Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/o9aXXgW-c-YoLVDQiuCi9R2p2Ak.roa
File:                     o9aXXgW-c-YoLVDQiuCi9R2p2Ak.roa (raw, json)
Hash identifier:          cw/F5izqiJLx3BQ6zLDc4QcQLIYaxHJKU93x26OvW1M=
Subject key identifier:   A3:D6:97:5E:05:BE:73:E6:28:2D:50:D0:8A:E0:A2:F5:1D:A9:D8:09
Certificate issuer:       /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial:       06C3C1BC
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/o9aXXgW-c-YoLVDQiuCi9R2p2Ak.roa
Signing time:             Wed 01 Jun 2022 12:48:45 +0000
ROA not before:           Wed 01 Jun 2022 12:48:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     140224
IP address blocks:        45.81.128.0/24 maxlen: 24
                          45.135.116.0/23 maxlen: 24
                          45.91.83.0/24 maxlen: 24
                          45.91.82.0/24 maxlen: 24
                          45.91.81.0/24 maxlen: 24
                          45.91.80.0/24 maxlen: 24
                          45.155.222.0/23 maxlen: 24
                          45.140.88.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113492412 (0x6c3c1bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
        Validity
            Not Before: Jun  1 12:48:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a3d6975e05be73e6282d50d08ae0a2f51da9d809
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:2a:a3:2d:ef:c6:fd:af:7d:15:06:cb:e5:17:
                    8b:24:15:b6:a9:17:cf:76:08:a2:56:3d:81:b5:c6:
                    b3:b6:a4:78:e0:78:fd:7f:49:b0:32:6c:d3:45:b7:
                    8a:31:0b:cd:25:db:25:97:67:2e:3d:6e:12:d1:b6:
                    a8:fa:95:0b:6a:ec:f5:f2:55:05:39:e0:57:6d:51:
                    40:93:99:81:f5:43:a0:fa:31:68:75:a0:97:a9:7a:
                    2c:d4:63:70:76:04:69:2c:4f:36:42:1c:00:91:cb:
                    9d:f1:5c:13:8d:34:b1:dd:02:e7:b2:21:d1:06:bd:
                    6d:14:1e:aa:d2:43:f8:ef:3e:5f:13:aa:1d:ea:d9:
                    09:dd:10:11:8f:de:32:45:0f:f4:37:78:bb:0d:7a:
                    8d:d4:ed:06:8d:ce:bf:02:b0:8a:f9:e3:de:a5:68:
                    70:55:60:49:61:30:4d:e4:1a:de:d0:4b:fe:af:1d:
                    db:ea:a1:c8:61:dc:e5:54:8c:18:f3:03:f6:3d:d0:
                    5c:56:b5:a4:15:60:43:a6:a0:c9:2a:35:30:49:81:
                    50:8b:ba:91:e4:cf:04:7d:0a:aa:7d:9f:41:e1:3a:
                    e4:81:ba:19:4a:5e:87:8e:88:ac:95:37:d1:a4:70:
                    01:5c:0e:39:93:a3:af:4e:d6:de:c6:3d:19:f1:92:
                    a9:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:D6:97:5E:05:BE:73:E6:28:2D:50:D0:8A:E0:A2:F5:1D:A9:D8:09
            X509v3 Authority Key Identifier:
                keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/o9aXXgW-c-YoLVDQiuCi9R2p2Ak.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.128.0/24
