Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/Gvg90aGYovwzI9Iqug7zOtgVvcE.roa
File:                     Gvg90aGYovwzI9Iqug7zOtgVvcE.roa (raw, json)
Hash identifier:          SBaJjHae14eu3vqN5qRw3/xeAIA8FjzW1HLW/WLRDPs=
Subject key identifier:   1A:F8:3D:D1:A1:98:A2:FC:33:23:D2:2A:BA:0E:F3:3A:D8:15:BD:C1
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       07553A7C
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/Gvg90aGYovwzI9Iqug7zOtgVvcE.roa
Signing time:             Sat 01 Jan 2022 03:51:26 +0000
ROA not before:           Sat 01 Jan 2022 03:51:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3320
IP address blocks:        45.132.80.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123026044 (0x7553a7c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: Jan  1 03:51:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1af83dd1a198a2fc3323d22aba0ef33ad815bdc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e0:14:b1:94:52:86:cc:3f:ce:cc:6a:c7:c8:
                    b3:72:05:40:83:9a:1d:0a:d1:20:ae:85:3b:c5:e9:
                    39:78:ed:ab:d6:0f:fc:48:3a:17:2e:4a:8c:23:52:
                    00:3c:bf:e6:04:07:c2:18:ea:8f:9c:4b:2b:bb:47:
                    2d:ca:43:e7:34:b0:db:f6:a2:d8:96:22:63:00:55:
                    5a:cd:5e:ca:e3:0c:20:dc:4f:c3:6f:80:4b:f9:27:
                    7f:a8:07:9b:8e:cf:fd:a5:de:6d:1d:5d:7b:1c:0b:
                    b8:3b:89:2a:de:a9:61:89:a9:59:67:8d:f1:e2:2d:
                    dc:b4:da:ab:08:a7:e6:02:d4:ee:28:58:db:20:fd:
                    9e:44:16:c6:6c:bb:f3:19:34:1d:e2:d7:49:48:42:
                    e7:e4:1f:9f:f1:6b:96:d9:d6:d5:1f:26:b5:22:b2:
                    84:f3:6e:70:2b:90:ae:09:aa:96:e8:65:82:01:02:
                    f7:d6:c0:e7:a6:b9:43:51:46:42:55:2a:ff:b2:26:
                    0d:e5:61:7a:f7:40:ce:0a:f1:0a:4a:61:b0:dd:8e:
                    70:ad:d5:35:04:1f:50:03:c1:20:1d:c8:b8:ad:35:
                    f7:f3:7e:d0:c5:6a:84:e4:a0:77:34:e2:0f:a0:48:
                    a2:ac:41:db:c0:e3:cf:96:50:32:00:87:36:91:a5:
                    fd:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:F8:3D:D1:A1:98:A2:FC:33:23:D2:2A:BA:0E:F3:3A:D8:15:BD:C1
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/Gvg90aGYovwzI9Iqug7zOtgVvcE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         47:c0:0c:2b:22:45:17:6d:82:aa:13:67:2e:3c:4e:f5:86:74:
         ef:ad:11:39:ba:ba:5f:9e:de:68:1d:89:43:21:68:e8:62:da:
         00:49:75:1e:5e:b1:24:51:71:c9:5d:cb:c6:13:bf:08:d6:f7:
         67:22:42:89:80:fa:2f:3d:2e:12:00:3a:4e:2d:7e:9f:7e:77:
         51:06:d6:c2:93:9b:ab:99:56:a1:26:76:68:a7:7e:de:d7:5a:
         b2:d9:bf:73:f3:ef:a1:31:34:e6:4b:18:53:b4:4c:46:e3:50:
         6d:f4:8a:80:e3:bb:1b:93:18:06:df:77:25:62:95:62:ad:73:
         ab:bd:96:e3:4d:91:f6:46:e9:7d:30:fb:11:25:96:36:89:f2:
         35:45:f6:66:c2:6f:50:21:6e:bb:0e:0b:a5:d6:70:e7:34:7d:
         05:3c:08:af:ec:f8:70:dc:10:66:aa:48:5d:6c:54:d0:6d:19:
         d9:db:31:d1:87:6b:1d:e5:5a:8d:87:98:40:21:d0:eb:65:c7:
         a5:9e:94:33:29:bf:a6:8e:8e:21:06:bb:6f:65:f3:05:9b:28:
         ce:66:c6:5e:11:13:35:69:8b:29:fc:de:f9:72:1f:06:6e:dd:
         44:23:7e:3d:fc:79:95:49:69:aa:a9:fc:43:db:2b:d4:16:72:
         56:aa:01:e8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB1U6fDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDEw
MTAzNTEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWFmODNkZDFhMTk4
YTJmYzMzMjNkMjJhYmEwZWYzM2FkODE1YmRjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfgFLGUUobMP87MasfIs3IFQIOaHQrRIK6FO8XpOXjtq9YP
/Eg6Fy5KjCNSADy/5gQHwhjqj5xLK7tHLcpD5zSw2/ai2JYiYwBVWs1eyuMMINxP
w2+AS/knf6gHm47P/aXebR1dexwLuDuJKt6pYYmpWWeN8eIt3LTaqwin5gLU7ihY
2yD9nkQWxmy78xk0HeLXSUhC5+Qfn/FrltnW1R8mtSKyhPNucCuQrgmqluhlggEC
99bA56a5Q1FGQlUq/7ImDeVhevdAzgrxCkphsN2OcK3VNQQfUAPBIB3IuK019/N+
0MVqhOSgdzTiD6BIoqxB28Djz5ZQMgCHNpGl/aMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQa+D3RoZii/DMj0iq6DvM62BW9wTAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L0d2ZzkwYUdZb3Z3ekk5SXF1Zzd6T3RnVnZjRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2EUDANBgkqhkiG9w0BAQsFAAOC
AQEAR8AMKyJFF22CqhNnLjxO9YZ0760RObq6X57eaB2JQyFo6GLaAEl1Hl6xJFFx
yV3LxhO/CNb3ZyJCiYD6Lz0uEgA6Ti1+n353UQbWwpObq5lWoSZ2aKd+3tdastm/
c/PvoTE05ksYU7RMRuNQbfSKgOO7G5MYBt93JWKVYq1zq72W402R9kbpfTD7ESWW
NonyNUX2ZsJvUCFuuw4LpdZw5zR9BTwIr+z4cNwQZqpIXWxU0G0Z2dsx0YdrHeVa
jYeYQCHQ62XHpZ6UMym/po6OIQa7b2XzBZsozmbGXhETNWmLKfze+XIfBm7dRCN+
Pfx5lUlpqqn8Q9sr1BZyVqoB6A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:12 2023 by rpki-client on console-ams.rpki-client.org