Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/saTmia0jZ_WM2wkSls_CZYMniHI.roa
File:                     saTmia0jZ_WM2wkSls_CZYMniHI.roa (raw, json)
Hash identifier:          rxC4MsdopOgw2qTKqm8Is4+dzBh4Xrp50+/JHq0cuKo=
Subject key identifier:   B1:A4:E6:89:AD:23:67:F5:8C:DB:09:12:96:CF:C2:65:83:27:88:72
Certificate issuer:       /CN=2326eeeadd4c0ee55b3594a596e67220819c18d5
Certificate serial:       07F35209
Authority key identifier: 23:26:EE:EA:DD:4C:0E:E5:5B:35:94:A5:96:E6:72:20:81:9C:18:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/saTmia0jZ_WM2wkSls_CZYMniHI.roa
Signing time:             Sat 01 Jan 2022 03:59:18 +0000
ROA not before:           Sat 01 Jan 2022 03:59:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51519
IP address blocks:        45.132.233.0/24 maxlen: 24
                          45.132.232.0/22 maxlen: 22
                          45.132.235.0/24 maxlen: 24
                          2a0e:73c0::/29 maxlen: 29
                          2a0e:73c2:cafe::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 133386761 (0x7f35209)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2326eeeadd4c0ee55b3594a596e67220819c18d5
        Validity
            Not Before: Jan  1 03:59:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b1a4e689ad2367f58cdb091296cfc26583278872
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ac:42:49:10:48:33:14:a8:23:82:bf:d3:63:
                    43:bd:d7:2b:50:ed:e7:64:c7:92:d1:5b:13:20:17:
                    3a:34:0b:7d:7c:f8:5a:eb:73:95:d4:25:8e:0d:ea:
                    18:30:0f:c8:ed:aa:94:c2:86:b1:1d:13:78:67:db:
                    8e:f8:10:5f:49:2e:d6:1e:f0:0f:cb:84:ae:4a:89:
                    45:fa:9f:c4:bf:6d:97:66:7d:cf:86:d5:9e:85:a0:
                    50:a9:d9:51:9e:6f:93:d5:f8:00:a0:4e:9f:3d:10:
                    ab:ae:2e:b3:f6:94:a2:96:d4:18:98:1b:ab:44:01:
                    01:0b:ad:94:d4:18:bb:28:e5:51:c4:00:56:12:0f:
                    7d:49:82:4c:bc:89:95:28:d9:7d:c9:bc:5c:ab:ff:
                    e2:e5:a7:53:f3:d8:01:88:60:7e:98:98:ab:b0:06:
                    af:cd:1a:59:91:8c:b2:8b:57:fe:bb:c6:04:40:dd:
                    cf:ba:07:42:5e:95:f6:e0:ae:21:e4:61:cd:67:f7:
                    93:37:93:43:92:27:1c:47:83:26:15:bf:bf:d6:9c:
                    c6:f4:7f:b9:a7:75:ff:20:53:79:81:cd:d4:2d:c9:
                    d1:0c:1a:f0:a4:d3:40:d3:ec:f5:34:db:73:04:bb:
                    85:ee:b5:84:45:0f:7b:fa:75:69:59:cf:9f:6a:4a:
                    58:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:A4:E6:89:AD:23:67:F5:8C:DB:09:12:96:CF:C2:65:83:27:88:72
            X509v3 Authority Key Identifier:
                keyid:23:26:EE:EA:DD:4C:0E:E5:5B:35:94:A5:96:E6:72:20:81:9C:18:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/saTmia0jZ_WM2wkSls_CZYMniHI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/Iybu6t1MDuVbNZSlluZyIIGcGNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.232.0/22
