Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/HMc4dADnS3AmtvqTE-bSM0Z5UuA.roa
File:                     HMc4dADnS3AmtvqTE-bSM0Z5UuA.roa (raw, json)
Hash identifier:          JDaO8tiEmUG4THTiGxOKB/ncpXRgLgo7QkMA2R4x75A=
Subject key identifier:   1C:C7:38:74:00:E7:4B:70:26:B6:FA:93:13:E6:D2:33:46:79:52:E0
Certificate issuer:       /CN=51ecf9babc9ca6bae9085ce292fb1c2cc18d344f
Certificate serial:       01847C85082D40A5CEEF8678F0CB503604D5
Authority key identifier: 51:EC:F9:BA:BC:9C:A6:BA:E9:08:5C:E2:92:FB:1C:2C:C1:8D:34:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Uez5urycprrpCFzikvscLMGNNE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/HMc4dADnS3AmtvqTE-bSM0Z5UuA.roa
Signing time:             Tue 15 Nov 2022 18:20:03 +0000
ROA not before:           Tue 15 Nov 2022 18:20:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62240
IP address blocks:        45.158.62.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7c:85:08:2d:40:a5:ce:ef:86:78:f0:cb:50:36:04:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51ecf9babc9ca6bae9085ce292fb1c2cc18d344f
        Validity
            Not Before: Nov 15 18:20:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1cc7387400e74b7026b6fa9313e6d233467952e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:de:9f:af:9b:9b:cb:e2:28:10:a8:09:e5:9d:
                    c5:2a:2a:db:57:3a:5e:0d:f8:91:c3:a8:4b:78:1c:
                    64:ee:c5:c0:a9:e4:e8:2d:2c:9e:66:c2:bf:49:34:
                    58:aa:59:7b:18:33:fa:0f:3a:94:4d:17:26:32:47:
                    0b:e4:06:21:ff:3d:46:a7:e8:76:d4:1d:e0:70:cc:
                    43:63:f4:8b:1d:c8:f4:8a:54:ac:9e:93:d2:f8:a3:
                    c1:94:ac:4c:c1:7c:b0:c7:45:ac:c1:c8:4e:c6:ea:
                    53:86:30:d8:4b:25:84:57:44:3a:4d:d9:4d:ef:85:
                    44:38:5c:c3:cc:26:05:7a:56:5e:1f:5f:22:57:c5:
                    91:14:f0:bf:4a:16:9f:d1:f9:e6:d1:25:87:b7:82:
                    37:85:b2:f0:f1:ec:dc:14:a4:76:96:0a:ec:fa:c1:
                    8b:4c:8d:f3:49:8a:26:65:86:91:6f:55:06:ce:3b:
                    43:3f:94:05:69:34:4b:26:c4:1d:50:8b:12:79:67:
                    14:0e:5c:fd:fd:f9:ec:b8:d6:e8:f2:5a:89:de:d1:
                    a0:d3:d5:d5:85:15:70:cd:98:56:e5:21:74:8f:98:
                    0e:23:0c:c4:88:c1:33:5b:78:a7:0a:61:ca:b6:a5:
                    17:fc:6f:e7:5e:d7:a1:dd:0f:4d:01:1e:71:f1:e6:
                    c4:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:C7:38:74:00:E7:4B:70:26:B6:FA:93:13:E6:D2:33:46:79:52:E0
            X509v3 Authority Key Identifier:
                keyid:51:EC:F9:BA:BC:9C:A6:BA:E9:08:5C:E2:92:FB:1C:2C:C1:8D:34:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uez5urycprrpCFzikvscLMGNNE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/HMc4dADnS3AmtvqTE-bSM0Z5UuA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/Uez5urycprrpCFzikvscLMGNNE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a0:9e:25:d2:e7:6c:45:a2:84:4b:f1:43:bc:31:0a:4f:3f:b6:
