Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/E0pGhnqrA0bmiJRLwvStkbHCkZk.roa
File:                     E0pGhnqrA0bmiJRLwvStkbHCkZk.roa (raw, json)
Hash identifier:          WC9ZnEpL2R/IiK/qv7ZG0dqn2plSHLhQarP9xB7nvBY=
Subject key identifier:   13:4A:46:86:7A:AB:03:46:E6:88:94:4B:C2:F4:AD:91:B1:C2:91:99
Certificate issuer:       /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial:       070C43C5
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/E0pGhnqrA0bmiJRLwvStkbHCkZk.roa
Signing time:             Thu 30 Jun 2022 14:34:02 +0000
ROA not before:           Thu 30 Jun 2022 14:34:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6134
IP address blocks:        45.133.238.0/24 maxlen: 24
                          45.133.239.0/24 maxlen: 24
                          45.135.118.0/24 maxlen: 24
                          45.135.119.0/24 maxlen: 24
                          45.140.90.0/24 maxlen: 24
                          45.140.91.0/24 maxlen: 24
                          185.106.178.0/24 maxlen: 24
                          185.106.177.0/24 maxlen: 24
                          185.106.179.0/24 maxlen: 24
                          2a06:5040:3::/48 maxlen: 48
                          2a06:5040:20::/45 maxlen: 45
                          2a06:5040:30::/45 maxlen: 48
                          2a06:5040:5040::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118244293 (0x70c43c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
        Validity
            Not Before: Jun 30 14:34:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=134a46867aab0346e688944bc2f4ad91b1c29199
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:2e:2e:b4:9c:d7:7b:d0:02:34:a5:19:43:41:
                    61:31:92:b9:18:67:68:a9:22:cb:ec:fd:f2:9c:23:
                    7b:f7:e6:32:67:5f:19:d1:c3:96:09:b0:e2:13:3a:
                    ea:e5:08:81:cf:94:be:59:cb:4b:d0:5b:bf:98:d5:
                    8e:8e:b6:a9:44:d3:4a:d7:c9:09:5f:63:5d:19:90:
                    62:ed:d8:0d:20:6e:38:34:c9:78:23:aa:22:8a:2c:
                    04:10:ef:45:30:28:02:b1:2c:ae:5b:91:30:6d:a4:
                    ee:90:76:67:54:cd:3f:e3:e1:fe:ee:63:ac:d6:f3:
                    7c:6a:29:f7:ce:5c:0d:df:8d:68:b4:16:19:ad:9d:
                    dc:5e:83:9f:d8:14:fb:bd:52:4a:b1:ac:75:75:dd:
                    c1:ae:e9:97:85:45:70:0d:9e:8b:b3:e2:7c:8b:7a:
                    26:2a:dd:67:28:94:1d:57:0c:30:f3:39:75:d9:14:
                    14:11:22:5a:96:fb:93:c7:24:bf:b3:58:bc:ad:05:
                    d2:1b:2d:87:45:ed:4e:2d:bd:a0:1a:36:3e:d0:73:
                    f3:12:98:56:cc:c4:25:07:70:87:50:22:a5:97:bb:
                    63:5f:0e:4d:09:2a:6a:06:55:96:8a:c3:6d:43:5b:
                    53:a4:6b:10:b6:77:c4:7f:c9:04:77:f1:44:8f:dd:
                    78:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:4A:46:86:7A:AB:03:46:E6:88:94:4B:C2:F4:AD:91:B1:C2:91:99
            X509v3 Authority Key Identifier:
                keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/E0pGhnqrA0bmiJRLwvStkbHCkZk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.238.0/23
