Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-P0jcAMjt9dsunZEziiLqhdygEY.roa
File:                     1-P0jcAMjt9dsunZEziiLqhdygEY.roa (raw, json)
Hash identifier:          uKJRqQ3S2FKKi3i/3tSKjwV2osfoSwzXaeXpLn9e/gM=
Subject key identifier:   F8:FD:23:70:03:23:B7:D7:6C:BA:76:44:CE:28:8B:AA:17:72:80:46
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       09CF9B10
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-P0jcAMjt9dsunZEziiLqhdygEY.roa
Signing time:             Mon 02 May 2022 15:08:10 +0000
ROA not before:           Mon 02 May 2022 15:08:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     394844
IP address blocks:        94.154.180.0/23 maxlen: 23
                          45.67.140.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 164600592 (0x9cf9b10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: May  2 15:08:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f8fd23700323b7d76cba7644ce288baa17728046
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9c:6b:3c:1e:1f:a5:59:de:73:ad:52:aa:2b:
                    16:85:9d:fd:8e:14:18:ca:81:c7:1c:7e:5d:8a:0c:
                    70:89:62:ed:5f:ed:56:27:31:51:84:05:96:af:17:
                    89:aa:cd:c9:b0:35:f8:53:ef:f9:2f:12:1e:d1:92:
                    1c:93:83:bd:61:52:62:76:2f:f9:dd:51:40:72:90:
                    d8:b2:ef:ad:53:b1:67:9d:a2:77:19:69:c4:73:96:
                    0c:0e:9f:df:cd:f8:85:08:85:cb:62:42:cd:48:2d:
                    45:d6:a6:7d:83:2c:32:fd:bd:09:fb:88:3d:56:ae:
                    93:f6:7e:61:6d:2e:98:f9:e8:71:da:44:32:ed:a9:
                    59:3f:e0:56:68:b7:3a:60:bf:53:e0:5d:70:54:48:
                    61:c4:3b:ec:6c:0a:60:01:b8:d1:3b:e1:7c:57:fe:
                    ff:af:3d:ab:8b:48:ba:75:30:1b:2a:c7:8e:49:ac:
                    75:3f:44:8f:07:fd:62:db:27:1b:84:ad:f1:10:e3:
                    6c:0d:f7:0f:d7:8e:d2:23:2d:eb:5d:90:72:91:50:
                    2c:ba:c0:74:13:02:c5:ee:9a:f7:95:91:1a:eb:98:
                    7e:e4:07:60:68:2a:06:f7:cf:ec:7c:22:b4:3a:68:
                    1c:e7:75:f9:68:c5:e1:00:23:cd:d9:5c:e7:b4:b9:
                    24:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:FD:23:70:03:23:B7:D7:6C:BA:76:44:CE:28:8B:AA:17:72:80:46
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-P0jcAMjt9dsunZEziiLqhdygEY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.140.0/24
                  94.154.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         40:d5:9e:ce:2b:35:00:43:92:6d:56:5a:d9:3c:34:b6:6a:96:
         de:46:1f:10:ac:6a:4a:da:c5:77:d8:ee:bf:e9:86:7d:6c:da:
         ec:2e:61:cb:6c:0e:d0:e9:17:5c:f7:19:e9:24:d5:6c:d7:f3:
         d3:54:8b:8d:c2:41:c8:ef:05:86:e8:25:ad:10:79:8b:33:77:
         e3:f4:6c:0f:d1:dc:11:37:a9:aa:3b:32:dc:0f:fc:02:21:d0:
         3c:38:d7:bf:19:77:34:4c:1e:3e:43:1e:58:eb:82:18:c3:87:
         fb:3a:2e:2f:f6:14:31:62:e7:9e:a4:4f:07:0d:3a:56:36:48:
         11:d2:f9:2f:10:5c:ff:90:cd:d6:d3:2f:3a:1e:2f:c7:0c:61:
         7d:16:7d:df:d0:8f:a7:75:4c:48:cd:44:23:bb:b6:f9:c6:a2:
         60:f2:57:cb:0d:08:f5:35:80:b3:c8:b4:75:00:a5:cc:49:27:
         68:c6:7e:00:1a:e2:ad:c2:c6:87:c7:03:68:da:42:fc:cf:d2:
         b4:1f:0c:1f:0f:cd:c8:8e:21:fe:35:f6:e2:d2:47:0c:95:c3:
         aa:16:3b:34:af:e1:7b:12:12:8f:00:af:12:3f:59:e1:d0:0b:
         54:9f:e5:39:98:c4:95:a6:1c:80:18:7a:af:f4:44:ae:4e:18:
         d9:70:9f:9f
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIECc+bEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDUw
MjE1MDgxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjhmZDIzNzAwMzIz
YjdkNzZjYmE3NjQ0Y2UyODhiYWExNzcyODA0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6cazweH6VZ3nOtUqorFoWd/Y4UGMqBxxx+XYoMcIli7V/t
VicxUYQFlq8XiarNybA1+FPv+S8SHtGSHJODvWFSYnYv+d1RQHKQ2LLvrVOxZ52i
dxlpxHOWDA6f3834hQiFy2JCzUgtRdamfYMsMv29CfuIPVauk/Z+YW0umPnocdpE
Mu2pWT/gVmi3OmC/U+BdcFRIYcQ77GwKYAG40TvhfFf+/689q4tIunUwGyrHjkms
dT9Ejwf9YtsnG4St8RDjbA33D9eO0iMt612QcpFQLLrAdBMCxe6a95WRGuuYfuQH
YGgqBvfP7HwitDpoHOd1+WjF4QAjzdlc57S5JMECAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT4/SNwAyO312y6dkTOKIuqF3KARjAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
LzEtUDBqY0FNanQ5ZHN1blpFemlpTHFoZHlnRVkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Nh
LzNjNGI4YS1iZmM3LTQxZTktOTllMS1mM2U1MDZhZWFhMDEvMS9jcmVQWm9MOE9j
VmJRZFNQZ0xpRGpWMHR2d2MuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAtQ4wDBAFemrQwDQYJKoZIhvcN
AQELBQADggEBAEDVns4rNQBDkm1WWtk8NLZqlt5GHxCsakraxXfY7r/phn1s2uwu
YctsDtDpF1z3Gekk1WzX89NUi43CQcjvBYboJa0QeYszd+P0bA/R3BE3qao7MtwP
/AIh0Dw4178ZdzRMHj5DHljrghjDh/s6Li/2FDFi556kTwcNOlY2SBHS+S8QXP+Q
zdbTLzoeL8cMYX0Wfd/Qj6d1TEjNRCO7tvnGomDyV8sNCPU1gLPItHUApcxJJ2jG
fgAa4q3CxofHA2jaQvzP0rQfDB8PzciOIf419uLSRwyVw6oWOzSv4XsSEo8ArxI/
WeHQC1Sf5TmYxJWmHIAYeq/0RK5OGNlwn58=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org