Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/B-CKCpyS0smQrEtMWlhpdezAzmg.roa
File:                     B-CKCpyS0smQrEtMWlhpdezAzmg.roa (raw, json)
Hash identifier:          wfL74Zou1ini3dMc+ZJbwsGfk3XmQHCHr8rgsXm8tSw=
Subject key identifier:   07:E0:8A:0A:9C:92:D2:C9:90:AC:4B:4C:5A:58:69:75:EC:C0:CE:68
Certificate issuer:       /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial:       0182B5ABE2F0BEB4F3B393A9D2063FA442CD
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/B-CKCpyS0smQrEtMWlhpdezAzmg.roa
Signing time:             Fri 19 Aug 2022 10:35:17 +0000
ROA not before:           Fri 19 Aug 2022 10:35:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2830
IP address blocks:        145.46.128.0/20 maxlen: 20
                          2a10:3000::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:b5:ab:e2:f0:be:b4:f3:b3:93:a9:d2:06:3f:a4:42:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
        Validity
            Not Before: Aug 19 10:35:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=07e08a0a9c92d2c990ac4b4c5a586975ecc0ce68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:88:0f:a4:89:55:91:7d:65:8f:2d:bd:a4:4f:
                    98:f5:e7:9b:07:ca:61:ce:a4:f9:47:c3:81:fc:5d:
                    1b:02:17:a0:ad:20:49:9a:cd:09:ce:01:50:f3:82:
                    f5:a3:83:e0:ff:99:c7:20:7f:04:88:81:78:35:7f:
                    82:eb:f8:6b:db:8f:c0:4a:55:32:e2:cb:2d:3a:65:
                    09:33:ae:11:f8:b1:ce:56:f4:05:bc:70:95:21:0f:
                    d0:89:41:cd:27:c6:64:9e:20:ce:0f:bb:53:5d:55:
                    c7:ff:70:40:90:ac:3a:66:33:62:4d:32:cc:1e:81:
                    21:26:9a:43:c2:40:dc:dd:66:1f:05:47:e6:f3:15:
                    25:f2:3f:c8:19:07:71:4d:12:78:9a:73:50:06:7f:
                    5d:93:1b:e4:36:51:54:45:3d:a8:13:10:33:ca:0e:
                    17:d6:bc:4b:28:fc:ed:ea:d6:b2:32:4b:30:ad:42:
                    51:a7:81:8b:b7:f3:22:09:18:0f:95:3c:ef:b6:25:
                    05:63:ba:93:cf:a1:9e:66:e2:be:58:03:77:a8:f0:
                    28:3a:71:0f:fe:ef:ab:6e:3c:58:35:24:4d:84:0b:
                    22:b4:d4:46:56:e2:77:e4:75:3b:41:48:5e:eb:43:
                    f7:12:12:1d:fd:fd:86:f5:c0:b2:37:a2:27:a0:b2:
                    58:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:E0:8A:0A:9C:92:D2:C9:90:AC:4B:4C:5A:58:69:75:EC:C0:CE:68
            X509v3 Authority Key Identifier:
                keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/B-CKCpyS0smQrEtMWlhpdezAzmg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.46.128.0/20
                IPv6:
                  2a10:3000::/29

    Signature Algorithm: sha256WithRSAEncryption
         8f:91:55:30:23:80:db:2d:d0:53:31:40:91:89:2e:dd:35:38:
         3d:40:ec:79:46:e3:81:ec:a1:34:35:5a:72:8a:d0:d2:f0:e3:
         ca:93:74:97:1e:30:d7:ad:7b:03:9c:44:93:f7:84:9e:b3:be:
         17:fa:10:76:7f:1c:eb:6d:38:d5:fd:02:38:04:9a:ef:0c:86:
         50:43:00:cd:12:df:cd:d3:39:e1:8c:16:87:eb:d2:8c:c1:1f:
         5e:5b:ae:b0:2d:90:81:04:1e:e8:2d:c9:10:8e:a9:c7:23:5f:
         a2:6b:f4:3d:0e:2a:9e:2a:05:8d:71:f0:58:16:85:6d:8f:08:
         0a:b0:5b:36:9f:a8:4e:82:37:88:59:5e:72:6d:87:d3:9d:2f:
         8f:77:04:e3:fe:57:bd:e3:e7:0b:36:48:cf:da:a8:58:ee:fd:
         19:96:51:bf:19:1a:8f:13:e5:f5:be:87:d7:30:33:37:3a:9b:
         99:94:c7:8d:2c:aa:4d:c4:08:07:55:6f:d2:26:8d:bc:db:37:
         d5:27:a3:50:1d:61:65:84:da:da:9b:e9:9d:91:69:97:c0:71:
         4f:c7:56:e3:5f:cc:de:08:10:5f:80:e6:21:0f:88:f5:ec:9e:
         af:69:ba:14:3a:d6:b1:8b:fd:a9:0b:9a:a6:04:fe:d5:e1:b2:
         33:15:2e:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYK1q+LwvrTzs5Op0gY/pELNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjIwODE5MTAzNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2UwOGEwYTljOTJkMmM5OTBhYzRiNGM1YTU4Njk3NWVjYzBjZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtogPpIlVkX1ljy29pE+Y9eebB8ph
zqT5R8OB/F0bAhegrSBJms0JzgFQ84L1o4Pg/5nHIH8EiIF4NX+C6/hr24/ASlUy
4sstOmUJM64R+LHOVvQFvHCVIQ/QiUHNJ8ZkniDOD7tTXVXH/3BAkKw6ZjNiTTLM
HoEhJppDwkDc3WYfBUfm8xUl8j/IGQdxTRJ4mnNQBn9dkxvkNlFURT2oExAzyg4X
1rxLKPzt6tayMkswrUJRp4GLt/MiCRgPlTzvtiUFY7qTz6GeZuK+WAN3qPAoOnEP
/u+rbjxYNSRNhAsitNRGVuJ35HU7QUhe60P3EhId/f2G9cCyN6InoLJYuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAfgigqcktLJkKxLTFpYaXXswM5oMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvQi1DS0NweVMwc21RckV0TVdsaHBkZXpBem1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEkS6AMA0E
AgACMAcDBQMqEDAAMA0GCSqGSIb3DQEBCwUAA4IBAQCPkVUwI4DbLdBTMUCRiS7d
NTg9QOx5RuOB7KE0NVpyitDS8OPKk3SXHjDXrXsDnEST94Ses74X+hB2fxzrbTjV
/QI4BJrvDIZQQwDNEt/N0znhjBaH69KMwR9eW66wLZCBBB7oLckQjqnHI1+ia/Q9
DiqeKgWNcfBYFoVtjwgKsFs2n6hOgjeIWV5ybYfTnS+PdwTj/le94+cLNkjP2qhY
7v0ZllG/GRqPE+X1vofXMDM3OpuZlMeNLKpNxAgHVW/SJo282zfVJ6NQHWFlhNra
m+mdkWmXwHFPx1bjX8zeCBBfgOYhD4j17J6vaboUOtaxi/2pC5qmBP7V4bIzFS48
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:20 2024 by rpki-client on console-ams.rpki-client.org