Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/d3558d-9057-47db-9959-3060b36b8506/1/Z5pDjkiGYYwmtlTS9cTj9Qzcevo.roa
File:                     Z5pDjkiGYYwmtlTS9cTj9Qzcevo.roa (raw, json)
Hash identifier:          GnYAs0Mar76ZADV+WWyEVhIy45yFvKqHcxrEkIPpqpA=
Subject key identifier:   67:9A:43:8E:48:86:61:8C:26:B6:54:D2:F5:C4:E3:F5:0C:DC:7A:FA
Certificate issuer:       /CN=750ffb6552d58ae774ba424d5527b350624faafc
Certificate serial:       06CD4970
Authority key identifier: 75:0F:FB:65:52:D5:8A:E7:74:BA:42:4D:55:27:B3:50:62:4F:AA:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dQ_7ZVLViud0ukJNVSezUGJPqvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/d3558d-9057-47db-9959-3060b36b8506/1/Z5pDjkiGYYwmtlTS9cTj9Qzcevo.roa
Signing time:             Sat 01 Jan 2022 02:52:24 +0000
ROA not before:           Sat 01 Jan 2022 02:52:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39328
IP address blocks:        45.67.180.0/22 maxlen: 24
                          185.154.252.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114116976 (0x6cd4970)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=750ffb6552d58ae774ba424d5527b350624faafc
        Validity
            Not Before: Jan  1 02:52:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=679a438e4886618c26b654d2f5c4e3f50cdc7afa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:6e:07:90:00:9b:ff:8c:57:f4:a9:3e:00:36:
                    d7:d8:69:06:f7:bb:b1:b0:1c:6a:1b:d3:19:3d:a1:
                    7a:80:a1:fe:25:37:d6:86:07:04:e4:6b:b1:c2:d9:
                    6e:fa:a3:c2:88:75:65:a6:fd:e2:59:36:d2:ff:84:
                    ac:96:b9:e9:b8:6d:ac:3a:e8:a6:da:c0:6a:a5:9c:
                    e4:0a:41:ae:ca:ce:70:cd:7c:11:06:71:7c:83:09:
                    ed:5b:aa:63:be:8d:4e:3d:dd:23:4e:b5:0f:7a:67:
                    6f:66:48:f9:64:89:36:ca:91:bd:3b:40:aa:bc:93:
                    f2:1c:de:8a:5e:a9:ba:55:bd:dc:a8:a8:2b:84:c5:
                    cd:23:f7:a8:af:01:9f:a3:06:cc:cd:53:81:11:cc:
                    0d:a1:73:82:1e:db:9a:90:3f:cc:34:5b:68:a4:96:
                    c1:30:82:22:c9:b8:70:45:22:ed:cf:ac:b2:7a:13:
                    b1:60:86:ad:41:26:44:3e:22:8f:44:cd:f3:13:30:
                    78:0a:62:5d:55:36:a6:43:24:38:0c:aa:25:3f:eb:
                    21:2a:4b:e5:34:db:3d:65:6c:d2:77:a8:f3:a8:65:
                    10:e7:a1:02:86:d2:46:c4:02:e5:58:a9:42:c9:93:
                    c8:94:79:d8:2f:53:46:41:69:28:b9:61:44:76:cc:
                    73:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:9A:43:8E:48:86:61:8C:26:B6:54:D2:F5:C4:E3:F5:0C:DC:7A:FA
            X509v3 Authority Key Identifier:
                keyid:75:0F:FB:65:52:D5:8A:E7:74:BA:42:4D:55:27:B3:50:62:4F:AA:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQ_7ZVLViud0ukJNVSezUGJPqvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d3558d-9057-47db-9959-3060b36b8506/1/Z5pDjkiGYYwmtlTS9cTj9Qzcevo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d3558d-9057-47db-9959-3060b36b8506/1/dQ_7ZVLViud0ukJNVSezUGJPqvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.180.0/22