                  45.135.118.0/23
                  45.140.90.0/23
                  185.106.177.0-185.106.179.255
                IPv6:
                  2a06:5040:3::/48
                  2a06:5040:20::/45
                  2a06:5040:30::/45
                  2a06:5040:5040::/48

    Signature Algorithm: sha256WithRSAEncryption
         0a:02:dd:c4:8e:2b:56:d2:0b:a6:9f:16:ff:7b:e0:c3:6f:8d:
         a3:bd:37:a9:34:bf:12:e3:36:55:20:96:2e:f9:46:81:a6:5b:
         e2:e7:3f:7a:2f:53:96:a7:03:91:f7:fc:0e:d7:41:e1:ed:5b:
         d9:1a:e5:50:50:01:06:72:11:2d:b5:78:94:c8:2c:1e:80:f5:
         90:35:e7:e7:ae:16:e0:dd:b4:fb:4d:76:af:32:e2:80:af:0e:
         53:e6:ce:86:97:a9:91:c3:5a:36:d8:d9:84:25:4e:3f:02:5b:
         e1:31:25:ce:c3:e5:04:47:88:f0:ef:42:60:b5:02:1b:34:eb:
         4c:d5:cf:23:43:eb:c4:a8:36:5b:29:99:c6:7b:91:f7:8c:40:
         30:ac:04:b5:ac:e5:b5:c9:17:ac:d7:5b:ac:0d:17:fd:01:59:
         27:70:2c:97:08:36:3f:6a:da:28:e5:55:0f:2f:1b:b1:a7:bf:
         65:71:79:d6:df:1e:f0:1d:93:18:e7:5b:37:49:57:42:ef:5b:
         0d:ed:86:36:e2:e9:66:1b:ed:56:01:a7:74:d7:0d:28:40:3c:
         ce:8d:f8:5a:6d:e7:a6:d3:5c:81:c6:dc:15:1c:06:9a:58:90:
         4e:95:32:93:43:b7:94:c8:ce:7d:3f:3a:b9:a6:f5:80:71:0f:
         9a:11:db:35
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEBwxDxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjJkZDlmZTYyOGI2YmMxMDE0MWRlMDI0MTc2NmExYjdhNjMxOTNmMB4XDTIyMDYz
MDE0MzQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTM0YTQ2ODY3YWFi
MDM0NmU2ODg5NDRiYzJmNGFkOTFiMWMyOTE5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcuLrSc13vQAjSlGUNBYTGSuRhnaKkiy+z98pwje/fmMmdf
GdHDlgmw4hM66uUIgc+UvlnLS9Bbv5jVjo62qUTTStfJCV9jXRmQYu3YDSBuODTJ
eCOqIoosBBDvRTAoArEsrluRMG2k7pB2Z1TNP+Ph/u5jrNbzfGop985cDd+NaLQW
Ga2d3F6Dn9gU+71SSrGsdXXdwa7pl4VFcA2ei7PifIt6JirdZyiUHVcMMPM5ddkU
FBEiWpb7k8ckv7NYvK0F0hsth0XtTi29oBo2PtBz8xKYVszEJQdwh1AipZe7Y18O
TQkqagZVlorDbUNbU6RrELZ3xH/JBHfxRI/deIcCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBQTSkaGeqsDRuaIlEvC9K2RscKRmTAfBgNVHSMEGDAWgBRbLdn+YotrwQFB
3gJBdmobemMZPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d5M1pfbUtMYThFQlFkNENRWFpxRzNwakdUOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvNGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4Yy8x
L0UwcEdobnFyQTBibWlKUkx3dlN0a2JIQ2taay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
NGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4Yy8xL1d5M1pfbUtMYThF
QlFkNENRWFpxRzNwakdUOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwJgQCAAEwIAMEAS2F7gMEAS2HdgMEAS2MWjAMAwQA
uWqxAwQCuWqwMCoEAgACMCQDBwAqBlBAAAMDBwMqBlBAACADBwMqBlBAADADBwAq
BlBAUEAwDQYJKoZIhvcNAQELBQADggEBAAoC3cSOK1bSC6afFv974MNvjaO9N6k0
vxLjNlUgli75RoGmW+LnP3ovU5anA5H3/A7XQeHtW9ka5VBQAQZyES21eJTILB6A
9ZA15+euFuDdtPtNdq8y4oCvDlPmzoaXqZHDWjbY2YQlTj8CW+ExJc7D5QRHiPDv
QmC1Ahs060zVzyND68SoNlspmcZ7kfeMQDCsBLWs5bXJF6zXW6wNF/0BWSdwLJcI
Nj9q2ijlVQ8vG7Gnv2VxedbfHvAdkxjnWzdJV0LvWw3thjbi6WYb7VYBp3TXDShA
PM6N+Fpt56bTXIHG3BUcBppYkE6VMpNDt5TIzn0/Ormm9YBxD5oR2zU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:40 2024 by rpki-client on console-fra.rpki-client.org