Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/83CuQzEN8-qCxlIO6dHgSxVCkqo.roa
File:                     83CuQzEN8-qCxlIO6dHgSxVCkqo.roa (raw, json)
Hash identifier:          3G3VBKazMvNI2Ilh50kQDWNG+fqf8Y/yOHkPbfmD8F0=
Subject key identifier:   F3:70:AE:43:31:0D:F3:EA:82:C6:52:0E:E9:D1:E0:4B:15:42:92:AA
Certificate issuer:       /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial:       018432F0C3A1630F53F9FF767F5FBF3CB092
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/83CuQzEN8-qCxlIO6dHgSxVCkqo.roa
Signing time:             Tue 01 Nov 2022 11:25:50 +0000
ROA not before:           Tue 01 Nov 2022 11:25:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        45.129.92.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:32:f0:c3:a1:63:0f:53:f9:ff:76:7f:5f:bf:3c:b0:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
        Validity
            Not Before: Nov  1 11:25:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f370ae43310df3ea82c6520ee9d1e04b154292aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:d2:31:ed:46:b5:e9:98:cd:37:47:59:7f:6e:
                    32:46:bf:a5:c7:85:df:58:e3:77:a6:61:11:e9:18:
                    4d:52:1f:5e:40:7f:85:58:f8:68:67:1f:10:4e:f3:
                    a8:cf:30:4c:04:89:98:58:79:7f:f5:64:50:cc:36:
                    6a:95:77:cd:44:7f:ee:d9:5c:58:1b:2e:7a:9b:d9:
                    99:fa:06:48:59:f4:b1:58:aa:66:f6:8c:cd:1b:45:
                    66:af:c1:59:80:a0:68:ee:8a:83:7b:90:ea:19:f6:
                    3b:af:70:c2:25:f1:e8:8a:12:9e:94:ae:e9:68:7e:
                    45:1e:80:e3:53:d5:aa:65:e6:7d:6f:27:49:d5:ce:
                    29:ac:9b:1d:e5:c1:0f:99:5a:04:a3:cd:60:06:de:
                    87:03:e5:37:ad:93:9d:bc:56:a8:26:b1:69:77:b1:
                    0d:ee:e8:5f:f4:7d:88:8e:c3:f1:d7:88:20:a2:59:
                    57:e6:40:86:3d:9b:83:77:61:c0:1f:9f:60:47:fd:
                    1f:1c:17:50:e2:b2:29:80:c4:4f:0a:8b:64:56:5f:
                    5f:7f:11:ca:47:2b:fa:73:c2:bc:07:98:b4:65:cb:
                    20:fb:d8:c6:43:c1:bd:a8:c8:c4:4a:c7:1c:50:59:
                    5c:c3:8a:f0:de:30:8c:3c:ac:41:00:a7:26:5f:63:
                    7b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:70:AE:43:31:0D:F3:EA:82:C6:52:0E:E9:D1:E0:4B:15:42:92:AA
            X509v3 Authority Key Identifier:
                keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/83CuQzEN8-qCxlIO6dHgSxVCkqo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.129.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:8b:ef:17:5f:06:5e:42:6c:37:3b:8e:2a:eb:1f:61:22:91:
         3c:c4:f7:cb:2d:1e:60:62:78:c1:6c:f6:3a:fc:cb:2c:da:9e:
         b9:6b:fc:ef:38:b8:46:28:4f:98:66:76:b1:c3:e0:0c:e7:34:
         15:5d:65:61:6a:7e:ca:14:60:a2:aa:61:6e:f7:a3:66:df:67:
         74:52:42:2f:26:e7:f1:06:5b:c8:af:50:a9:e8:d3:39:b6:32:
         6b:d1:6a:85:77:da:db:16:ff:b0:47:76:01:98:9c:29:de:25:
         d3:1a:f6:14:e5:aa:23:73:ec:10:ee:ad:14:13:b2:e7:01:9b:
         12:1c:85:d6:70:db:dd:ae:1b:d0:f3:c3:91:1a:58:74:02:5a:
         e4:e4:bf:e2:ac:15:9f:f7:7d:1d:17:a0:d7:99:e4:9a:93:f0:
         f4:bd:61:9b:80:01:0b:ef:ee:89:94:85:bc:b0:7e:a2:e3:d1:
         e2:66:a4:44:ce:2d:92:d0:0b:52:96:eb:9d:f0:12:5b:97:f7:
         5a:f7:2e:87:e3:d8:2a:1c:85:fd:d3:42:57:17:66:c1:2d:91:
         85:17:91:26:d6:f8:79:fc:87:d7:17:34:88:ec:43:72:10:25:
         8d:74:12:64:14:28:c0:5c:6e:33:cd:f1:94:01:ae:cb:c2:ff:
         73:24:f0:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQy8MOhYw9T+f92f1+/PLCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjIxMTAxMTEyNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzcwYWU0MzMxMGRmM2VhODJjNjUyMGVlOWQxZTA0YjE1NDI5MmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tIx7Ua16ZjNN0dZf24yRr+lx4Xf
WON3pmER6RhNUh9eQH+FWPhoZx8QTvOozzBMBImYWHl/9WRQzDZqlXfNRH/u2VxY
Gy56m9mZ+gZIWfSxWKpm9ozNG0Vmr8FZgKBo7oqDe5DqGfY7r3DCJfHoihKelK7p
aH5FHoDjU9WqZeZ9bydJ1c4prJsd5cEPmVoEo81gBt6HA+U3rZOdvFaoJrFpd7EN
7uhf9H2IjsPx14ggollX5kCGPZuDd2HAH59gR/0fHBdQ4rIpgMRPCotkVl9ffxHK
Ryv6c8K8B5i0Zcsg+9jGQ8G9qMjESsccUFlcw4rw3jCMPKxBAKcmX2N7kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPNwrkMxDfPqgsZSDunR4EsVQpKqMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvODNDdVF6RU44LXFDeGxJTzZkSGdTeFZDa3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYFcMA0G
CSqGSIb3DQEBCwUAA4IBAQBBi+8XXwZeQmw3O44q6x9hIpE8xPfLLR5gYnjBbPY6
/Mss2p65a/zvOLhGKE+YZnaxw+AM5zQVXWVhan7KFGCiqmFu96Nm32d0UkIvJufx
BlvIr1Cp6NM5tjJr0WqFd9rbFv+wR3YBmJwp3iXTGvYU5aojc+wQ7q0UE7LnAZsS
HIXWcNvdrhvQ88ORGlh0Alrk5L/irBWf930dF6DXmeSak/D0vWGbgAEL7+6JlIW8
sH6i49HiZqREzi2S0AtSluud8BJbl/da9y6H49gqHIX900JXF2bBLZGFF5Em1vh5
/IfXFzSI7ENyECWNdBJkFCjAXG4zzfGUAa7Lwv9zJPAy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:12 2024 by rpki-client on console-ams.rpki-client.org