         18:c9:4e:ca:57:e4:d2:29:e9:fc:70:71:0c:1e:a8:43:49:bd:
         fb:92:ef:77:55:41:aa:57:64:58:f9:d6:c1:8f:86:b4:8c:6c:
         2d:18:4e:dc:3f:28:15:23:e6:6c:fc:48:24:65:7a:58:43:39:
         21:ee:7d:ad:42:61:8a:9c:dc:b0:bb:62:8f:74:3e:26:50:f7:
         56:db:88:1c:07:bc:c0:76:b4:4b:fa:b7:19:d0:eb:23:b4:a4:
         41:22:ff:20:76:ab:42:33:9c:2d:d2:0d:04:7a:65:85:85:f3:
         41:dd:a5:00:00:e3:4b:bb:c3:7d:b7:4f:b6:89:72:53:9c:eb:
         93:24:95:22:b5:b3:6d:1d:c6:58:f6:a1:8b:dc:2f:84:49:9d:
         2b:cd:da:7f:74:eb:53:6a:fa:bc:3b:fc:97:33:ac:72:c1:ab:
         de:aa:97:59:08:51:70:76:31:8a:aa:3f:24:2b:31:7c:50:f7:
         b1:b4:04:f3:e0:97:e7:a0:8d:ee:f0:e8:4f:fc:8e:c8:6f:0a:
         92:8d:f4:c6:c1:57:d2:42:90:bb:91:22:f0:1a:3b:dc:40:33:
         62:b3:81:a0:40:9b:72:c0:fd:67:a0:08:fa:a1:8b:34:84:d0:
         97:f6:d0:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR8hQgtQKXO74Z48MtQNgTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZWNmOWJhYmM5Y2E2YmFlOTA4NWNlMjkyZmIxYzJjYzE4
ZDM0NGYwHhcNMjIxMTE1MTgyMDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M3Mzg3NDAwZTc0YjcwMjZiNmZhOTMxM2U2ZDIzMzQ2Nzk1MmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAit6fr5uby+IoEKgJ5Z3FKirbVzpe
DfiRw6hLeBxk7sXAqeToLSyeZsK/STRYqll7GDP6DzqUTRcmMkcL5AYh/z1Gp+h2
1B3gcMxDY/SLHcj0ilSsnpPS+KPBlKxMwXywx0WswchOxupThjDYSyWEV0Q6TdlN
74VEOFzDzCYFelZeH18iV8WRFPC/Shaf0fnm0SWHt4I3hbLw8ezcFKR2lgrs+sGL
TI3zSYomZYaRb1UGzjtDP5QFaTRLJsQdUIsSeWcUDlz9/fnsuNbo8lqJ3tGg09XV
hRVwzZhW5SF0j5gOIwzEiMEzW3inCmHKtqUX/G/nXteh3Q9NAR5x8ebEGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzHOHQA50twJrb6kxPm0jNGeVLgMB8GA1UdIwQY
MBaAFFHs+bq8nKa66Qhc4pL7HCzBjTRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWV6NXVyeWNwcnJwQ0Z6aWt2c2NMTUdOTkU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mYjA0YzgtNzA1Ny00NWI3LWEzNGMt
ZGNmYzZhOWUwZGM3LzEvSE1jNGRBRG5TM0FtdHZxVEUtYlNNMFo1VXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mYjA0YzgtNzA1Ny00NWI3LWEzNGMtZGNmYzZhOWUwZGM3
LzEvVWV6NXVyeWNwcnJwQ0Z6aWt2c2NMTUdOTkU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZ4+MA0G
CSqGSIb3DQEBCwUAA4IBAQCgniXS52xFooRL8UO8MQpPP7YYyU7KV+TSKen8cHEM
HqhDSb37ku93VUGqV2RY+dbBj4a0jGwtGE7cPygVI+Zs/EgkZXpYQzkh7n2tQmGK
nNywu2KPdD4mUPdW24gcB7zAdrRL+rcZ0OsjtKRBIv8gdqtCM5wt0g0EemWFhfNB
3aUAAONLu8N9t0+2iXJTnOuTJJUitbNtHcZY9qGL3C+ESZ0rzdp/dOtTavq8O/yX
M6xywaveqpdZCFFwdjGKqj8kKzF8UPextATz4JfnoI3u8OhP/I7IbwqSjfTGwVfS
QpC7kSLwGjvcQDNis4GgQJtywP1noAj6oYs0hNCX9tAt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:56 2024 by rpki-client on console-ams.rpki-client.org