Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/7RmNpHeVwNGaPV30Xtsbs3kqYRo.roa
File:                     7RmNpHeVwNGaPV30Xtsbs3kqYRo.roa (raw, json)
Hash identifier:          ZCFAhPygCaEZxFCWSlQ8pUeJTkYfbJ+UBwnbjNsh6SY=
Subject key identifier:   ED:19:8D:A4:77:95:C0:D1:9A:3D:5D:F4:5E:DB:1B:B3:79:2A:61:1A
Certificate issuer:       /CN=51ecf9babc9ca6bae9085ce292fb1c2cc18d344f
Certificate serial:       01835504A31E11E3CD317A128C144988E3E3
Authority key identifier: 51:EC:F9:BA:BC:9C:A6:BA:E9:08:5C:E2:92:FB:1C:2C:C1:8D:34:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Uez5urycprrpCFzikvscLMGNNE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/7RmNpHeVwNGaPV30Xtsbs3kqYRo.roa
Signing time:             Mon 19 Sep 2022 09:11:50 +0000
ROA not before:           Mon 19 Sep 2022 09:11:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     142111
IP address blocks:        45.158.62.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:55:04:a3:1e:11:e3:cd:31:7a:12:8c:14:49:88:e3:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51ecf9babc9ca6bae9085ce292fb1c2cc18d344f
        Validity
            Not Before: Sep 19 09:11:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ed198da47795c0d19a3d5df45edb1bb3792a611a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:7a:a7:02:00:85:c7:37:67:e0:f0:78:c7:b2:
                    24:a1:0a:b4:63:32:69:1a:e6:57:21:01:db:b7:b9:
                    e5:74:95:a5:4a:34:3f:22:67:97:e0:16:b8:68:41:
                    49:3d:5d:e7:22:ec:57:06:55:bf:25:07:47:a3:7e:
                    df:fd:66:5f:47:23:8c:56:1e:cf:4e:a6:3a:20:a7:
                    59:06:ec:5e:fa:75:f6:62:1a:f4:12:5f:ad:aa:d2:
                    e9:58:cf:cb:1d:df:77:05:4c:f4:fc:ec:01:a7:37:
                    5a:7c:88:6d:a6:99:46:81:91:b2:36:75:01:73:de:
                    73:5a:3a:8f:11:f8:1d:01:4d:f0:4f:39:53:70:bd:
                    cb:b4:e8:ea:93:8f:fc:6c:af:2c:f0:53:d6:b4:45:
                    7c:f4:0a:b8:bf:ba:05:7c:db:a4:f7:86:62:a4:a5:
                    e4:8c:3f:8f:5e:35:8f:6b:5e:0e:ce:79:da:70:82:
                    35:f2:df:a4:4e:af:d7:a1:85:de:cb:85:10:d4:80:
                    c3:c0:56:53:d4:7d:03:e2:12:7f:c1:42:cb:78:b9:
                    8d:e6:a4:ee:fd:e0:98:67:c3:81:e4:a4:e5:16:ca:
                    a9:21:ea:5f:07:f0:9a:3d:02:d1:67:4f:8e:f4:00:
                    90:2d:a8:e0:0f:90:98:c2:32:ef:58:f1:06:da:27:
                    3e:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:19:8D:A4:77:95:C0:D1:9A:3D:5D:F4:5E:DB:1B:B3:79:2A:61:1A
            X509v3 Authority Key Identifier:
