Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/b7aJqSS6_uJUnRm4GhTCpYoyb5w.roa
File:                     b7aJqSS6_uJUnRm4GhTCpYoyb5w.roa (raw, json)
Hash identifier:          W4KoBEbCTZ6Eck5qQdPHAcZBN+hNR8c9CyVu2b/8Ivg=
Subject key identifier:   6F:B6:89:A9:24:BA:FE:E2:54:9D:19:B8:1A:14:C2:A5:8A:32:6F:9C
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0183FE357A3857881D528552E5C3D3FE4F4F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/b7aJqSS6_uJUnRm4GhTCpYoyb5w.roa
Signing time:             Sat 22 Oct 2022 05:41:01 +0000
ROA not before:           Sat 22 Oct 2022 05:41:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35913
IP address blocks:        45.89.32.0/22 maxlen: 24
                          84.245.57.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:fe:35:7a:38:57:88:1d:52:85:52:e5:c3:d3:fe:4f:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Oct 22 05:41:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6fb689a924bafee2549d19b81a14c2a58a326f9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:56:2b:0c:28:30:ce:95:93:a0:cd:c2:cf:d9:
                    cd:57:e8:47:bf:a8:4b:64:7a:f6:96:d0:c1:96:f4:
                    4f:95:cd:27:f7:c7:48:67:a9:14:dd:74:be:d6:76:
                    6b:cf:d5:4b:c7:2a:50:aa:f8:2c:de:28:d3:2b:9c:
                    01:f7:2f:27:0f:16:ea:cb:2d:9e:72:db:a4:ee:a0:
                    9d:3c:9e:a5:14:66:74:ed:07:1b:9c:f2:72:cd:e3:
                    93:af:b8:70:c7:67:01:fc:4c:9d:41:89:c7:c7:bb:
                    5e:74:b9:90:6d:2f:cc:43:2d:9f:33:e5:38:4a:ba:
                    01:2b:ae:48:f8:75:68:d7:af:d3:2e:0a:2d:11:35:
                    19:6c:14:3a:d1:56:0f:df:c0:b3:08:d4:fc:04:ba:
                    48:e8:e2:92:c4:93:b8:ff:01:93:8e:9a:7a:88:27:
                    9a:1d:ef:6c:66:aa:6f:41:dc:3b:c3:a7:ca:e1:08:
                    91:6f:99:89:8b:76:97:7e:e2:02:3b:fe:ed:b1:cd:
                    80:d9:93:09:27:36:af:04:4b:f1:c2:7f:1c:b2:f9:
                    86:44:ef:cd:80:64:9c:bd:ea:7b:bd:00:ee:e6:e9:
                    9d:cc:5e:46:37:72:3b:b8:61:d1:a8:37:56:51:d1:
                    3e:c2:9a:be:11:0f:c1:8a:42:7a:fe:43:52:e1:1d:
                    cb:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:B6:89:A9:24:BA:FE:E2:54:9D:19:B8:1A:14:C2:A5:8A:32:6F:9C
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/b7aJqSS6_uJUnRm4GhTCpYoyb5w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.32.0/22
                  84.245.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:51:da:f6:33:40:9a:a4:09:0d:e9:e2:8e:4f:b4:48:d0:5d:
         2d:62:d2:e0:99:ff:bf:7c:f4:e6:01:92:04:99:86:14:5e:f4:
         fb:f6:28:a3:af:47:57:30:a9:9e:70:c7:90:ce:22:fb:29:7d:
         fc:a5:69:ba:09:97:e9:90:14:2d:4c:dd:8c:a4:f7:4b:23:63:
         ec:8b:f7:16:79:e9:21:32:93:fc:a3:9b:eb:05:a0:ae:9d:17:
         dc:1a:d4:9d:70:de:4f:fe:9d:22:0f:36:03:0e:57:2b:c8:72:
         58:86:12:04:f3:6f:f2:0a:bd:7b:2f:1f:56:48:69:ef:3a:62:
         f1:70:1c:f3:3b:e4:4c:eb:66:2a:f4:f2:8d:e1:0e:5d:25:eb:
         5b:28:b3:18:9b:dc:03:7f:e3:7e:4b:c7:28:48:a0:ac:d6:54:
         36:0e:64:e9:87:5d:0a:80:d2:e8:b1:53:05:23:28:ae:3c:88:
         3d:14:11:37:f0:4e:9f:24:53:4a:c9:38:24:5b:4d:ba:ac:4a:
         b2:41:65:00:df:d4:0c:d5:d6:bf:25:9c:4a:b6:0c:48:f8:ab:
         51:8a:a1:bd:9b:18:cc:11:54:2d:28:6e:2a:d6:26:bc:a4:ee:
         6b:d8:a1:d3:bb:01:b0:f7:30:5a:93:db:38:ec:e3:5d:a7:d0:
         17:ea:51:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP+NXo4V4gdUoVS5cPT/k9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMDIyMDU0MTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmI2ODlhOTI0YmFmZWUyNTQ5ZDE5YjgxYTE0YzJhNThhMzI2ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVYrDCgwzpWToM3Cz9nNV+hHv6hL
ZHr2ltDBlvRPlc0n98dIZ6kU3XS+1nZrz9VLxypQqvgs3ijTK5wB9y8nDxbqyy2e
ctuk7qCdPJ6lFGZ07QcbnPJyzeOTr7hwx2cB/EydQYnHx7tedLmQbS/MQy2fM+U4
SroBK65I+HVo16/TLgotETUZbBQ60VYP38CzCNT8BLpI6OKSxJO4/wGTjpp6iCea
He9sZqpvQdw7w6fK4QiRb5mJi3aXfuICO/7tsc2A2ZMJJzavBEvxwn8csvmGRO/N
gGScvep7vQDu5umdzF5GN3I7uGHRqDdWUdE+wpq+EQ/BikJ6/kNS4R3LBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG+2iakkuv7iVJ0ZuBoUwqWKMm+cMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYjdhSnFTUzZfdUpVblJtNEdoVENwWW95YjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVkgAwQA
VPU5MA0GCSqGSIb3DQEBCwUAA4IBAQB4Udr2M0CapAkN6eKOT7RI0F0tYtLgmf+/
fPTmAZIEmYYUXvT79iijr0dXMKmecMeQziL7KX38pWm6CZfpkBQtTN2MpPdLI2Ps
i/cWeekhMpP8o5vrBaCunRfcGtSdcN5P/p0iDzYDDlcryHJYhhIE82/yCr17Lx9W
SGnvOmLxcBzzO+RM62Yq9PKN4Q5dJetbKLMYm9wDf+N+S8coSKCs1lQ2DmTph10K
gNLosVMFIyiuPIg9FBE38E6fJFNKyTgkW026rEqyQWUA39QM1da/JZxKtgxI+KtR
iqG9mxjMEVQtKG4q1ia8pO5r2KHTuwGw9zBak9s47ONdp9AX6lEL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org