Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d51211-d0bb-4a57-9390-ce2a496fee86/1/MwA82upQ6CxcV8fDrSQxG-XqkEY.roa
File:                     MwA82upQ6CxcV8fDrSQxG-XqkEY.roa (raw, json)
Hash identifier:          ib47DSSnRJMvaNoK1y37se2vL17sUDge1afET1jxCRE=
Subject key identifier:   33:00:3C:DA:EA:50:E8:2C:5C:57:C7:C3:AD:24:31:1B:E5:EA:90:46
Certificate issuer:       /CN=307a039502d46a6b9909110ce2ab1396877bd08e
Certificate serial:       0184D355D5555815CE80B1C3F22E23BFEC20
Authority key identifier: 30:7A:03:95:02:D4:6A:6B:99:09:11:0C:E2:AB:13:96:87:7B:D0:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MHoDlQLUamuZCREM4qsTlod70I4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/d51211-d0bb-4a57-9390-ce2a496fee86/1/MwA82upQ6CxcV8fDrSQxG-XqkEY.roa
Signing time:             Fri 02 Dec 2022 14:55:28 +0000
ROA not before:           Fri 02 Dec 2022 14:55:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1764
IP address blocks:        194.45.144.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:d3:55:d5:55:58:15:ce:80:b1:c3:f2:2e:23:bf:ec:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=307a039502d46a6b9909110ce2ab1396877bd08e
        Validity
            Not Before: Dec  2 14:55:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=33003cdaea50e82c5c57c7c3ad24311be5ea9046
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:59:68:80:59:20:70:d5:d9:0a:0a:fe:c0:7d:
                    3d:b8:3e:8e:b3:33:c2:36:f8:fa:0b:19:44:0d:c0:
                    45:cf:14:2d:b8:57:8c:7e:9c:46:31:48:4e:f8:88:
                    81:c4:5c:94:da:24:bc:cd:c9:db:af:8b:eb:e4:e1:
                    8d:f6:cf:c2:7b:53:29:38:99:4a:a9:be:22:ac:89:
                    ea:3f:97:4c:51:ea:11:a2:c0:ea:27:4c:9c:29:7a:
                    3c:f4:59:49:6a:3f:45:b1:c2:bf:af:54:a5:ca:de:
                    28:e3:7a:89:5d:25:19:ee:ab:b2:3f:f3:d1:50:ae:
                    5b:b1:f6:f6:cc:4b:92:cd:d4:f7:d2:77:e3:dc:fe:
                    c5:f8:78:69:8d:68:8b:d2:e8:54:39:a2:b5:24:20:
                    7c:98:67:93:20:76:c5:fa:a5:90:76:9f:cd:c4:f3:
                    b0:cd:73:35:56:f3:60:74:1f:90:ee:7f:82:f6:3d:
                    05:a9:64:2d:14:d6:63:ee:43:fb:c6:e0:f6:f1:98:
                    1b:72:2a:3b:ff:3c:fb:ae:2b:32:8c:12:26:e7:24:
                    e5:3a:8b:d2:a1:5e:5c:61:d1:aa:df:c7:92:a0:16:
                    e7:44:fd:23:70:e7:04:47:a3:76:5f:ad:e6:23:40:
                    91:4c:2e:b6:99:15:cc:85:20:b0:bd:b7:0b:75:27:
                    d2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:00:3C:DA:EA:50:E8:2C:5C:57:C7:C3:AD:24:31:1B:E5:EA:90:46
            X509v3 Authority Key Identifier:
