Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EIxL3MuR_AZQ3e9oJUWNlPJpf10.roa
File:                     EIxL3MuR_AZQ3e9oJUWNlPJpf10.roa (raw, json)
Hash identifier:          JrouxM5SaXlwAnKjg6VVIvxlxxv/UEUdoReuSA26LYY=
Subject key identifier:   10:8C:4B:DC:CB:91:FC:06:50:DD:EF:68:25:45:8D:94:F2:69:7F:5D
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0CB50294
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EIxL3MuR_AZQ3e9oJUWNlPJpf10.roa
Signing time:             Sat 01 Jan 2022 05:04:58 +0000
ROA not before:           Sat 01 Jan 2022 05:04:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     45671
IP address blocks:        45.8.70.0/24 maxlen: 24
                          45.133.7.0/24 maxlen: 24
                          45.133.6.0/24 maxlen: 24
                          45.67.96.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 213189268 (0xcb50294)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  1 05:04:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=108c4bdccb91fc0650ddef6825458d94f2697f5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:1b:e9:0f:f6:14:24:06:00:9f:dd:d7:ee:34:
                    74:fd:75:38:25:21:15:7a:af:81:02:07:58:e2:f4:
                    69:c2:6e:d7:d8:43:f2:3d:6d:11:59:1b:7b:ab:47:
                    ae:af:d9:69:98:75:1b:e7:05:65:6a:a9:38:37:fe:
                    2a:74:a2:4e:11:b6:36:c6:5e:53:87:30:bc:8f:15:
                    2c:22:cc:4d:5d:e2:23:3f:8c:1c:16:0a:e1:63:4c:
                    ed:6c:24:31:e9:9b:1f:a3:f7:c3:5f:3b:38:a8:ae:
                    52:9f:24:77:ca:3f:2f:9c:d0:fa:f6:ad:a5:60:de:
                    c2:46:9e:7f:72:7d:06:fc:8a:d3:53:fd:b1:cd:9d:
                    ea:eb:94:ae:71:5d:05:f3:7d:3e:19:68:2e:b9:ef:
                    37:50:32:03:e2:0c:55:16:26:cc:4e:2a:fc:64:60:
                    90:9f:9f:8d:5e:50:ac:0f:2c:b8:77:f3:f5:93:74:
                    77:0a:31:d9:85:ab:4e:70:3a:29:e3:20:bb:c5:55:
                    29:43:06:41:13:01:cf:31:4b:90:74:36:e6:a5:40:
                    d7:ec:9d:d2:54:99:67:29:26:9c:eb:95:50:73:56:
                    c0:7c:3e:dd:3d:e8:28:47:ed:28:49:30:b4:b7:7c:
                    ba:9a:7f:ce:cb:f9:2b:75:f2:cf:89:4b:b0:f3:7e:
                    f6:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:8C:4B:DC:CB:91:FC:06:50:DD:EF:68:25:45:8D:94:F2:69:7F:5D
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EIxL3MuR_AZQ3e9oJUWNlPJpf10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.70.0/24
                  45.67.96.0/24
                  45.133.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:60:36:d1:89:78:82:f6:c5:44:74:c3:2f:27:6f:bd:52:61:
         df:cc:7f:1b:7d:34:53:57:df:0c:72:26:49:0c:7b:dc:3d:85:
         dd:a9:7e:aa:29:b0:04:57:84:71:e9:83:5c:6c:29:2c:ae:07:
         e5:00:a4:9a:4e:2a:6c:ae:82:dc:93:35:2a:b3:f3:80:32:d6:
         48:99:34:dd:08:61:57:e4:08:60:81:ad:5d:47:73:7a:9d:4b:
         c4:a6:71:4c:cc:67:64:f0:e7:68:68:e4:46:1e:c3:90:57:96:
         d0:57:df:48:3a:01:58:37:8e:90:68:d0:f0:0a:a7:3d:d6:62:
         ee:82:a3:38:89:cb:19:e8:92:20:6a:fc:42:b4:38:3d:81:6c:
         3b:5a:86:f6:4c:e9:6b:41:94:86:02:d9:ad:97:35:01:78:4d:
         f8:18:54:1e:5c:e6:74:b2:f9:ee:b7:af:ad:1a:f1:46:d1:30:
         ca:84:e7:37:6a:22:99:9b:85:fc:25:0d:19:41:b4:40:b7:60:
         44:77:90:bf:c7:d8:54:21:c9:1a:e7:3a:9d:3c:25:35:32:ba:
         70:cb:fa:02:5a:b6:c9:e7:07:74:fb:bf:f3:ba:07:6f:3f:fe:
         d1:b2:d1:a1:2d:67:5c:11:c0:16:8a:94:62:10:dd:48:e5:42:
         50:f9:fe:12
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDLUClDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTA4YzRiZGNjYjkx
ZmMwNjUwZGRlZjY4MjU0NThkOTRmMjY5N2Y1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYb6Q/2FCQGAJ/d1+40dP11OCUhFXqvgQIHWOL0acJu19hD
8j1tEVkbe6tHrq/ZaZh1G+cFZWqpODf+KnSiThG2NsZeU4cwvI8VLCLMTV3iIz+M
HBYK4WNM7WwkMembH6P3w187OKiuUp8kd8o/L5zQ+vatpWDewkaef3J9BvyK01P9
sc2d6uuUrnFdBfN9PhloLrnvN1AyA+IMVRYmzE4q/GRgkJ+fjV5QrA8suHfz9ZN0
dwox2YWrTnA6KeMgu8VVKUMGQRMBzzFLkHQ25qVA1+yd0lSZZykmnOuVUHNWwHw+
3T3oKEftKEkwtLd8upp/zsv5K3Xyz4lLsPN+9ncCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQQjEvcy5H8BlDd72glRY2U8ml/XTAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L0VJeEwzTXVSX0FaUTNlOW9KVVdObFBKcGYxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC0IRgMEAC1DYAMEAS2FBjANBgkq
hkiG9w0BAQsFAAOCAQEAF2A20Yl4gvbFRHTDLydvvVJh38x/G300U1ffDHImSQx7
3D2F3al+qimwBFeEcemDXGwpLK4H5QCkmk4qbK6C3JM1KrPzgDLWSJk03QhhV+QI
YIGtXUdzep1LxKZxTMxnZPDnaGjkRh7DkFeW0FffSDoBWDeOkGjQ8AqnPdZi7oKj
OInLGeiSIGr8QrQ4PYFsO1qG9kzpa0GUhgLZrZc1AXhN+BhUHlzmdLL57revrRrx
RtEwyoTnN2oimZuF/CUNGUG0QLdgRHeQv8fYVCHJGuc6nTwlNTK6cMv6Alq2yecH
dPu/87oHbz/+0bLRoS1nXBHAFoqUYhDdSOVCUPn+Eg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org