Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/eeZLi6xsqIVQPZ9Pui-OWUwAPjA.roa
File:                     eeZLi6xsqIVQPZ9Pui-OWUwAPjA.roa (raw, json)
Hash identifier:          gOvhSlskwy9T/0S9F9kwVba+IX5/86Fy680lH5HqzWU=
Subject key identifier:   79:E6:4B:8B:AC:6C:A8:85:50:3D:9F:4F:BA:2F:8E:59:4C:00:3E:30
Certificate issuer:       /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial:       02672196
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/eeZLi6xsqIVQPZ9Pui-OWUwAPjA.roa
Signing time:             Sat 01 Jan 2022 15:03:51 +0000
ROA not before:           Sat 01 Jan 2022 15:03:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6233
IP address blocks:        45.140.56.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40313238 (0x2672196)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
        Validity
            Not Before: Jan  1 15:03:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=79e64b8bac6ca885503d9f4fba2f8e594c003e30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f9:57:7a:fd:f9:84:85:bb:4e:98:da:5d:5c:
                    ef:f2:39:ba:d8:eb:2f:61:eb:26:2d:cb:20:0b:5b:
                    e0:a0:60:01:46:e6:96:70:b0:b9:97:24:00:c2:71:
                    be:4f:2b:82:70:34:24:60:7d:9c:14:50:16:6a:a6:
                    71:04:ac:39:c6:a6:bb:77:71:00:a7:98:23:33:8d:
                    65:67:86:30:a6:52:a1:f5:f9:41:d1:2c:dd:f1:1a:
                    77:cd:39:e1:39:f5:72:87:32:8f:13:d5:9d:de:84:
                    c0:96:39:aa:3e:d1:3d:2b:f7:9e:aa:9d:25:54:05:
                    34:12:60:b7:8e:3a:e8:5c:6a:e7:04:86:a5:17:cb:
                    cc:8e:ec:cb:ef:a0:d6:f9:7b:7b:9b:7e:78:50:ac:
                    2a:8f:0f:d4:c9:e6:2d:44:0f:5c:96:42:53:9e:25:
                    2b:49:9d:18:4a:fe:8f:01:f6:ea:3d:ad:dd:1d:25:
                    3b:8c:20:35:02:ec:07:93:34:aa:f5:a1:c8:3e:6c:
                    0b:a9:36:80:21:c1:e3:96:88:98:dc:d6:9e:ad:bf:
                    35:0b:e4:25:98:00:98:7b:19:ce:fa:70:33:9d:9e:
                    06:80:14:c6:e7:0e:cd:d5:74:a4:63:c0:7e:73:22:
                    7c:2f:77:f0:5f:44:5f:d1:0f:92:63:ae:ec:d8:46:
                    d0:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:E6:4B:8B:AC:6C:A8:85:50:3D:9F:4F:BA:2F:8E:59:4C:00:3E:30
            X509v3 Authority Key Identifier:
                keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/eeZLi6xsqIVQPZ9Pui-OWUwAPjA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2e:40:41:08:d9:eb:3c:78:f7:fe:1d:a6:3b:84:b3:14:d7:b8:
         e1:95:c4:e6:b4:b6:e5:ca:70:67:23:cc:d1:e6:8f:0b:27:43:
         42:12:ea:fc:2e:7b:bf:8f:c2:38:d0:9a:52:4a:b6:cf:e1:d4:
         50:3e:87:8d:1f:24:d9:87:1c:f3:9b:8b:4a:fb:47:96:64:f0:
         a5:10:7c:4c:d2:20:83:7d:03:41:48:5e:72:ba:88:c9:3c:d1:
         27:55:18:eb:dc:9a:68:56:87:36:71:69:ac:3d:c4:e1:39:62:
         84:2a:61:0f:4f:a3:6e:8e:52:9e:cc:e6:cd:c3:bf:2c:ab:80:
         88:96:f0:af:53:51:f0:6d:64:5a:dd:a3:0e:5b:7e:2a:b9:01:
         4f:fb:0b:6f:00:1e:a8:34:ce:de:53:1b:a2:85:93:cc:15:d6:
         a7:ee:5e:93:1f:83:e2:11:7c:14:4c:7e:87:1a:44:d4:56:69:
         2c:90:fa:64:b5:78:d2:c6:b1:85:2f:46:fd:a9:ae:1b:38:4e:
         80:80:68:e8:c6:60:33:fa:68:85:7c:da:ff:34:d4:88:84:15:
         81:18:17:0e:ea:1c:76:6c:1b:56:e9:4f:12:4a:42:88:6c:0a:
         5a:41:bd:e3:19:e5:cd:a9:e1:a2:92:b4:af:b6:02:9e:ef:bd:
         f5:b6:cc:bd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmchljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZDM2Njg2MjhmMGRmNzlkMDQ3ZWNhMGQ5YWRjZmMwYjY2OTNlMzA5MB4XDTIyMDEw
MTE1MDM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzllNjRiOGJhYzZj
YTg4NTUwM2Q5ZjRmYmEyZjhlNTk0YzAwM2UzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKL5V3r9+YSFu06Y2l1c7/I5utjrL2HrJi3LIAtb4KBgAUbm
lnCwuZckAMJxvk8rgnA0JGB9nBRQFmqmcQSsOcamu3dxAKeYIzONZWeGMKZSofX5
QdEs3fEad8054Tn1cocyjxPVnd6EwJY5qj7RPSv3nqqdJVQFNBJgt4466Fxq5wSG
pRfLzI7sy++g1vl7e5t+eFCsKo8P1MnmLUQPXJZCU54lK0mdGEr+jwH26j2t3R0l
O4wgNQLsB5M0qvWhyD5sC6k2gCHB45aImNzWnq2/NQvkJZgAmHsZzvpwM52eBoAU
xucOzdV0pGPAfnMifC938F9EX9EPkmOu7NhG0DkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR55kuLrGyohVA9n0+6L45ZTAA+MDAfBgNVHSMEGDAWgBS9Nmhijw33nQR+
yg2a3PwLZpPjCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZUWm9ZbzhOOTUwRWZzb05tdHo4QzJhVDR3ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvMWI1NzIyLTFkZGEtNGRmMy1hNDVjLWU2YmYzMTZjOTRhMS8x
L2VlWkxpNnhzcUlWUVBaOVB1aS1PV1V3QVBqQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
MWI1NzIyLTFkZGEtNGRmMy1hNDVjLWU2YmYzMTZjOTRhMS8xL3ZUWm9ZbzhOOTUw
RWZzb05tdHo4QzJhVDR3ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2MODANBgkqhkiG9w0BAQsFAAOC
AQEALkBBCNnrPHj3/h2mO4SzFNe44ZXE5rS25cpwZyPM0eaPCydDQhLq/C57v4/C
ONCaUkq2z+HUUD6HjR8k2Ycc85uLSvtHlmTwpRB8TNIgg30DQUhecrqIyTzRJ1UY
69yaaFaHNnFprD3E4TlihCphD0+jbo5SnszmzcO/LKuAiJbwr1NR8G1kWt2jDlt+
KrkBT/sLbwAeqDTO3lMbooWTzBXWp+5ekx+D4hF8FEx+hxpE1FZpLJD6ZLV40sax
hS9G/amuGzhOgIBo6MZgM/pohXza/zTUiIQVgRgXDuocdmwbVulPEkpCiGwKWkG9
4xnlzanhopK0r7YCnu+99bbMvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:56 2024 by rpki-client on console-ams.rpki-client.org