Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/pVIV6-U6qB8G1m2tqRb-MALpWXg.roa
File:                     pVIV6-U6qB8G1m2tqRb-MALpWXg.roa (raw, json)
Hash identifier:          SSCsu0XCC7OcU4VwSlOpXL7o9+4EFng/DJCAgvt6uzU=
Subject key identifier:   A5:52:15:EB:E5:3A:A8:1F:06:D6:6D:AD:A9:16:FE:30:02:E9:59:78
Certificate issuer:       /CN=7ba2be98438b98ee68a0d1b8c4144520bd0a623d
Certificate serial:       0415A48E
Authority key identifier: 7B:A2:BE:98:43:8B:98:EE:68:A0:D1:B8:C4:14:45:20:BD:0A:62:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6K-mEOLmO5ooNG4xBRFIL0KYj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/pVIV6-U6qB8G1m2tqRb-MALpWXg.roa
Signing time:             Sat 01 Jan 2022 10:02:58 +0000
ROA not before:           Sat 01 Jan 2022 10:02:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     4785
IP address blocks:        45.82.239.0/24 maxlen: 24
                          45.82.236.0/24 maxlen: 24
                          45.82.237.0/24 maxlen: 24
                          45.82.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 68527246 (0x415a48e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ba2be98438b98ee68a0d1b8c4144520bd0a623d
        Validity
            Not Before: Jan  1 10:02:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a55215ebe53aa81f06d66dada916fe3002e95978
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:bd:ad:cd:78:d4:89:14:8b:76:02:72:09:75:
                    5d:05:46:63:b6:83:2f:27:a5:92:1f:d7:2b:da:fb:
                    4a:0e:6c:d1:24:53:39:3b:52:c8:44:2c:79:29:14:
                    88:39:fc:7f:65:44:22:9e:53:61:9f:7a:b8:42:ef:
                    c7:f3:82:45:20:cb:c8:22:62:7a:da:18:62:59:fc:
                    fe:68:1a:30:dc:4a:06:d6:8b:1b:f0:94:ca:f1:dc:
                    96:5d:82:58:98:c3:bb:9c:d9:13:44:47:24:82:66:
                    4f:90:6c:f1:00:1e:1c:9e:44:99:3a:9a:b2:1e:41:
                    49:10:fb:ad:01:84:aa:72:c6:06:9f:32:ad:18:2c:
                    35:16:fc:74:11:23:88:30:de:53:45:22:c0:76:34:
                    7f:5e:e5:b0:2c:76:c9:1b:2a:f2:99:d1:d5:69:fe:
                    ed:c0:6a:4c:f9:eb:b5:e1:b3:2b:ce:71:dc:5a:cb:
                    ee:2d:be:f6:c6:05:4a:61:4c:a3:7a:fc:ae:9a:ac:
                    c0:a4:6d:a1:26:b0:1d:de:22:ad:c0:b7:b8:aa:a6:
                    13:0c:a3:d2:c4:a2:c8:cc:6f:11:cf:e7:fc:62:c8:
                    0b:4a:3c:e6:ad:85:76:cf:6a:96:22:43:3a:71:ea:
                    f1:c1:a6:ce:9a:3c:89:b7:22:8e:e1:f9:cc:61:6d:
                    92:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:52:15:EB:E5:3A:A8:1F:06:D6:6D:AD:A9:16:FE:30:02:E9:59:78
            X509v3 Authority Key Identifier:
