Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/C_8H4thTsbyVF1KLWLAtaJm8k9Q.roa
File:                     C_8H4thTsbyVF1KLWLAtaJm8k9Q.roa (raw, json)
Hash identifier:          fn5YohFybW67b5kTl0aOkdU1iY79ftKho7tK1q/mfQ0=
Subject key identifier:   0B:FF:07:E2:D8:53:B1:BC:95:17:52:8B:58:B0:2D:68:99:BC:93:D4
Certificate issuer:       /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial:       0178057B
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/C_8H4thTsbyVF1KLWLAtaJm8k9Q.roa
Signing time:             Fri 17 Jun 2022 06:17:41 +0000
ROA not before:           Fri 17 Jun 2022 06:17:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        45.156.145.0/24 maxlen: 24
                          45.156.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24642939 (0x178057b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
        Validity
            Not Before: Jun 17 06:17:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0bff07e2d853b1bc9517528b58b02d6899bc93d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:99:b8:d3:0e:57:1b:2b:89:76:26:c3:ce:4e:
                    10:78:66:58:b9:fe:24:1b:27:b7:6c:b4:29:36:9e:
                    7c:94:65:04:32:c9:c0:a1:2c:63:0f:c3:58:91:e6:
                    3c:e6:8d:8f:1f:99:7b:7d:3b:01:0a:30:f6:d6:96:
                    77:aa:c6:71:00:fb:b2:0f:25:f2:63:56:75:d4:b5:
                    4e:a6:1d:86:c1:9a:5a:99:96:e7:bf:be:28:65:ff:
                    50:20:b8:2a:1d:4d:48:15:94:5c:ed:3b:92:d6:1a:
                    82:56:10:89:70:4c:f7:a8:ab:64:09:41:89:03:de:
                    e0:da:1b:ee:9a:f8:70:93:42:33:86:29:b9:41:ae:
                    1a:be:10:cc:e0:6c:a7:3d:13:18:ec:1e:cf:88:c9:
                    82:4c:5e:99:74:b0:da:09:18:ca:bc:2f:97:8f:98:
                    2f:be:09:e4:18:1c:71:a3:36:c9:33:1c:72:3b:68:
                    87:7f:48:86:de:7d:2a:e0:ba:19:64:3b:c8:5c:e3:
                    ed:4b:92:8f:81:57:4e:9e:f2:45:3a:b8:9e:e0:af:
                    7f:ab:e7:b6:06:a4:30:83:86:53:29:93:6f:d9:35:
                    2f:b0:ca:0a:5c:c4:2b:78:78:0c:7d:53:1a:0f:d7:
                    1b:4e:9f:8d:d9:a0:f1:e7:54:91:72:9d:6a:86:a4:
                    27:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:FF:07:E2:D8:53:B1:BC:95:17:52:8B:58:B0:2D:68:99:BC:93:D4
            X509v3 Authority Key Identifier:
                keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/C_8H4thTsbyVF1KLWLAtaJm8k9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.145.0-45.156.146.255

    Signature Algorithm: sha256WithRSAEncryption
         b0:34:5f:f4:fc:0d:f0:13:94:d3:83:f4:73:22:9b:56:d6:44:
         38:0e:c4:ab:bb:c1:d7:89:85:d8:8d:d1:ac:5a:e9:87:76:35:
         00:29:83:bf:ce:de:b4:bb:fa:5f:93:9b:82:3b:08:67:d8:ed:
         48:45:f8:fd:48:64:d1:56:f3:c6:7c:da:ec:d6:1c:4e:9a:10:
         3b:b1:79:10:8b:b9:ee:71:ac:be:9b:13:b0:3d:82:01:cf:61:
         9b:a6:b2:9e:9c:ff:06:2e:1a:6a:fc:16:de:5e:54:22:9f:88:
         46:6a:9f:df:33:a9:00:e2:3b:61:80:d0:88:d1:94:00:a4:1d:
         c9:10:f7:d2:f4:71:9b:5b:f6:5f:aa:3c:95:9c:eb:b5:48:2c:
         84:0f:99:ba:5f:19:ba:4b:e9:57:57:cb:e1:d7:0c:3a:e6:fc:
         42:f7:98:7b:f1:5e:d2:0b:a9:ac:53:e6:6b:bc:1f:97:2d:8e:
         aa:86:71:e7:2d:fb:39:a5:8c:ce:1c:88:ba:01:38:29:e1:35:
         a8:71:55:c9:75:0b:71:52:83:08:55:93:c4:8d:83:5a:d1:c6:
         57:f9:70:15:58:7d:16:e4:1a:2d:2f:df:22:36:f5:4d:c4:b0:
         bd:2e:c9:4c:44:e0:02:62:5f:7f:fe:21:1d:a7:1f:05:d7:2b:
         63:a6:b4:c1
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAXgFezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTdmMDM2ZTI1OTIzOTFmYjQ1YTNkZDMzY2FmMGIwNzk1Njk3M2NmMB4XDTIyMDYx
NzA2MTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJmZjA3ZTJkODUz
YjFiYzk1MTc1MjhiNThiMDJkNjg5OWJjOTNkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqZuNMOVxsriXYmw85OEHhmWLn+JBsnt2y0KTaefJRlBDLJ
wKEsYw/DWJHmPOaNjx+Ze307AQow9taWd6rGcQD7sg8l8mNWddS1TqYdhsGaWpmW
57++KGX/UCC4Kh1NSBWUXO07ktYaglYQiXBM96irZAlBiQPe4Nob7pr4cJNCM4Yp
uUGuGr4QzOBspz0TGOwez4jJgkxemXSw2gkYyrwvl4+YL74J5BgccaM2yTMccjto
h39Iht59KuC6GWQ7yFzj7UuSj4FXTp7yRTq4nuCvf6vntgakMIOGUymTb9k1L7DK
ClzEK3h4DH1TGg/XG06fjdmg8edUkXKdaoakJ08CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQL/wfi2FOxvJUXUotYsC1ombyT1DAfBgNVHSMEGDAWgBQafwNuJZI5H7Ra
PdM8rwsHlWlzzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0duOERiaVdTT1ItMFdqM1RQSzhMQjVWcGM4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvMjRiZTFhLTE2ZGEtNDgxYy04YmNiLTM0MGQ2MjVjNmRiYS8x
L0NfOEg0dGhUc2J5VkYxS0xXTEF0YUptOGs5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
MjRiZTFhLTE2ZGEtNDgxYy04YmNiLTM0MGQ2MjVjNmRiYS8xL0duOERiaVdTT1It
MFdqM1RQSzhMQjVWcGM4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQALZyRAwQALZySMA0GCSqGSIb3
DQEBCwUAA4IBAQCwNF/0/A3wE5TTg/RzIptW1kQ4DsSru8HXiYXYjdGsWumHdjUA
KYO/zt60u/pfk5uCOwhn2O1IRfj9SGTRVvPGfNrs1hxOmhA7sXkQi7nucay+mxOw
PYIBz2GbprKenP8GLhpq/BbeXlQin4hGap/fM6kA4jthgNCI0ZQApB3JEPfS9HGb
W/ZfqjyVnOu1SCyED5m6Xxm6S+lXV8vh1ww65vxC95h78V7SC6msU+ZrvB+XLY6q
hnHnLfs5pYzOHIi6ATgp4TWocVXJdQtxUoMIVZPEjYNa0cZX+XAVWH0W5BotL98i
NvVNxLC9LslMROACYl9//iEdpx8F1ytjprTB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-fra.rpki-client.org