Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/C2cG7OIxtA9o6xY2nk0-IFwR5pw.roa
File:                     C2cG7OIxtA9o6xY2nk0-IFwR5pw.roa (raw, json)
Hash identifier:          BVwVlJ5LsyyZDioNk2RbRZV6RQ3qHo66meDaKYY0EDI=
Subject key identifier:   0B:67:06:EC:E2:31:B4:0F:68:EB:16:36:9E:4D:3E:20:5C:11:E6:9C
Certificate issuer:       /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial:       0182D5280614B19172C88B4A3FA8F0760EBC
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/C2cG7OIxtA9o6xY2nk0-IFwR5pw.roa
Signing time:             Thu 25 Aug 2022 13:19:06 +0000
ROA not before:           Thu 25 Aug 2022 13:19:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        45.153.238.0/24 maxlen: 24
                          45.153.237.0/24 maxlen: 24
                          45.11.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d5:28:06:14:b1:91:72:c8:8b:4a:3f:a8:f0:76:0e:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
        Validity
            Not Before: Aug 25 13:19:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0b6706ece231b40f68eb16369e4d3e205c11e69c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:69:ca:1b:c5:92:80:2f:26:18:06:28:45:a3:
                    b9:39:62:5b:52:35:f8:c8:0c:c3:e3:1a:f5:18:3c:
                    3f:7a:dd:be:08:b2:bf:91:af:c6:b4:42:98:c2:ce:
                    ed:1d:b9:97:9e:ca:ba:f8:90:ed:a7:18:79:f2:31:
                    4a:e7:69:3c:cc:23:98:14:95:84:13:79:82:a7:ec:
                    0f:69:63:2a:fb:e9:14:18:c1:ed:4b:31:79:85:90:
                    0c:1a:4e:77:96:cd:0b:0c:f5:a4:da:75:26:77:77:
                    74:91:20:4c:a4:71:a5:e4:5e:37:9f:9f:88:ce:12:
                    de:a7:3f:d9:12:74:1e:c7:6b:92:f9:8d:ba:24:66:
                    5e:34:63:26:bf:09:4b:b2:4d:b9:c1:f4:04:26:0d:
                    a1:7a:12:46:21:f1:64:ff:64:33:1c:ee:b8:91:13:
                    5a:f2:a0:28:7e:ee:67:56:c1:b2:8c:88:c5:f8:b7:
                    1c:e9:ea:f1:f5:43:19:41:c6:74:8a:4e:90:7e:20:
                    a3:eb:0f:ed:9d:15:95:29:84:e2:3d:80:e5:bc:bf:
                    d3:7a:21:1b:ad:92:70:73:cf:7a:79:0d:a3:77:3d:
                    ff:c2:f6:d2:05:d5:42:d0:c1:56:03:ea:74:b0:47:
                    57:92:8e:ce:57:1e:9e:7a:3c:97:b5:75:dd:49:b5:
                    37:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:67:06:EC:E2:31:B4:0F:68:EB:16:36:9E:4D:3E:20:5C:11:E6:9C
            X509v3 Authority Key Identifier:
                keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/C2cG7OIxtA9o6xY2nk0-IFwR5pw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.232.0/24
                  45.153.237.0-45.153.238.255

    Signature Algorithm: sha256WithRSAEncryption
         69:06:88:10:be:1d:3f:3c:26:2b:b0:b9:f4:42:e9:26:69:91:
         6f:14:e7:79:17:19:22:13:83:92:5f:c3:29:ce:5c:3f:92:85:
         18:e9:b1:05:d3:6d:e3:11:e0:ea:af:42:cc:ff:92:bf:a0:90:
         4f:bd:25:91:16:b9:19:f7:f2:43:cf:a4:9a:97:b0:1f:6b:7c:
         bb:2d:64:05:66:dd:23:3f:0b:68:78:94:f2:40:65:70:e3:de:
         7f:e5:31:ca:19:35:22:2e:31:52:84:8c:f9:60:5b:1e:a1:69:
         52:43:08:46:f9:36:26:e2:fa:da:a9:2e:67:6f:a9:5e:7c:07:
         99:d3:87:50:ce:20:98:ba:1f:ef:98:69:ad:74:89:a2:c6:7d:
         3c:56:c7:c7:c3:3c:36:8c:b3:40:f0:e9:90:8b:c1:b3:d0:84:
         f2:5a:14:dc:62:8b:c4:0c:8f:ad:e8:c0:46:1c:43:74:0b:a7:
         a7:9a:5d:37:e5:93:ab:52:e4:a0:76:68:5a:43:1c:e8:16:23:
         82:32:9e:a4:e2:4f:11:3a:8b:24:6f:82:1f:bc:eb:7e:31:01:
         14:b1:8d:97:70:72:07:0a:54:f0:5c:f0:26:c5:0d:a6:6f:e3:
         d2:b4:5f:ea:a5:ed:29:24:8f:05:59:98:80:f4:c4:3f:15:7f:
         31:bf:9f:1f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYLVKAYUsZFyyItKP6jwdg68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjIwODI1MTMxOTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjY3MDZlY2UyMzFiNDBmNjhlYjE2MzY5ZTRkM2UyMDVjMTFlNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGnKG8WSgC8mGAYoRaO5OWJbUjX4
yAzD4xr1GDw/et2+CLK/ka/GtEKYws7tHbmXnsq6+JDtpxh58jFK52k8zCOYFJWE
E3mCp+wPaWMq++kUGMHtSzF5hZAMGk53ls0LDPWk2nUmd3d0kSBMpHGl5F43n5+I
zhLepz/ZEnQex2uS+Y26JGZeNGMmvwlLsk25wfQEJg2hehJGIfFk/2QzHO64kRNa
8qAofu5nVsGyjIjF+Lcc6erx9UMZQcZ0ik6QfiCj6w/tnRWVKYTiPYDlvL/TeiEb
rZJwc896eQ2jdz3/wvbSBdVC0MFWA+p0sEdXko7OVx6eejyXtXXdSbU35QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAtnBuziMbQPaOsWNp5NPiBcEeacMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvQzJjRzdPSXh0QTlvNnhZMm5rMC1JRndSNXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALQvoMAwD
BAAtme0DBAAtme4wDQYJKoZIhvcNAQELBQADggEBAGkGiBC+HT88JiuwufRC6SZp
kW8U53kXGSITg5JfwynOXD+ShRjpsQXTbeMR4OqvQsz/kr+gkE+9JZEWuRn38kPP
pJqXsB9rfLstZAVm3SM/C2h4lPJAZXDj3n/lMcoZNSIuMVKEjPlgWx6haVJDCEb5
Nibi+tqpLmdvqV58B5nTh1DOIJi6H++Yaa10iaLGfTxWx8fDPDaMs0Dw6ZCLwbPQ
hPJaFNxii8QMj63owEYcQ3QLp6eaXTflk6tS5KB2aFpDHOgWI4IynqTiTxE6iyRv
gh+8634xARSxjZdwcgcKVPBc8CbFDaZv49K0X+ql7SkkjwVZmID0xD8VfzG/nx8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:08 2024 by rpki-client on console-ams.rpki-client.org