Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/szIRcfFLlj6IDgaIp7WP6uHiR7o.roa
File:                     szIRcfFLlj6IDgaIp7WP6uHiR7o.roa (raw, json)
Hash identifier:          nYJtc8Bh+u0W4J8WAp/I3m2cpQTSRAwF0eJbHbGaX2M=
Subject key identifier:   B3:32:11:71:F1:4B:96:3E:88:0E:06:88:A7:B5:8F:EA:E1:E2:47:BA
Certificate issuer:       /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial:       0424662E
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/szIRcfFLlj6IDgaIp7WP6uHiR7o.roa
Signing time:             Sat 01 Jan 2022 05:57:22 +0000
ROA not before:           Sat 01 Jan 2022 05:57:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     46261
IP address blocks:        45.153.239.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69494318 (0x424662e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
        Validity
            Not Before: Jan  1 05:57:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b3321171f14b963e880e0688a7b58feae1e247ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:e8:a8:89:04:6f:ab:92:2b:19:97:fe:e4:90:
                    44:c2:39:14:1d:ba:60:e4:2e:18:36:e7:36:a0:c5:
                    9c:29:1a:21:ea:d5:da:58:97:db:03:39:b3:12:ad:
                    ca:22:21:71:9b:31:7b:e8:4f:10:9a:85:4a:26:8a:
                    af:c6:e9:26:10:ec:6c:b3:7f:96:e6:47:2a:9b:0d:
                    d8:14:de:50:01:1b:57:ab:8b:c2:3f:66:4f:64:6e:
                    b8:5d:10:b3:06:43:43:4b:0a:6a:f2:8f:f6:79:d3:
                    90:82:26:37:16:06:53:41:92:8e:62:b6:16:5e:43:
                    6b:17:fa:5b:ac:4b:4e:06:5f:f9:d0:64:a6:43:12:
                    23:08:aa:d0:04:f8:8f:5b:7b:92:22:a1:4b:74:7d:
                    7e:aa:d4:f1:d3:64:88:0b:18:cb:ec:9e:9d:94:98:
                    2e:ba:9f:2c:20:55:fc:03:ba:aa:4d:1c:23:84:eb:
                    f2:7d:d6:e9:61:51:33:ee:fe:da:23:bb:2f:b1:fd:
                    88:c1:96:05:a5:86:7d:69:1f:6d:de:90:79:cb:09:
                    1f:5b:f3:fc:a6:af:bd:2c:c9:12:bd:1e:97:3f:ab:
                    f8:0e:04:f1:3e:29:6d:fc:da:8e:c8:b2:03:d9:77:
                    06:23:d4:7f:63:eb:65:93:81:db:47:4e:25:da:5b:
                    09:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:32:11:71:F1:4B:96:3E:88:0E:06:88:A7:B5:8F:EA:E1:E2:47:BA
            X509v3 Authority Key Identifier:
                keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/szIRcfFLlj6IDgaIp7WP6uHiR7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:66:f7:b8:83:17:21:0a:84:2b:fd:69:5e:72:8c:b2:62:86:
         1d:e9:51:de:d6:d8:52:23:ec:fd:4a:8d:14:0f:b3:7a:a0:5b:
         17:ef:5c:d7:69:3a:6b:f1:cc:bb:58:11:e6:9f:9d:3b:00:8d:
         58:ff:08:44:34:de:78:41:ae:59:db:6a:6c:8c:f6:45:cb:b0:
         7a:72:2e:fc:a9:60:87:7b:43:46:45:a3:a6:68:48:9d:e2:a6:
         4a:f2:44:97:ff:94:56:2e:6b:8f:cf:96:2f:54:b7:d3:05:32:
         cd:55:18:9c:ff:d3:5a:47:4e:7a:b6:ec:0e:c8:e2:61:d3:b0:
         8e:f4:3e:3e:86:69:aa:47:ab:e6:c2:46:9d:63:36:d8:5d:ce:
         55:9a:64:e9:e3:97:e0:07:0e:a8:19:9d:31:45:03:2a:11:ad:
         ca:c5:8b:49:99:bf:51:25:a1:f0:3d:1a:66:3f:24:86:6a:06:
         d8:94:48:01:67:fd:cc:0c:56:9d:f1:be:1e:ed:6c:40:3d:81:
         d6:83:0c:d1:02:e2:58:24:02:c0:0c:aa:97:d5:b8:74:b9:03:
         14:32:37:59:94:1c:ff:6b:1d:66:e1:d5:7f:14:dc:f3:f5:1f:
         19:2c:cd:b2:63:81:f0:34:88:a6:94:77:15:73:66:e7:6e:e5:
         08:3c:e5:c5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCRmLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzQ0NmRhN2E3MGJjZTc3M2VjMmJjMTY1NWFhZTMwYzNjMTg0MTJjMB4XDTIyMDEw
MTA1NTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjMzMjExNzFmMTRi
OTYzZTg4MGUwNjg4YTdiNThmZWFlMWUyNDdiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHoqIkEb6uSKxmX/uSQRMI5FB26YOQuGDbnNqDFnCkaIerV
2liX2wM5sxKtyiIhcZsxe+hPEJqFSiaKr8bpJhDsbLN/luZHKpsN2BTeUAEbV6uL
wj9mT2RuuF0QswZDQ0sKavKP9nnTkIImNxYGU0GSjmK2Fl5Daxf6W6xLTgZf+dBk
pkMSIwiq0AT4j1t7kiKhS3R9fqrU8dNkiAsYy+yenZSYLrqfLCBV/AO6qk0cI4Tr
8n3W6WFRM+7+2iO7L7H9iMGWBaWGfWkfbd6QecsJH1vz/KavvSzJEr0elz+r+A4E
8T4pbfzajsiyA9l3BiPUf2PrZZOB20dOJdpbCckCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSzMhFx8UuWPogOBointY/q4eJHujAfBgNVHSMEGDAWgBQjRG2npwvOdz7C
vBZVquMMPBhBLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kwUnRwNmNMem5jLXdyd1dWYXJqRER3WVFTdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJiOS8x
L3N6SVJjZkZMbGo2SURnYUlwN1dQNnVIaVI3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
ZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJiOS8xL0kwUnRwNmNMem5j
LXdyd1dWYXJqRER3WVFTdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2Z7zANBgkqhkiG9w0BAQsFAAOC
AQEAVWb3uIMXIQqEK/1pXnKMsmKGHelR3tbYUiPs/UqNFA+zeqBbF+9c12k6a/HM
u1gR5p+dOwCNWP8IRDTeeEGuWdtqbIz2RcuwenIu/Klgh3tDRkWjpmhIneKmSvJE
l/+UVi5rj8+WL1S30wUyzVUYnP/TWkdOerbsDsjiYdOwjvQ+PoZpqker5sJGnWM2
2F3OVZpk6eOX4AcOqBmdMUUDKhGtysWLSZm/USWh8D0aZj8khmoG2JRIAWf9zAxW
nfG+Hu1sQD2B1oMM0QLiWCQCwAyql9W4dLkDFDI3WZQc/2sdZuHVfxTc8/UfGSzN
smOB8DSIppR3FXNm527lCDzlxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:08 2024 by rpki-client on console-ams.rpki-client.org