                IPv6:
                  2a0e:73c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         97:d0:dd:ec:22:c0:e4:b0:4b:52:65:3f:ab:14:35:6a:1b:c7:
         00:5f:ab:8d:cc:25:38:32:aa:b5:fd:f6:e4:6b:16:97:3b:8d:
         48:c6:b2:04:7b:6c:d7:d4:df:35:25:b5:e6:32:b5:8f:51:c6:
         42:32:9b:b9:de:3e:59:33:33:4e:4c:e7:b1:fb:5d:3c:71:be:
         46:e5:c5:ee:54:05:85:d8:18:80:05:d6:cd:ad:c9:e4:08:a3:
         6b:72:6f:10:13:f6:88:ca:c9:53:28:c3:94:8c:94:3d:a1:94:
         90:96:84:b8:2e:55:2f:0c:ed:6d:89:81:4d:df:b7:88:c1:34:
         c6:9e:d8:91:df:05:c9:28:17:85:9e:36:f9:7f:54:5b:11:ad:
         51:3f:b1:93:3e:5c:be:6e:02:40:9b:13:35:b2:e2:de:ae:47:
         29:d4:30:54:e9:34:f8:c4:9c:1c:8a:fb:46:a1:89:40:9b:27:
         ad:e9:14:8f:63:75:39:98:8d:7e:bb:04:6d:69:78:d2:50:7c:
         1a:92:8e:0f:d0:b6:10:b1:87:f3:97:76:f0:b6:4b:9e:3e:f2:
         7b:93:70:73:5a:5c:e5:d4:35:c1:95:04:49:69:df:76:b8:58:
         28:0e:18:6a:42:03:b5:c9:ce:41:b1:0d:6f:dd:45:9d:82:4b:
         ed:db:3a:38
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB/NSCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzI2ZWVlYWRkNGMwZWU1NWIzNTk0YTU5NmU2NzIyMDgxOWMxOGQ1MB4XDTIyMDEw
MTAzNTkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFhNGU2ODlhZDIz
NjdmNThjZGIwOTEyOTZjZmMyNjU4MzI3ODg3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOsQkkQSDMUqCOCv9NjQ73XK1Dt52THktFbEyAXOjQLfXz4
WutzldQljg3qGDAPyO2qlMKGsR0TeGfbjvgQX0ku1h7wD8uErkqJRfqfxL9tl2Z9
z4bVnoWgUKnZUZ5vk9X4AKBOnz0Qq64us/aUopbUGJgbq0QBAQutlNQYuyjlUcQA
VhIPfUmCTLyJlSjZfcm8XKv/4uWnU/PYAYhgfpiYq7AGr80aWZGMsotX/rvGBEDd
z7oHQl6V9uCuIeRhzWf3kzeTQ5InHEeDJhW/v9acxvR/uad1/yBTeYHN1C3J0Qwa
8KTTQNPs9TTbcwS7he61hEUPe/p1aVnPn2pKWL8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSxpOaJrSNn9YzbCRKWz8JlgyeIcjAfBgNVHSMEGDAWgBQjJu7q3UwO5Vs1
lKWW5nIggZwY1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l5YnU2dDFNRHVWYk5aU2xsdVp5SUlHY0dOVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvYTU5ODBkLTY1ZjQtNDU3My05NzU5LTMzNDE1OTY3YzIxMy8x
L3NhVG1pYTBqWl9XTTJ3a1Nsc19DWllNbmlISS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
YTU5ODBkLTY1ZjQtNDU3My05NzU5LTMzNDE1OTY3YzIxMy8xL0l5YnU2dDFNRHVW
Yk5aU2xsdVp5SUlHY0dOVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2E6DANBAIAAjAHAwUDKg5zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAl9Dd7CLA5LBLUmU/qxQ1ahvHAF+rjcwlODKqtf32
5GsWlzuNSMayBHts19TfNSW15jK1j1HGQjKbud4+WTMzTkznsftdPHG+RuXF7lQF
hdgYgAXWza3J5Aija3JvEBP2iMrJUyjDlIyUPaGUkJaEuC5VLwztbYmBTd+3iME0
xp7Ykd8FySgXhZ42+X9UWxGtUT+xkz5cvm4CQJsTNbLi3q5HKdQwVOk0+MScHIr7
RqGJQJsnrekUj2N1OZiNfrsEbWl40lB8GpKOD9C2ELGH85d28LZLnj7ye5Nwc1pc
5dQ1wZUESWnfdrhYKA4YakIDtcnOQbENb91FnYJL7ds6OA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:58 2024 by rpki-client on console-ams.rpki-client.org