                keyid:30:7A:03:95:02:D4:6A:6B:99:09:11:0C:E2:AB:13:96:87:7B:D0:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHoDlQLUamuZCREM4qsTlod70I4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d51211-d0bb-4a57-9390-ce2a496fee86/1/MwA82upQ6CxcV8fDrSQxG-XqkEY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d51211-d0bb-4a57-9390-ce2a496fee86/1/MHoDlQLUamuZCREM4qsTlod70I4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.45.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         71:91:d3:68:6a:39:c6:3f:62:57:ef:85:12:17:ed:75:bb:17:
         9c:25:f3:6e:7b:0a:29:fc:69:08:dc:0c:a7:6b:4d:0a:c4:de:
         a2:00:c5:1c:00:a5:a7:db:be:e9:e9:5f:91:dd:d3:77:8e:72:
         41:c1:67:5d:7a:6d:d5:a1:bc:1f:6c:40:8d:e8:da:e0:ae:a1:
         bc:50:18:a6:f1:54:fb:55:99:3f:1f:3a:71:93:13:f6:e2:1e:
         28:f2:0f:25:ca:11:64:cc:6f:6a:72:9e:06:a7:7b:c4:86:ea:
         0b:79:6a:4b:9c:2a:6a:2f:f6:ac:ea:68:b1:47:6f:fa:1f:2e:
         83:38:19:17:e6:d2:0a:f1:49:54:ab:7d:fc:ae:ad:19:a0:7e:
         76:23:74:a2:59:d3:bc:1f:e9:f0:e0:5c:68:36:14:5c:19:84:
         78:23:49:98:dc:da:f3:87:33:62:cc:97:59:1b:8f:d5:6e:bd:
         aa:70:2a:be:77:e1:4c:ef:27:22:eb:01:30:d6:dc:02:cd:10:
         77:61:a8:4d:82:17:2d:0a:ba:6e:90:50:72:86:39:2b:28:ef:
         36:5c:29:94:b2:e0:4a:f7:24:f2:18:31:4a:d6:6a:65:53:8c:
         3b:08:2e:18:84:9f:14:16:77:ca:0b:1c:11:d1:62:b9:06:34:
         c6:a6:d0:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTTVdVVWBXOgLHD8i4jv+wgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2EwMzk1MDJkNDZhNmI5OTA5MTEwY2UyYWIxMzk2ODc3
YmQwOGUwHhcNMjIxMjAyMTQ1NTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzAwM2NkYWVhNTBlODJjNWM1N2M3YzNhZDI0MzExYmU1ZWE5MDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1logFkgcNXZCgr+wH09uD6OszPC
Nvj6CxlEDcBFzxQtuFeMfpxGMUhO+IiBxFyU2iS8zcnbr4vr5OGN9s/Ce1MpOJlK
qb4irInqP5dMUeoRosDqJ0ycKXo89FlJaj9FscK/r1Slyt4o43qJXSUZ7quyP/PR
UK5bsfb2zEuSzdT30nfj3P7F+HhpjWiL0uhUOaK1JCB8mGeTIHbF+qWQdp/NxPOw
zXM1VvNgdB+Q7n+C9j0FqWQtFNZj7kP7xuD28Zgbcio7/zz7risyjBIm5yTlOovS
oV5cYdGq38eSoBbnRP0jcOcER6N2X63mI0CRTC62mRXMhSCwvbcLdSfSMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMAPNrqUOgsXFfHw60kMRvl6pBGMB8GA1UdIwQY
MBaAFDB6A5UC1GprmQkRDOKrE5aHe9COMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhvRGxRTFVhbXVaQ1JFTTRxc1Rsb2Q3MEk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kNTEyMTEtZDBiYi00YTU3LTkzOTAt
Y2UyYTQ5NmZlZTg2LzEvTXdBODJ1cFE2Q3hjVjhmRHJTUXhHLVhxa0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kNTEyMTEtZDBiYi00YTU3LTkzOTAtY2UyYTQ5NmZlZTg2
LzEvTUhvRGxRTFVhbXVaQ1JFTTRxc1Rsb2Q3MEk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwi2QMA0G
CSqGSIb3DQEBCwUAA4IBAQBxkdNoajnGP2JX74USF+11uxecJfNuewop/GkI3Ayn
a00KxN6iAMUcAKWn277p6V+R3dN3jnJBwWddem3VobwfbECN6NrgrqG8UBim8VT7
VZk/HzpxkxP24h4o8g8lyhFkzG9qcp4Gp3vEhuoLeWpLnCpqL/as6mixR2/6Hy6D
OBkX5tIK8UlUq338rq0ZoH52I3SiWdO8H+nw4FxoNhRcGYR4I0mY3NrzhzNizJdZ
G4/Vbr2qcCq+d+FM7yci6wEw1twCzRB3YahNghctCrpukFByhjkrKO82XCmUsuBK
9yTyGDFK1mplU4w7CC4YhJ8UFnfKCxwR0WK5BjTGptBC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:03 2024 by rpki-client on console-ams.rpki-client.org