                keyid:51:EC:F9:BA:BC:9C:A6:BA:E9:08:5C:E2:92:FB:1C:2C:C1:8D:34:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uez5urycprrpCFzikvscLMGNNE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/7RmNpHeVwNGaPV30Xtsbs3kqYRo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/Uez5urycprrpCFzikvscLMGNNE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a2:2b:72:ef:8a:62:06:29:02:70:f2:99:41:cc:3e:bb:c0:2b:
         26:97:ed:5d:1c:0e:6b:b5:67:b7:a1:97:8e:68:d6:b2:20:55:
         b0:61:97:2f:5a:32:5c:7e:1f:32:6c:d3:cf:c9:a1:74:af:81:
         62:9a:1a:0c:e9:b3:70:b1:a9:bf:ad:5c:ac:ac:39:bf:e0:44:
         06:d9:72:8c:38:a1:0d:c7:df:38:95:28:fd:fe:61:d3:9b:b8:
         97:3b:45:be:3f:e1:7c:7a:20:8b:13:f0:88:43:16:5b:2c:eb:
         c2:14:3c:a4:fc:ad:0d:11:09:4e:a6:ac:8e:12:71:98:c0:9c:
         e1:a8:7b:50:69:bc:97:4f:3e:9e:6b:30:f9:67:e8:3f:37:23:
         9b:91:40:66:f4:7b:5e:b5:d0:b2:77:4f:3a:09:f4:b3:e4:8a:
         a7:c5:2b:fe:fd:27:3e:21:91:5e:60:76:3e:62:a5:72:41:52:
         3d:42:d4:be:d9:51:d7:a8:33:f2:cb:c7:39:c5:d1:a9:a1:ec:
         f6:af:3b:d1:2e:79:b7:ff:40:2f:b7:44:85:1d:07:1a:39:82:
         66:63:32:8b:fd:90:e3:98:8e:71:97:14:7d:f9:a0:bf:14:ef:
         17:86:7b:11:63:68:13:37:af:f4:35:72:bb:99:9a:36:9d:35:
         66:49:63:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNVBKMeEePNMXoSjBRJiOPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZWNmOWJhYmM5Y2E2YmFlOTA4NWNlMjkyZmIxYzJjYzE4
ZDM0NGYwHhcNMjIwOTE5MDkxMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDE5OGRhNDc3OTVjMGQxOWEzZDVkZjQ1ZWRiMWJiMzc5MmE2MTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXqnAgCFxzdn4PB4x7IkoQq0YzJp
GuZXIQHbt7nldJWlSjQ/ImeX4Ba4aEFJPV3nIuxXBlW/JQdHo37f/WZfRyOMVh7P
TqY6IKdZBuxe+nX2Yhr0El+tqtLpWM/LHd93BUz0/OwBpzdafIhtpplGgZGyNnUB
c95zWjqPEfgdAU3wTzlTcL3LtOjqk4/8bK8s8FPWtEV89Aq4v7oFfNuk94ZipKXk
jD+PXjWPa14OznnacII18t+kTq/XoYXey4UQ1IDDwFZT1H0D4hJ/wULLeLmN5qTu
/eCYZ8OB5KTlFsqpIepfB/CaPQLRZ0+O9ACQLajgD5CYwjLvWPEG2ic+3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0ZjaR3lcDRmj1d9F7bG7N5KmEaMB8GA1UdIwQY
MBaAFFHs+bq8nKa66Qhc4pL7HCzBjTRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWV6NXVyeWNwcnJwQ0Z6aWt2c2NMTUdOTkU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mYjA0YzgtNzA1Ny00NWI3LWEzNGMt
ZGNmYzZhOWUwZGM3LzEvN1JtTnBIZVZ3TkdhUFYzMFh0c2JzM2txWVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mYjA0YzgtNzA1Ny00NWI3LWEzNGMtZGNmYzZhOWUwZGM3
LzEvVWV6NXVyeWNwcnJwQ0Z6aWt2c2NMTUdOTkU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZ4+MA0G
CSqGSIb3DQEBCwUAA4IBAQCiK3LvimIGKQJw8plBzD67wCsml+1dHA5rtWe3oZeO
aNayIFWwYZcvWjJcfh8ybNPPyaF0r4FimhoM6bNwsam/rVysrDm/4EQG2XKMOKEN
x984lSj9/mHTm7iXO0W+P+F8eiCLE/CIQxZbLOvCFDyk/K0NEQlOpqyOEnGYwJzh
qHtQabyXTz6eazD5Z+g/NyObkUBm9HtetdCyd086CfSz5IqnxSv+/Sc+IZFeYHY+
YqVyQVI9QtS+2VHXqDPyy8c5xdGpoez2rzvRLnm3/0Avt0SFHQcaOYJmYzKL/ZDj
mI5xlxR9+aC/FO8XhnsRY2gTN6/0NXK7mZo2nTVmSWPK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:56 2024 by rpki-client on console-ams.rpki-client.org