Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ET1V1XMHE_i7WsvNyzGd0OjHitI.roa
File:                     ET1V1XMHE_i7WsvNyzGd0OjHitI.roa (raw, json)
Hash identifier:          ey5GPWTWG6L7kSnOmhTcQPkNFPXJEPZm+uUtx9tDgcA=
Subject key identifier:   11:3D:55:D5:73:07:13:F8:BB:5A:CB:CD:CB:31:9D:D0:E8:C7:8A:D2
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0D111BA5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ET1V1XMHE_i7WsvNyzGd0OjHitI.roa
Signing time:             Mon 24 Jan 2022 12:00:28 +0000
ROA not before:           Mon 24 Jan 2022 12:00:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15162
IP address blocks:        45.130.80.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 219224997 (0xd111ba5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan 24 12:00:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=113d55d5730713f8bb5acbcdcb319dd0e8c78ad2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:9f:34:b0:07:10:95:03:df:39:37:e8:78:29:
                    f6:66:ae:a4:7e:fd:53:bd:15:ed:ab:67:2b:17:a2:
                    d8:af:47:32:82:d9:70:c9:b3:51:2e:8a:12:5b:dd:
                    6b:24:1a:d4:f3:16:7a:e3:24:ed:86:97:23:5b:73:
                    01:7c:58:5c:01:5a:98:99:59:c1:a4:04:e3:d5:db:
                    aa:29:c9:98:14:61:f8:ef:c6:8d:a4:fb:15:ce:d8:
                    3f:ef:c5:04:d9:93:6f:b6:0b:72:15:46:ea:41:fe:
                    d7:40:d4:b3:e9:4f:0e:cb:a6:9b:c1:25:61:f7:7c:
                    5f:18:3e:ee:b6:30:d2:cd:85:01:7d:7c:f0:d3:9b:
                    ae:1d:fa:15:8f:f3:c9:b9:28:9b:80:8d:8c:5b:81:
                    e3:c1:52:c6:de:18:fc:70:89:8f:f3:73:b2:7e:af:
                    ba:11:a0:26:05:9d:16:42:2b:45:27:bb:de:ba:a1:
                    c3:43:c3:a7:0e:4e:f0:42:a0:bf:39:e6:fd:d9:32:
                    09:31:c0:15:13:4d:7b:3b:44:37:01:3a:12:d7:34:
                    1a:c1:51:7c:62:53:ae:56:2b:83:f4:73:d7:75:23:
                    61:f8:d6:7c:c4:e8:b2:d9:b4:44:0a:cc:0c:5b:8e:
                    eb:53:f3:4b:b1:6a:06:38:e9:b2:af:1c:3c:b8:77:
                    22:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:3D:55:D5:73:07:13:F8:BB:5A:CB:CD:CB:31:9D:D0:E8:C7:8A:D2
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ET1V1XMHE_i7WsvNyzGd0OjHitI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:d6:f8:8d:35:92:df:3f:40:6a:83:be:e1:30:4a:f2:a0:00:
         38:99:4a:ec:c4:7f:32:55:51:8b:99:3c:61:c0:d9:ab:5d:35:
         d6:c3:c2:7f:d3:a5:0e:4c:b1:05:56:c5:5b:31:50:0f:ec:c6:
         f0:ef:d1:ab:1b:37:19:d6:31:73:f2:7f:07:c5:ad:89:17:1b:
         75:43:b2:32:80:61:bc:0f:08:19:81:66:44:74:db:76:f0:8f:
         37:3c:52:9e:13:01:7c:6a:88:5c:c3:b7:61:d6:49:cb:ea:a3:
         57:77:d9:4d:24:2c:16:75:e3:51:eb:d3:99:af:b6:74:65:44:
         05:71:82:43:3d:d0:1f:a6:a2:22:e4:c6:55:fc:d2:a2:3f:23:
         4a:ab:ff:36:23:7b:ae:98:4e:62:5c:cf:20:df:da:a8:a4:70:
         41:02:81:2d:6d:3a:9e:c5:98:1d:21:2d:b5:0f:67:00:d0:ba:
         a3:08:15:c0:fb:4b:f8:b3:bd:10:91:44:0f:bd:f5:97:70:1b:
         09:bd:09:f0:df:78:af:a7:56:3d:b1:7b:0b:3d:9c:a8:3e:86:
         02:0a:f7:50:f8:f1:0a:39:bc:4f:ec:db:d7:31:04:ac:91:93:
         36:30:ce:9e:a7:6f:7c:44:62:c8:11:a6:86:e5:49:20:f4:ed:
         fe:02:43:36
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDREbpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEy
NDEyMDAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTEzZDU1ZDU3MzA3
MTNmOGJiNWFjYmNkY2IzMTlkZDBlOGM3OGFkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWfNLAHEJUD3zk36Hgp9maupH79U70V7atnKxei2K9HMoLZ
cMmzUS6KElvdayQa1PMWeuMk7YaXI1tzAXxYXAFamJlZwaQE49XbqinJmBRh+O/G
jaT7Fc7YP+/FBNmTb7YLchVG6kH+10DUs+lPDsumm8ElYfd8Xxg+7rYw0s2FAX18
8NObrh36FY/zybkom4CNjFuB48FSxt4Y/HCJj/Nzsn6vuhGgJgWdFkIrRSe73rqh
w0PDpw5O8EKgvznm/dkyCTHAFRNNeztENwE6Etc0GsFRfGJTrlYrg/Rz13UjYfjW
fMTostm0RArMDFuO61PzS7FqBjjpsq8cPLh3IkECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQRPVXVcwcT+Ltay83LMZ3Q6MeK0jAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L0VUMVYxWE1IRV9pN1dzdk55ekdkME9qSGl0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2CUDANBgkqhkiG9w0BAQsFAAOC
AQEAdtb4jTWS3z9AaoO+4TBK8qAAOJlK7MR/MlVRi5k8YcDZq1011sPCf9OlDkyx
BVbFWzFQD+zG8O/Rqxs3GdYxc/J/B8WtiRcbdUOyMoBhvA8IGYFmRHTbdvCPNzxS
nhMBfGqIXMO3YdZJy+qjV3fZTSQsFnXjUevTma+2dGVEBXGCQz3QH6aiIuTGVfzS
oj8jSqv/NiN7rphOYlzPIN/aqKRwQQKBLW06nsWYHSEttQ9nANC6owgVwPtL+LO9
EJFED731l3AbCb0J8N94r6dWPbF7Cz2cqD6GAgr3UPjxCjm8T+zb1zEErJGTNjDO
nqdvfERiyBGmhuVJIPTt/gJDNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org