Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NQZcRRZKlOR8zJgMEhy8Tyd_188.roa
File:                     NQZcRRZKlOR8zJgMEhy8Tyd_188.roa (raw, json)
Hash identifier:          /VfUJGh6DN+H5Lh4PKNfVQdA1Mi8xU2J9eDIzOeIUSY=
Subject key identifier:   35:06:5C:45:16:4A:94:E4:7C:CC:98:0C:12:1C:BC:4F:27:7F:D7:CF
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0E76902F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NQZcRRZKlOR8zJgMEhy8Tyd_188.roa
Signing time:             Thu 16 Jun 2022 15:32:44 +0000
ROA not before:           Thu 16 Jun 2022 15:32:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206238
IP address blocks:        45.83.232.0/22 maxlen: 24
                          45.142.232.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 242651183 (0xe76902f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jun 16 15:32:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=35065c45164a94e47ccc980c121cbc4f277fd7cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:cd:a3:49:3b:36:fc:c9:74:3e:f7:0c:86:26:
                    d0:68:b4:ca:5b:14:4e:23:d7:c1:31:fc:1d:90:23:
                    3d:17:b1:15:49:dd:8a:47:63:49:41:42:0e:e8:d4:
                    38:96:5b:98:af:f8:b5:80:49:7d:c9:fb:02:f7:c4:
                    15:a1:62:69:50:fc:3a:80:40:9f:cc:bc:bb:8a:41:
                    fa:3c:2c:0f:56:95:4b:47:ef:49:36:42:e8:76:57:
                    02:2b:8a:5e:ae:10:0e:1b:a8:be:74:db:55:95:c6:
                    44:20:27:84:5b:b7:ce:0f:07:6d:2c:6d:d4:9f:98:
                    59:6f:9d:ac:c4:28:08:29:d6:2e:62:db:7b:4c:20:
                    a8:6a:3f:01:75:27:7d:b4:92:f6:db:a7:7f:0c:ce:
                    62:d1:6a:76:d1:c6:b2:b9:0e:49:9c:85:14:9f:87:
                    fb:a8:17:fb:e0:7d:bc:2d:d7:2c:28:76:93:12:a8:
                    a8:d8:6e:49:f6:34:51:7f:1e:05:f9:12:42:7d:83:
                    89:09:f7:39:9a:87:61:e3:b2:ce:25:da:59:89:ed:
                    e6:80:bb:1e:04:1b:9f:2b:ce:e4:d9:84:e3:30:12:
                    e1:5a:8f:3e:b9:06:4f:26:d1:c2:bf:36:66:a6:ce:
                    04:fb:ee:0f:bd:2f:cf:a4:1f:fc:2b:52:f0:5f:40:
                    72:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:06:5C:45:16:4A:94:E4:7C:CC:98:0C:12:1C:BC:4F:27:7F:D7:CF
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NQZcRRZKlOR8zJgMEhy8Tyd_188.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.83.232.0/22
                  45.142.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:d0:3c:f2:c9:fb:05:80:cd:8d:f6:f3:3c:8e:f0:ee:f2:3e:
         d8:45:da:90:e9:3b:76:22:2e:e0:9d:f7:a5:a6:81:eb:0d:8d:
         e5:6b:32:31:d4:5a:8e:36:51:b1:54:87:e9:1e:fe:3d:9b:13:
         f2:a1:fc:9a:2f:3f:b4:1f:78:cc:c5:61:a4:da:94:06:57:9f:
         70:90:35:ca:97:a9:49:a0:b8:57:56:11:f8:37:23:0a:3e:8c:
         9b:a9:f4:38:c7:32:01:b5:1c:4e:4e:ff:1e:0e:7a:fc:86:f2:
         f0:1f:da:db:1f:5e:2f:3f:6c:65:81:d0:5d:ad:56:d1:28:01:
         66:8e:69:15:99:1b:10:76:93:f2:1f:a3:75:de:05:0f:84:0f:
         45:2d:da:d2:eb:b7:9b:29:d3:e8:43:d2:89:80:fe:75:b9:c0:
         69:89:6a:da:3d:ad:3d:2e:04:e2:fa:cc:4c:7f:6f:60:47:a1:
         1d:33:5c:7f:87:38:13:9a:07:f9:b6:0f:1e:a7:cb:8e:88:46:
         e6:34:c9:56:c0:80:94:3f:c4:63:83:f6:fb:f3:c6:17:fd:31:
         f4:5e:55:7d:bb:16:40:b8:9f:0e:c3:63:b0:33:a2:70:34:3c:
         aa:96:15:e9:5a:4f:c7:53:34:26:af:34:6e:ed:58:45:fb:0b:
         bf:63:67:49
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDnaQLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDYx
NjE1MzI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUwNjVjNDUxNjRh
OTRlNDdjY2M5ODBjMTIxY2JjNGYyNzdmZDdjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7No0k7NvzJdD73DIYm0Gi0ylsUTiPXwTH8HZAjPRexFUnd
ikdjSUFCDujUOJZbmK/4tYBJfcn7AvfEFaFiaVD8OoBAn8y8u4pB+jwsD1aVS0fv
STZC6HZXAiuKXq4QDhuovnTbVZXGRCAnhFu3zg8HbSxt1J+YWW+drMQoCCnWLmLb
e0wgqGo/AXUnfbSS9tunfwzOYtFqdtHGsrkOSZyFFJ+H+6gX++B9vC3XLCh2kxKo
qNhuSfY0UX8eBfkSQn2DiQn3OZqHYeOyziXaWYnt5oC7HgQbnyvO5NmE4zAS4VqP
PrkGTybRwr82ZqbOBPvuD70vz6Qf/CtS8F9Acg8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ1BlxFFkqU5HzMmAwSHLxPJ3/XzzAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L05RWmNSUlpLbE9SOHpKZ01FaHk4VHlkXzE4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi1T6AMEAi2O6DANBgkqhkiG9w0B
AQsFAAOCAQEAitA88sn7BYDNjfbzPI7w7vI+2EXakOk7diIu4J33paaB6w2N5Wsy
MdRajjZRsVSH6R7+PZsT8qH8mi8/tB94zMVhpNqUBlefcJA1ypepSaC4V1YR+Dcj
Cj6Mm6n0OMcyAbUcTk7/Hg56/Iby8B/a2x9eLz9sZYHQXa1W0SgBZo5pFZkbEHaT
8h+jdd4FD4QPRS3a0uu3mynT6EPSiYD+dbnAaYlq2j2tPS4E4vrMTH9vYEehHTNc
f4c4E5oH+bYPHqfLjohG5jTJVsCAlD/EY4P2+/PGF/0x9F5VfbsWQLifDsNjsDOi
cDQ8qpYV6VpPx1M0Jq80bu1YRfsLv2NnSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org