                  185.154.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:06:b5:12:9b:4c:a5:79:15:1c:14:c8:74:6e:99:b7:3e:05:
         68:99:f9:07:7c:a0:d5:95:77:43:f8:82:0a:69:e5:3d:8c:af:
         bb:3c:2f:19:fa:f2:5a:64:07:ed:d8:8b:af:d4:74:a2:70:7b:
         c9:18:6c:9a:55:8c:7e:99:35:25:d6:68:ef:c7:f0:f1:0b:35:
         09:8f:d4:7e:79:8c:ca:6a:b8:ce:6d:de:e8:31:5d:a4:a3:f8:
         d3:e0:fc:fc:00:53:3a:53:29:3b:b1:85:2f:f5:b6:6f:71:e4:
         c9:23:33:33:00:de:82:8a:04:7f:41:b0:41:e0:07:c2:25:46:
         4a:c6:d7:8a:ff:6e:e5:6d:78:0d:d5:78:ff:95:e3:f7:03:51:
         a6:0d:47:73:23:f5:23:68:80:ec:bd:3a:db:d0:b8:b1:2e:49:
         8b:9e:fe:55:46:ff:e5:dd:c3:1b:50:4b:f1:d2:c9:8e:13:56:
         60:93:14:da:18:ac:78:6d:90:ac:77:af:62:b4:fd:f7:26:68:
         98:cb:a3:b7:f3:1a:00:51:d6:3e:ae:8f:1e:e8:c2:0b:6a:9b:
         5d:02:80:6e:2e:bd:6e:6c:ef:0f:54:50:9c:a6:58:a6:53:81:
         9f:da:73:98:26:1d:e6:70:ca:4f:ca:67:b1:9d:4a:b8:d9:dc:
         0e:a6:49:a4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBs1JcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTBmZmI2NTUyZDU4YWU3NzRiYTQyNGQ1NTI3YjM1MDYyNGZhYWZjMB4XDTIyMDEw
MTAyNTIyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc5YTQzOGU0ODg2
NjE4YzI2YjY1NGQyZjVjNGUzZjUwY2RjN2FmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtuB5AAm/+MV/SpPgA219hpBve7sbAcahvTGT2heoCh/iU3
1oYHBORrscLZbvqjwoh1Zab94lk20v+ErJa56bhtrDroptrAaqWc5ApBrsrOcM18
EQZxfIMJ7VuqY76NTj3dI061D3pnb2ZI+WSJNsqRvTtAqryT8hzeil6pulW93Kio
K4TFzSP3qK8Bn6MGzM1TgRHMDaFzgh7bmpA/zDRbaKSWwTCCIsm4cEUi7c+ssnoT
sWCGrUEmRD4ij0TN8xMweApiXVU2pkMkOAyqJT/rISpL5TTbPWVs0neo86hlEOeh
AobSRsQC5VipQsmTyJR52C9TRkFpKLlhRHbMc5cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRnmkOOSIZhjCa2VNL1xOP1DNx6+jAfBgNVHSMEGDAWgBR1D/tlUtWK53S6
Qk1VJ7NQYk+q/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RRXzdaVkxWaXVkMHVrSk5WU2V6VUdKUHF2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvZDM1NThkLTkwNTctNDdkYi05OTU5LTMwNjBiMzZiODUwNi8x
L1o1cERqa2lHWVl3bXRsVFM5Y1RqOVF6Y2V2by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
ZDM1NThkLTkwNTctNDdkYi05OTU5LTMwNjBiMzZiODUwNi8xL2RRXzdaVkxWaXVk
MHVrSk5WU2V6VUdKUHF2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi1DtAMEArma/DANBgkqhkiG9w0B
AQsFAAOCAQEAdga1EptMpXkVHBTIdG6Ztz4FaJn5B3yg1ZV3Q/iCCmnlPYyvuzwv
GfryWmQH7diLr9R0onB7yRhsmlWMfpk1JdZo78fw8Qs1CY/UfnmMymq4zm3e6DFd
pKP40+D8/ABTOlMpO7GFL/W2b3HkySMzMwDegooEf0GwQeAHwiVGSsbXiv9u5W14
DdV4/5Xj9wNRpg1HcyP1I2iA7L0629C4sS5Ji57+VUb/5d3DG1BL8dLJjhNWYJMU
2hiseG2QrHevYrT99yZomMujt/MaAFHWPq6PHujCC2qbXQKAbi69bmzvD1RQnKZY
plOBn9pzmCYd5nDKT8pnsZ1KuNncDqZJpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org