Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/l8_NHr9I_G_PQgsWSZl5ldCyri4.roa
File:                     l8_NHr9I_G_PQgsWSZl5ldCyri4.roa (raw, json)
Hash identifier:          tYgt63ZZmBJu749RNnEIQik2eZ2W2+4uCmbeuzzrvaE=
Subject key identifier:   97:CF:CD:1E:BF:48:FC:6F:CF:42:0B:16:49:99:79:95:D0:B2:AE:2E
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0182441994F180EC3F640A7F241C7747E322
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/l8_NHr9I_G_PQgsWSZl5ldCyri4.roa
Signing time:             Thu 28 Jul 2022 09:18:23 +0000
ROA not before:           Thu 28 Jul 2022 09:18:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     45671
IP address blocks:        45.133.7.0/24 maxlen: 24
                          45.133.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:44:19:94:f1:80:ec:3f:64:0a:7f:24:1c:77:47:e3:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jul 28 09:18:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=97cfcd1ebf48fc6fcf420b1649997995d0b2ae2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:70:67:5e:ca:4a:b9:e2:11:93:02:5f:69:c5:
                    c5:f9:3b:01:fa:2a:42:8a:c9:bc:e0:fb:0b:0b:48:
                    a4:3b:08:16:24:b2:42:f6:cd:2d:18:07:f1:d9:de:
                    73:58:62:c0:78:da:3b:7c:bc:d5:21:46:c0:ed:b0:
                    e9:00:04:b5:96:a6:8d:6c:3f:da:b6:9a:1c:0e:02:
                    73:54:0a:5f:cf:b9:99:66:b7:67:45:96:41:75:4d:
                    f7:e0:78:cb:7d:13:ce:b1:1f:21:4c:77:9a:76:d0:
                    cb:ce:9d:e2:7c:20:d9:2e:35:cb:da:e7:e0:02:d3:
                    cb:63:7a:13:1e:58:d4:e4:2b:9a:bc:10:15:bc:95:
                    b4:97:88:8a:95:b8:cb:e7:f8:6b:9b:dd:09:18:d2:
                    e6:ca:77:87:9b:1b:fa:56:7a:2a:f2:45:ea:bd:08:
                    f9:cc:3a:f3:f4:5f:e2:82:dc:59:99:7f:09:c7:69:
                    b7:c1:ff:59:05:74:bd:52:5b:48:3a:54:7e:e5:0f:
                    c8:97:d6:2d:67:d1:f4:c0:67:bc:af:38:c9:d8:67:
                    0f:97:10:11:fc:43:f7:d0:1f:c3:1b:35:b0:91:51:
                    04:60:a7:51:ed:23:03:35:f9:2f:55:05:a8:48:04:
                    7e:dc:c2:00:d9:c0:fe:36:60:be:c5:c7:80:96:d1:
                    c9:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:CF:CD:1E:BF:48:FC:6F:CF:42:0B:16:49:99:79:95:D0:B2:AE:2E
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/l8_NHr9I_G_PQgsWSZl5ldCyri4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         26:81:f8:14:87:44:73:db:88:83:c2:e5:81:16:91:3c:8c:b3:
         99:ff:fc:5f:15:1f:48:b7:09:f0:76:48:28:02:97:9e:11:6e:
         d0:e4:49:78:e1:4a:6a:44:51:09:89:8e:0b:6c:9c:1c:ff:fe:
         fd:f9:30:a5:73:4b:5c:be:2b:90:ba:87:bc:27:27:1a:6b:28:
         2b:9a:7a:c0:e6:ed:09:df:ef:86:51:48:89:e6:28:e8:89:a5:
         b2:9d:88:47:ca:9e:d5:b5:8f:49:ef:41:37:7b:6a:15:49:26:
         65:85:25:b1:92:37:6d:da:cf:b0:dd:ce:15:05:0f:ac:35:29:
         c0:b6:f5:fe:7e:f9:33:2a:87:1d:c6:7d:35:80:b2:45:4d:a2:
         73:cc:54:e2:54:2b:a1:e3:d4:95:80:f9:18:0d:bc:7b:53:a1:
         9a:93:d7:fc:3c:5d:09:8d:6f:cd:7a:b6:54:b3:ec:2b:12:34:
         2a:29:72:58:4b:3a:7e:ce:4f:4c:04:eb:58:74:33:c8:a2:70:
         9c:9b:3d:3a:f4:47:1e:eb:1a:f1:bc:40:26:31:ca:42:88:73:
         ea:8b:ce:54:11:ca:a9:11:86:a9:9d:94:21:6c:0b:26:ac:d2:
         31:46:28:d1:bb:fe:32:ce:25:de:ab:a2:ec:7e:dd:9d:37:3f:
         d2:0a:f4:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJEGZTxgOw/ZAp/JBx3R+MiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwNzI4MDkxODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2NmY2QxZWJmNDhmYzZmY2Y0MjBiMTY0OTk5Nzk5NWQwYjJhZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnBnXspKueIRkwJfacXF+TsB+ipC
ism84PsLC0ikOwgWJLJC9s0tGAfx2d5zWGLAeNo7fLzVIUbA7bDpAAS1lqaNbD/a
tpocDgJzVApfz7mZZrdnRZZBdU334HjLfRPOsR8hTHeadtDLzp3ifCDZLjXL2ufg
AtPLY3oTHljU5CuavBAVvJW0l4iKlbjL5/hrm90JGNLmyneHmxv6Vnoq8kXqvQj5
zDrz9F/igtxZmX8Jx2m3wf9ZBXS9UltIOlR+5Q/Il9YtZ9H0wGe8rzjJ2GcPlxAR
/EP30B/DGzWwkVEEYKdR7SMDNfkvVQWoSAR+3MIA2cD+NmC+xceAltHJ6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfPzR6/SPxvz0ILFkmZeZXQsq4uMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbDhfTkhyOUlfR19QUWdzV1NabDVsZEN5cmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYUGMA0G
CSqGSIb3DQEBCwUAA4IBAQAmgfgUh0Rz24iDwuWBFpE8jLOZ//xfFR9Itwnwdkgo
ApeeEW7Q5El44UpqRFEJiY4LbJwc//79+TClc0tcviuQuoe8JycaaygrmnrA5u0J
3++GUUiJ5ijoiaWynYhHyp7VtY9J70E3e2oVSSZlhSWxkjdt2s+w3c4VBQ+sNSnA
tvX+fvkzKocdxn01gLJFTaJzzFTiVCuh49SVgPkYDbx7U6Gak9f8PF0JjW/NerZU
s+wrEjQqKXJYSzp+zk9MBOtYdDPIonCcmz069Ece6xrxvEAmMcpCiHPqi85UEcqp
EYapnZQhbAsmrNIxRijRu/4yziXeq6Lsft2dNz/SCvQk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org