Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EztH8sG0HmqVspzLAYMxAljduJo.roa
File:                     EztH8sG0HmqVspzLAYMxAljduJo.roa (raw, json)
Hash identifier:          WdA89SsgOYIqmzC64ffOVm97T6f1mJ3Mz6MF2iNK69E=
Subject key identifier:   13:3B:47:F2:C1:B4:1E:6A:95:B2:9C:CB:01:83:31:02:58:DD:B8:9A
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0DE22FDA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EztH8sG0HmqVspzLAYMxAljduJo.roa
Signing time:             Wed 13 Apr 2022 17:58:36 +0000
ROA not before:           Wed 13 Apr 2022 17:58:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     149782
IP address blocks:        45.91.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 232927194 (0xde22fda)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr 13 17:58:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=133b47f2c1b41e6a95b29ccb0183310258ddb89a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:8c:bc:eb:49:6c:b3:e1:14:7a:3b:08:39:75:
                    3a:95:e2:4e:a0:e0:79:d5:a9:1e:13:6b:7c:05:3b:
                    c7:6f:be:de:7c:5e:be:ed:99:08:61:99:a1:92:5e:
                    77:e7:f3:a3:ee:14:d7:47:b0:f6:fc:e2:e5:fc:6e:
                    66:86:1e:11:28:7b:ca:3e:d0:02:0e:77:77:25:94:
                    69:a0:ba:85:45:1b:66:45:b6:07:b5:28:bc:2b:25:
                    cb:47:db:00:a5:db:02:0c:47:c8:d4:9f:91:c6:db:
                    9f:74:1a:d9:c5:ec:4a:77:f9:bb:b0:c5:ad:1d:e1:
                    1d:10:50:92:07:a7:ca:92:a5:ff:d3:d8:17:a4:98:
                    bb:57:0e:f7:d5:38:eb:8d:e6:e3:91:4d:a5:17:ab:
                    c0:77:82:b0:29:a2:d4:0d:25:fb:bd:25:a4:79:f0:
                    7e:cb:b2:1d:c5:b8:5c:d1:1a:53:a9:0f:59:4d:df:
                    81:24:4c:71:91:8d:80:9b:75:da:27:d7:8c:84:be:
                    e9:ae:59:49:a8:44:70:46:75:f0:99:ae:17:10:9c:
                    5e:7c:43:4b:ae:c8:92:7d:95:1c:c1:06:b3:00:20:
                    a6:60:fb:8a:87:5a:07:48:3a:d1:3c:a6:20:9b:5d:
                    71:14:f4:23:46:cc:61:d0:41:09:bc:77:90:8d:cb:
                    ce:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:3B:47:F2:C1:B4:1E:6A:95:B2:9C:CB:01:83:31:02:58:DD:B8:9A
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EztH8sG0HmqVspzLAYMxAljduJo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:6f:64:e0:e5:4e:70:ec:c5:2d:19:58:9d:78:22:48:0e:39:
         ac:c7:c3:51:1b:d2:e4:ba:af:e3:f3:21:c8:bd:2c:cd:17:1c:
         1f:d8:02:1c:15:38:a9:bc:9e:6f:70:6a:2f:00:b0:1e:f8:73:
         6d:e9:53:9c:b3:8a:34:b4:67:08:e9:f1:88:77:7f:7f:a8:94:
         95:86:25:a0:b0:88:9d:e9:ca:ed:68:20:86:63:4d:cd:56:9e:
         0a:00:1f:39:ae:23:36:6c:ef:bb:51:6f:c8:3a:f6:b8:1a:76:
         50:2c:45:10:61:9b:a3:f2:b2:27:40:16:9b:44:1a:f8:25:1d:
         e6:f4:25:bc:eb:6d:26:b5:e8:27:37:c0:14:dd:e8:08:31:8b:
         ec:62:fe:ff:4c:12:36:b2:cb:75:94:28:49:7b:d4:c4:60:80:
         70:ae:9a:9b:bd:79:55:18:94:1a:0b:89:28:e5:f0:60:43:cb:
         10:f6:02:40:a0:fc:95:b3:72:af:cd:83:75:ab:74:dc:3c:e4:
         1f:22:3f:19:a1:44:b3:b6:11:5e:96:4d:87:60:09:7b:3e:dd:
         56:57:a3:ff:70:fe:66:31:bf:2b:07:6d:74:78:6e:90:73:b5:
         c5:6a:da:ae:e2:75:7c:9d:d4:6d:24:80:eb:b2:5f:32:51:7a:
         04:eb:04:31
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDeIv2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDQx
MzE3NTgzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTMzYjQ3ZjJjMWI0
MWU2YTk1YjI5Y2NiMDE4MzMxMDI1OGRkYjg5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIuMvOtJbLPhFHo7CDl1OpXiTqDgedWpHhNrfAU7x2++3nxe
vu2ZCGGZoZJed+fzo+4U10ew9vzi5fxuZoYeESh7yj7QAg53dyWUaaC6hUUbZkW2
B7UovCsly0fbAKXbAgxHyNSfkcbbn3Qa2cXsSnf5u7DFrR3hHRBQkgenypKl/9PY
F6SYu1cO99U4643m45FNpRerwHeCsCmi1A0l+70lpHnwfsuyHcW4XNEaU6kPWU3f
gSRMcZGNgJt12ifXjIS+6a5ZSahEcEZ18JmuFxCcXnxDS67Ikn2VHMEGswAgpmD7
iodaB0g60TymIJtdcRT0I0bMYdBBCbx3kI3LznECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQTO0fywbQeapWynMsBgzECWN24mjAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L0V6dEg4c0cwSG1xVnNwekxBWU14QWxqZHVKby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1bMzANBgkqhkiG9w0BAQsFAAOC
AQEAkG9k4OVOcOzFLRlYnXgiSA45rMfDURvS5Lqv4/MhyL0szRccH9gCHBU4qbye
b3BqLwCwHvhzbelTnLOKNLRnCOnxiHd/f6iUlYYloLCInenK7WgghmNNzVaeCgAf
Oa4jNmzvu1FvyDr2uBp2UCxFEGGbo/KyJ0AWm0Qa+CUd5vQlvOttJrXoJzfAFN3o
CDGL7GL+/0wSNrLLdZQoSXvUxGCAcK6am715VRiUGguJKOXwYEPLEPYCQKD8lbNy
r82Ddat03DzkHyI/GaFEs7YRXpZNh2AJez7dVlej/3D+ZjG/KwdtdHhukHO1xWra
ruJ1fJ3UbSSA67JfMlF6BOsEMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org