                keyid:7B:A2:BE:98:43:8B:98:EE:68:A0:D1:B8:C4:14:45:20:BD:0A:62:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6K-mEOLmO5ooNG4xBRFIL0KYj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/pVIV6-U6qB8G1m2tqRb-MALpWXg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/e6K-mEOLmO5ooNG4xBRFIL0KYj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:84:b0:48:ba:fb:7a:02:77:58:9f:c3:40:60:b6:60:7f:bd:
         e6:20:b5:15:11:49:76:2a:15:3a:43:8d:d6:d8:ce:dd:31:c8:
         f7:cd:d0:21:8c:38:34:fe:0f:e8:16:93:ff:e9:e8:12:78:de:
         88:40:91:9a:de:40:ae:2b:96:0d:6f:cc:c4:08:39:96:6b:91:
         f9:8c:e7:11:1a:23:f8:3d:00:b0:59:aa:b9:0d:31:86:c3:77:
         11:29:1f:e2:19:f0:64:cb:52:0d:04:d5:52:a3:06:81:39:c4:
         0a:b5:52:d2:da:26:d2:38:3b:9d:a4:b7:14:22:d6:e0:23:1e:
         3e:c3:4a:93:1d:f7:33:86:a8:c2:fe:fc:a6:f8:49:1d:7c:d4:
         1d:5f:bb:d9:79:cb:32:74:d8:e8:0b:92:bb:7e:84:2b:68:c5:
         2a:33:25:7f:ed:e9:52:a1:cd:40:ae:21:ea:e4:42:65:c4:59:
         f6:09:d6:dd:fc:85:9a:a1:2c:92:96:0a:d1:c6:e5:f3:7f:a3:
         7a:42:0c:0c:4c:31:bb:8e:c4:87:75:fd:12:32:5a:30:3e:eb:
         4e:0b:82:7f:b5:6c:d7:68:97:6e:a2:da:15:04:96:88:95:91:
         af:a3:f3:0d:39:30:f2:d7:de:66:eb:82:a1:c4:c2:de:d5:6b:
         65:39:d2:8f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBBWkjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YmEyYmU5ODQzOGI5OGVlNjhhMGQxYjhjNDE0NDUyMGJkMGE2MjNkMB4XDTIyMDEw
MTEwMDI1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU1MjE1ZWJlNTNh
YTgxZjA2ZDY2ZGFkYTkxNmZlMzAwMmU5NTk3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKa9rc141IkUi3YCcgl1XQVGY7aDLyelkh/XK9r7Sg5s0SRT
OTtSyEQseSkUiDn8f2VEIp5TYZ96uELvx/OCRSDLyCJietoYYln8/mgaMNxKBtaL
G/CUyvHcll2CWJjDu5zZE0RHJIJmT5Bs8QAeHJ5EmTqash5BSRD7rQGEqnLGBp8y
rRgsNRb8dBEjiDDeU0UiwHY0f17lsCx2yRsq8pnR1Wn+7cBqTPnrteGzK85x3FrL
7i2+9sYFSmFMo3r8rpqswKRtoSawHd4ircC3uKqmEwyj0sSiyMxvEc/n/GLIC0o8
5q2Fds9qliJDOnHq8cGmzpo8ibcijuH5zGFtkkECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSlUhXr5TqoHwbWba2pFv4wAulZeDAfBgNVHSMEGDAWgBR7or6YQ4uY7mig
0bjEFEUgvQpiPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2U2Sy1tRU9MbU81b29ORzR4QlJGSUwwS1lqMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvODQ1ZTc2LTljMmQtNGFmZi05MmFmLTQ5MzViM2Y1YzIwOS8x
L3BWSVY2LVU2cUI4RzFtMnRxUmItTUFMcFdYZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
ODQ1ZTc2LTljMmQtNGFmZi05MmFmLTQ5MzViM2Y1YzIwOS8xL2U2Sy1tRU9MbU81
b29ORzR4QlJGSUwwS1lqMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1S7DANBgkqhkiG9w0BAQsFAAOC
AQEAkoSwSLr7egJ3WJ/DQGC2YH+95iC1FRFJdioVOkON1tjO3THI983QIYw4NP4P
6BaT/+noEnjeiECRmt5AriuWDW/MxAg5lmuR+YznERoj+D0AsFmquQ0xhsN3ESkf
4hnwZMtSDQTVUqMGgTnECrVS0tom0jg7naS3FCLW4CMePsNKkx33M4aowv78pvhJ
HXzUHV+72XnLMnTY6AuSu36EK2jFKjMlf+3pUqHNQK4h6uRCZcRZ9gnW3fyFmqEs
kpYK0cbl83+jekIMDEwxu47Eh3X9EjJaMD7rTguCf7Vs12iXbqLaFQSWiJWRr6Pz
DTkw8tfeZuuCocTC3tVrZTnSjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:28 2024 by rpki-client on console-ams.rpki-client.org