Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/83KifAEpvsv8N5hBbD7585Tkps0.roa
File:                     83KifAEpvsv8N5hBbD7585Tkps0.roa (raw, json)
Hash identifier:          1HgZDxvFFkz6ob8GQTrMTb3NyUrSfBhn7/qqf+41Zfo=
Subject key identifier:   F3:72:A2:7C:01:29:BE:CB:FC:37:98:41:6C:3E:F9:F3:94:E4:A6:CD
Certificate issuer:       /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial:       02EA9C90
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/83KifAEpvsv8N5hBbD7585Tkps0.roa
Signing time:             Sat 01 Jan 2022 15:59:50 +0000
ROA not before:           Sat 01 Jan 2022 15:59:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212283
IP address blocks:        45.143.200.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 48929936 (0x2ea9c90)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
        Validity
            Not Before: Jan  1 15:59:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f372a27c0129becbfc3798416c3ef9f394e4a6cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:05:31:ee:41:7e:8c:f9:a7:b9:40:05:e8:2e:
                    77:3a:c9:b7:37:e1:1d:2e:59:6d:5f:3c:04:1c:28:
                    a0:86:38:6e:da:af:09:f5:db:28:f8:40:82:65:b6:
                    98:6c:53:81:fd:3a:1b:6f:70:6d:d1:09:ce:6e:dc:
                    f6:0d:69:10:12:9e:09:bc:14:8d:d1:b2:8c:1c:63:
                    34:08:73:ea:af:41:fb:97:c5:f4:bb:a4:8b:90:64:
                    bf:5f:6e:f7:ea:65:55:36:5a:69:e2:c2:df:ee:e7:
                    73:2d:a3:7f:40:eb:07:8b:4b:7d:4c:88:8d:ae:77:
                    e7:e3:05:20:62:aa:1a:2d:02:b5:e0:71:77:07:b2:
                    28:ab:d6:72:b6:49:8e:a9:67:64:a3:ab:47:f1:c8:
                    b3:4a:50:7e:4e:ef:4b:bf:c5:df:3e:2e:2d:b3:e7:
                    d4:bf:f6:a0:c2:26:db:62:56:40:4d:02:c1:51:85:
                    26:a7:e0:ca:55:10:59:ed:0c:91:50:1d:8a:73:29:
                    93:c5:40:cc:2a:94:ec:3b:37:10:22:47:8e:a6:ce:
                    e4:51:1c:0f:1e:bd:83:82:fc:d8:10:37:a7:32:a0:
                    df:a9:85:7a:6a:2b:b6:69:81:5d:38:1b:7e:db:f5:
                    6f:2f:71:ed:71:38:50:3a:fd:a4:63:16:63:2f:69:
                    29:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:72:A2:7C:01:29:BE:CB:FC:37:98:41:6C:3E:F9:F3:94:E4:A6:CD
            X509v3 Authority Key Identifier:
                keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/83KifAEpvsv8N5hBbD7585Tkps0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:3c:38:94:8e:75:3f:c4:72:a8:5e:c2:ad:83:5e:fa:db:13:
         d8:07:98:da:ff:a4:19:ae:a2:96:4d:df:5f:2e:a3:ba:b5:ae:
         23:40:1f:c6:46:5c:36:19:62:a2:e9:3b:9c:3f:ad:9e:54:0c:
         7c:5d:61:82:4c:87:d2:36:e7:19:08:dc:36:50:8e:83:c9:3a:
         da:a2:2e:b7:1d:ac:fe:bd:59:10:ee:bb:30:4e:ee:7a:93:4d:
         56:c4:8b:ad:d0:23:5e:81:92:05:63:47:53:49:57:b2:c4:7b:
         14:f3:ed:ef:74:bf:6a:43:60:13:ed:6f:5b:41:a1:27:65:ff:
         a2:6e:70:2c:9a:7a:6b:ba:f1:7f:57:15:ad:f7:15:53:22:39:
         07:f4:3a:88:0b:5e:02:68:5e:e8:30:93:5b:f3:7c:f0:8b:25:
         72:0e:08:52:6e:22:4c:16:f6:8a:50:00:4b:a9:a3:05:86:0d:
         f2:0d:d2:81:ad:5d:26:12:fa:1c:51:97:15:d6:77:86:31:7f:
         1c:ad:a2:9a:46:e8:eb:4e:5c:6a:39:8e:10:04:b9:61:74:0e:
         3f:1f:cf:01:69:75:64:3a:51:28:35:50:07:54:86:e1:44:de:
         98:2b:dc:ed:d3:89:d2:fc:6b:51:bb:94:e3:8a:37:80:5e:e7:
         a4:c0:90:43
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAuqckDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWFmMTJmNWNhNzVjOTIyYTRhYTVkYWNiNDljMDRhOTMyMzdmNGVkMB4XDTIyMDEw
MTE1NTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjM3MmEyN2MwMTI5
YmVjYmZjMzc5ODQxNmMzZWY5ZjM5NGU0YTZjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYFMe5Bfoz5p7lABegudzrJtzfhHS5ZbV88BBwooIY4btqv
CfXbKPhAgmW2mGxTgf06G29wbdEJzm7c9g1pEBKeCbwUjdGyjBxjNAhz6q9B+5fF
9Luki5Bkv19u9+plVTZaaeLC3+7ncy2jf0DrB4tLfUyIja535+MFIGKqGi0CteBx
dweyKKvWcrZJjqlnZKOrR/HIs0pQfk7vS7/F3z4uLbPn1L/2oMIm22JWQE0CwVGF
JqfgylUQWe0MkVAdinMpk8VAzCqU7Ds3ECJHjqbO5FEcDx69g4L82BA3pzKg36mF
emortmmBXTgbftv1by9x7XE4UDr9pGMWYy9pKdECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTzcqJ8ASm+y/w3mEFsPvnzlOSmzTAfBgNVHSMEGDAWgBSxrxL1ynXJIqSq
Xay0nASpMjf07TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhOFM5Y3AxeVNLa3FsMnN0SndFcVRJMzlPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvY2JjZjY4LTdjYmYtNDdmMC04MmVlLTU3NjBlZmJjYzY1NC8x
LzgzS2lmQUVwdnN2OE41aEJiRDc1ODVUa3BzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
Y2JjZjY4LTdjYmYtNDdmMC04MmVlLTU3NjBlZmJjYzY1NC8xL3NhOFM5Y3AxeVNL
a3FsMnN0SndFcVRJMzlPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2PyDANBgkqhkiG9w0BAQsFAAOC
AQEAcDw4lI51P8RyqF7CrYNe+tsT2AeY2v+kGa6ilk3fXy6jurWuI0AfxkZcNhli
ouk7nD+tnlQMfF1hgkyH0jbnGQjcNlCOg8k62qIutx2s/r1ZEO67ME7uepNNVsSL
rdAjXoGSBWNHU0lXssR7FPPt73S/akNgE+1vW0GhJ2X/om5wLJp6a7rxf1cVrfcV
UyI5B/Q6iAteAmhe6DCTW/N88Islcg4IUm4iTBb2ilAAS6mjBYYN8g3Sga1dJhL6
HFGXFdZ3hjF/HK2imkbo605cajmOEAS5YXQOPx/PAWl1ZDpRKDVQB1SG4UTemCvc
7dOJ0vxrUbuU44o3gF7npMCQQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:29 2024 by rpki-client on console-ams.rpki-client.org