                  45.91.80.0/22
                  45.135.116.0/23
                  45.140.88.0/23
                  45.155.222.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5f:e1:e3:c8:e5:bd:c7:61:9c:e5:a2:3d:ac:01:c5:fb:9c:dc:
         e6:f4:85:72:35:bf:22:42:1b:81:dd:e6:38:5c:14:9f:67:31:
         e2:9e:36:f7:30:1d:43:1b:49:79:35:b9:aa:84:ed:fd:59:c9:
         8d:7f:c6:3d:e2:6a:0e:45:a6:5f:5b:c6:c0:fd:fc:a9:42:70:
         08:7f:b6:11:2e:54:94:c1:a9:b5:b9:80:e7:eb:82:95:51:9f:
         6d:4b:b6:42:62:0c:b9:13:bf:03:de:19:f5:b1:32:2d:6b:2e:
         ae:dc:17:c7:d5:61:e2:e7:bd:b4:71:11:53:81:25:67:55:01:
         ef:64:3e:92:51:87:73:22:6c:64:9e:d6:ef:10:ca:eb:64:ff:
         29:b6:46:85:cd:a0:89:f6:ad:79:bc:c0:70:63:62:d6:e9:d2:
         82:a4:78:f3:15:0c:7a:31:eb:70:1d:af:9a:3f:a8:04:e4:b9:
         e7:0f:88:96:3c:7d:ac:ca:16:22:4e:ce:b9:ff:25:2f:77:9a:
         4a:84:49:68:5c:1f:62:92:a2:25:e5:91:de:bb:cd:1d:b1:c8:
         50:73:8f:ba:e7:41:02:33:a5:5a:16:11:0d:26:a9:70:9d:55:
         f7:5b:d8:16:ea:d6:ea:46:6f:ea:44:b5:76:1c:ad:65:83:2b:
         03:62:25:3f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBsPBvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjJkZDlmZTYyOGI2YmMxMDE0MWRlMDI0MTc2NmExYjdhNjMxOTNmMB4XDTIyMDYw
MTEyNDg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNkNjk3NWUwNWJl
NzNlNjI4MmQ1MGQwOGFlMGEyZjUxZGE5ZDgwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8qoy3vxv2vfRUGy+UXiyQVtqkXz3YIolY9gbXGs7akeOB4
/X9JsDJs00W3ijELzSXbJZdnLj1uEtG2qPqVC2rs9fJVBTngV21RQJOZgfVDoPox
aHWgl6l6LNRjcHYEaSxPNkIcAJHLnfFcE400sd0C57Ih0Qa9bRQeqtJD+O8+XxOq
HerZCd0QEY/eMkUP9Dd4uw16jdTtBo3OvwKwivnj3qVocFVgSWEwTeQa3tBL/q8d
2+qhyGHc5VSMGPMD9j3QXFa1pBVgQ6agySo1MEmBUIu6keTPBH0Kqn2fQeE65IG6
GUpeh46IrJU30aRwAVwOOZOjr07W3sY9GfGSqccCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSj1pdeBb5z5igtUNCK4KL1HanYCTAfBgNVHSMEGDAWgBRbLdn+YotrwQFB
3gJBdmobemMZPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d5M1pfbUtMYThFQlFkNENRWFpxRzNwakdUOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvNGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4Yy8x
L285YVhYZ1ctYy1Zb0xWRFFpdUNpOVIycDJBay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
NGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4Yy8xL1d5M1pfbUtMYThF
QlFkNENRWFpxRzNwakdUOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC1RgAMEAi1bUAMEAS2HdAMEAS2M
WAMEAS2b3jANBgkqhkiG9w0BAQsFAAOCAQEAX+HjyOW9x2Gc5aI9rAHF+5zc5vSF
cjW/IkIbgd3mOFwUn2cx4p429zAdQxtJeTW5qoTt/VnJjX/GPeJqDkWmX1vGwP38
qUJwCH+2ES5UlMGptbmA5+uClVGfbUu2QmIMuRO/A94Z9bEyLWsurtwXx9Vh4ue9
tHERU4ElZ1UB72Q+klGHcyJsZJ7W7xDK62T/KbZGhc2gifatebzAcGNi1unSgqR4
8xUMejHrcB2vmj+oBOS55w+Iljx9rMoWIk7Ouf8lL3eaSoRJaFwfYpKiJeWR3rvN
HbHIUHOPuudBAjOlWhYRDSapcJ1V91vYFurW6kZv6kS1dhytZYMrA2IlPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:41 2024 by rpki-client on console-fra.rpki-client.org