Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4Gz5uJyDN0qIJOLpmt4YtaNpkPA.roa
File:                     4Gz5uJyDN0qIJOLpmt4YtaNpkPA.roa (raw, json)
Hash identifier:          IE1u1PePO/VAcx9o3WcL58jt35GTcObNan1sEMCi8kc=
Subject key identifier:   E0:6C:F9:B8:9C:83:37:4A:88:24:E2:E9:9A:DE:18:B5:A3:69:90:F0
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       01824AA8A8EA2F4FC2EB03187280CD894C1F
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4Gz5uJyDN0qIJOLpmt4YtaNpkPA.roa
Signing time:             Fri 29 Jul 2022 15:52:23 +0000
ROA not before:           Fri 29 Jul 2022 15:52:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203629
IP address blocks:        45.95.201.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:4a:a8:a8:ea:2f:4f:c2:eb:03:18:72:80:cd:89:4c:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jul 29 15:52:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e06cf9b89c83374a8824e2e99ade18b5a36990f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e0:74:66:97:d2:51:3d:9f:b4:7d:20:dc:5d:
                    9f:ad:4a:4c:d7:ef:37:87:87:7c:88:3f:b7:77:52:
                    bf:11:6b:c6:fa:8b:84:de:be:dd:bc:16:c7:de:1d:
                    1f:fd:bc:a2:3f:0b:46:77:64:5b:7c:9e:5f:ce:41:
                    3b:39:10:5a:56:1b:e8:71:a7:04:c0:1c:7d:52:89:
                    c8:1a:35:8b:a9:42:db:4a:a6:83:fa:e7:a7:bb:bb:
                    be:a9:cd:35:6a:2d:cd:63:c7:c3:7e:39:3f:3f:e1:
                    e1:3c:38:09:dd:e6:28:4f:a1:20:08:2c:44:44:92:
                    0d:19:e2:5a:c9:6f:ea:94:1e:f9:85:04:97:14:3a:
                    39:43:b1:f5:02:ce:05:a1:89:1f:24:e6:69:11:06:
                    b8:17:98:a5:8a:70:4f:ea:8e:dd:a8:42:ff:1e:49:
                    76:70:b3:cd:9e:25:c7:66:64:97:de:89:b2:a9:24:
                    9c:32:58:d7:44:3d:68:f8:73:cc:41:a9:a4:47:0e:
                    53:b1:54:00:6a:9b:0e:42:fb:d3:bf:0c:e3:f0:2e:
                    07:1b:ea:00:d1:e7:93:09:ed:a6:3e:e5:db:64:a3:
                    ee:53:f4:ff:fc:2b:22:c8:1f:9e:f7:5a:93:7c:50:
                    22:28:2e:56:c7:e3:82:a0:3b:9f:bd:81:b9:e0:5d:
                    31:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:6C:F9:B8:9C:83:37:4A:88:24:E2:E9:9A:DE:18:B5:A3:69:90:F0
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4Gz5uJyDN0qIJOLpmt4YtaNpkPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:b3:e1:a1:e1:c4:be:33:da:a9:be:59:d0:fe:38:68:a3:27:
         a7:9b:a9:24:e5:c2:ec:94:33:4c:c8:77:91:90:07:8e:e1:c6:
         c4:bb:4b:70:b2:a7:e4:06:12:95:cf:bf:cf:50:29:f2:c2:9f:
         fa:7d:86:1d:13:00:ad:70:04:6a:60:e9:b9:15:11:9a:e6:4d:
         0b:80:f5:57:2c:e8:65:58:50:24:7d:bf:5e:bd:02:7d:27:ea:
         3c:a4:af:fe:f3:b9:ad:8a:d8:0c:7a:cb:34:24:3c:e1:f7:8b:
         27:1b:40:4e:13:9b:43:90:d1:30:87:8a:ed:8c:e1:57:da:9d:
         98:82:ae:89:b3:79:24:d1:9d:8c:e0:37:c7:7c:29:af:35:25:
         9f:43:35:11:1b:3a:f0:05:de:69:a5:4c:b3:27:2d:f9:58:d2:
         cf:d2:3d:65:17:95:9b:9b:7e:f8:8f:67:7b:c4:de:c7:18:54:
         5e:8c:18:08:b6:25:14:e9:31:70:23:40:a4:b7:a3:08:98:58:
         5d:41:1a:7a:da:0f:be:49:7f:14:4e:e5:5d:6c:eb:d2:32:fa:
         fb:db:4b:cb:e3:da:7d:9e:16:13:a4:aa:bb:98:a3:22:0c:91:
         a6:0c:94:fd:2d:06:ce:13:d8:bb:af:a3:93:e5:4c:bb:d2:59:
         2b:7e:9a:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJKqKjqL0/C6wMYcoDNiUwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwNzI5MTU1MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDZjZjliODljODMzNzRhODgyNGUyZTk5YWRlMThiNWEzNjk5MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOB0ZpfSUT2ftH0g3F2frUpM1+83
h4d8iD+3d1K/EWvG+ouE3r7dvBbH3h0f/byiPwtGd2RbfJ5fzkE7ORBaVhvocacE
wBx9UonIGjWLqULbSqaD+uenu7u+qc01ai3NY8fDfjk/P+HhPDgJ3eYoT6EgCCxE
RJINGeJayW/qlB75hQSXFDo5Q7H1As4FoYkfJOZpEQa4F5ilinBP6o7dqEL/Hkl2
cLPNniXHZmSX3omyqSScMljXRD1o+HPMQamkRw5TsVQAapsOQvvTvwzj8C4HG+oA
0eeTCe2mPuXbZKPuU/T//CsiyB+e91qTfFAiKC5Wx+OCoDufvYG54F0xjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOBs+bicgzdKiCTi6ZreGLWjaZDwMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvNEd6NXVKeUROMHFJSk9McG10NFl0YU5wa1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/JMA0G
CSqGSIb3DQEBCwUAA4IBAQCQs+Gh4cS+M9qpvlnQ/jhooyenm6kk5cLslDNMyHeR
kAeO4cbEu0twsqfkBhKVz7/PUCnywp/6fYYdEwCtcARqYOm5FRGa5k0LgPVXLOhl
WFAkfb9evQJ9J+o8pK/+87mtitgMess0JDzh94snG0BOE5tDkNEwh4rtjOFX2p2Y
gq6Js3kk0Z2M4DfHfCmvNSWfQzURGzrwBd5ppUyzJy35WNLP0j1lF5Wbm374j2d7
xN7HGFRejBgItiUU6TFwI0Ckt6MImFhdQRp62g++SX8UTuVdbOvSMvr720vL49p9
nhYTpKq7mKMiDJGmDJT9LQbOE9i7r6OT5Uy70lkrfpoX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org