXOxKAN4HyFZsF9in9hZzBjQOmMUFx5v
7YmrtghQYT3XpVnKI8pZzpXg5paRSneYUZd9GQFLvNyTyMPabt5Rl6SYW/2pDDp6
vDYYvIRE061BlyKJR8Eyt9QiZ767tLiY1dSMLi0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRDp39nM2Mmu6ctLF+Zl9EhUBpnvTAfBgNVHSMEGDAWgBQW6aqs5QJ5WFtc
Wl2O6FYQaGwmwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z1bXFyT1VDZVZoYlhGcGRqdWhXRUdoc0pzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvZTJkZjBlLTdiZmUtNDRhOS1iZjg2LWY5ZWY5NzQyMDc2NC8x
L1E2ZF9aek5qSnJ1bkxTeGZtWmZSSVZBYVo3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
ZTJkZjBlLTdiZmUtNDRhOS1iZjg2LWY5ZWY5NzQyMDc2NC8xL0Z1bXFyT1VDZVZo
YlhGcGRqdWhXRUdoc0pzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2bSDANBgkqhkiG9w0BAQsFAAOC
AQEAAnP8O2usSJ8Wz3Oq0oanNa6Nkb+W65XrDizRAejEqpJamfD63DkgQ4r0f/tn
yaFJ98wFhP2IYgKthoP+FJ0Dzrt4Zx0UEK0ROgbHOumCKyxn+h+LmNM8i3u3z0W9
wxK7iKuAxjhKcEoLYtvRypA4fXgF5IS9YBZWeEn9dkXM5F5bizRIrApnbV4reICs
W9dZg/3CVpZd0hNa0P49zhWAuqzWTqFidt7MBYUblqMdsQpj2VPZHHb+Guv9jCyY
gUlXsG/ufACXZK/4kR4B0CDQl0p7+Qndo4fEO17EMZnLdJC7cd834zkRNUaFutcN
eeHqPmIQUbi+z7+CBWCc2x3G+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:26 2024 by rpki-client on console-ams.rpki-client.org