Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/MUP0SuelaLwxFHXwgpGRPitrPrs.roa
File:                     MUP0SuelaLwxFHXwgpGRPitrPrs.roa (raw, json)
Hash identifier:          Hwp8qxfH5m4wDom8Yeiqt2AvuwOMvdbB+r6SQ5X/lgg=
Subject key identifier:   31:43:F4:4A:E7:A5:68:BC:31:14:75:F0:82:91:91:3E:2B:6B:3E:BB
Certificate issuer:       /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial:       01788AAE
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/MUP0SuelaLwxFHXwgpGRPitrPrs.roa
Signing time:             Fri 17 Jun 2022 06:17:42 +0000
ROA not before:           Fri 17 Jun 2022 06:17:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398465
IP address blocks:        45.156.145.0/24 maxlen: 24
                          45.156.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24677038 (0x1788aae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
        Validity
            Not Before: Jun 17 06:17:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3143f44ae7a568bc311475f08291913e2b6b3ebb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:5a:cb:bf:a5:26:f4:0c:67:10:92:5d:4d:c1:
                    58:66:0f:5a:b3:d7:cc:9f:af:ba:b2:79:c4:f8:7a:
                    10:db:56:d5:b7:54:c9:4c:3c:26:d2:02:83:67:a9:
                    3f:f4:87:09:9c:5f:6c:1f:20:68:e3:bb:d5:09:d5:
                    d4:77:b2:c2:07:e4:ae:22:76:ba:cc:2e:6a:c0:99:
                    4e:94:29:3b:6d:a8:31:c7:53:3d:79:65:60:b3:25:
                    14:b9:69:97:86:9d:35:3d:97:27:bc:57:01:39:d4:
                    73:2f:de:10:8b:08:45:86:8e:cd:ed:50:33:43:83:
                    e1:1c:b7:1c:aa:dc:dd:39:9a:1d:d8:d7:fd:54:62:
                    0f:80:6f:a3:a7:f3:37:0a:24:78:98:df:76:d3:35:
                    28:14:f7:5f:87:ba:fa:d6:07:35:ae:ef:9b:6d:ad:
                    bb:e0:c8:1d:97:a3:4e:46:a6:fd:19:5f:83:c6:11:
                    b4:f3:9d:44:bb:11:2b:c7:ef:21:d2:f6:8a:4a:56:
                    9f:ea:a4:77:f3:19:cb:1b:70:47:a5:57:12:d1:d0:
                    f8:38:4e:92:d9:61:c2:26:ad:98:4c:67:ab:13:78:
                    69:13:5a:41:e5:52:44:90:8e:83:97:05:10:5b:1f:
                    49:9e:5a:68:ad:39:85:5a:26:28:d9:cf:19:cc:7c:
                    f6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:43:F4:4A:E7:A5:68:BC:31:14:75:F0:82:91:91:3E:2B:6B:3E:BB
            X509v3 Authority Key Identifier:
                keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/MUP0SuelaLwxFHXwgpGRPitrPrs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.145.0-45.156.146.255

    Signature Algorithm: sha256WithRSAEncryption
         a6:b2:ee:5a:ad:fb:85:8b:de:5e:c1:bb:50:54:5f:e1:c2:8a:
         a3:a8:f6:d6:ff:74:b0:d7:07:51:8b:f8:eb:a4:85:22:bc:d5:
         05:0b:c9:a2:59:1a:0a:30:69:eb:37:69:cb:9f:62:0d:a0:57:
         56:49:2f:66:74:1c:e1:02:e1:f0:d7:b2:f2:42:4c:39:fd:10:
         d5:b5:f5:2e:12:32:8e:a5:4f:5a:a8:96:4a:32:44:0e:b5:df:
         4d:c0:fc:ee:3f:4e:bc:a8:ce:af:2a:6b:e2:da:db:d7:86:b4:
         bd:89:51:f7:0c:03:00:0f:ef:69:a9:19:89:d6:a1:02:64:b9:
         c6:1e:f3:27:f0:4e:6f:9f:99:17:ab:32:aa:6d:a4:72:d6:cc:
         44:28:5b:25:e6:8d:48:a1:f0:29:23:bb:91:c2:17:9d:2f:1f:
         54:8c:54:c2:63:89:dd:6d:33:c2:d9:1d:7c:9b:8f:14:04:1d:
         01:93:99:a1:27:95:6b:7e:90:b9:99:92:63:57:3b:dc:ba:10:
         ba:f0:46:91:36:b7:5a:b9:2a:89:7a:c4:9b:41:20:da:56:df:
         f0:3e:68:42:9d:1f:07:4a:cd:90:d2:be:42:ae:b4:8f:0e:77:
         c2:b0:99:2c:a6:7c:ba:91:45:5c:a5:78:30:d8:13:be:17:5c:
         8b:0e:18:ad
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAXiKrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTdmMDM2ZTI1OTIzOTFmYjQ1YTNkZDMzY2FmMGIwNzk1Njk3M2NmMB4XDTIyMDYx
NzA2MTc0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE0M2Y0NGFlN2E1
NjhiYzMxMTQ3NWYwODI5MTkxM2UyYjZiM2ViYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhay7+lJvQMZxCSXU3BWGYPWrPXzJ+vurJ5xPh6ENtW1bdU
yUw8JtICg2epP/SHCZxfbB8gaOO71QnV1HeywgfkriJ2uswuasCZTpQpO22oMcdT
PXllYLMlFLlpl4adNT2XJ7xXATnUcy/eEIsIRYaOze1QM0OD4Ry3HKrc3TmaHdjX
/VRiD4Bvo6fzNwokeJjfdtM1KBT3X4e6+tYHNa7vm22tu+DIHZejTkam/Rlfg8YR
tPOdRLsRK8fvIdL2ikpWn+qkd/MZyxtwR6VXEtHQ+DhOktlhwiatmExnqxN4aRNa
QeVSRJCOg5cFEFsfSZ5aaK05hVomKNnPGcx89sECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQxQ/RK56VovDEUdfCCkZE+K2s+uzAfBgNVHSMEGDAWgBQafwNuJZI5H7Ra
PdM8rwsHlWlzzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0duOERiaVdTT1ItMFdqM1RQSzhMQjVWcGM4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvMjRiZTFhLTE2ZGEtNDgxYy04YmNiLTM0MGQ2MjVjNmRiYS8x
L01VUDBTdWVsYUx3eEZIWHdncEdSUGl0clBycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
MjRiZTFhLTE2ZGEtNDgxYy04YmNiLTM0MGQ2MjVjNmRiYS8xL0duOERiaVdTT1It
MFdqM1RQSzhMQjVWcGM4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQALZyRAwQALZySMA0GCSqGSIb3
DQEBCwUAA4IBAQCmsu5arfuFi95ewbtQVF/hwoqjqPbW/3Sw1wdRi/jrpIUivNUF
C8miWRoKMGnrN2nLn2INoFdWSS9mdBzhAuHw17LyQkw5/RDVtfUuEjKOpU9aqJZK
MkQOtd9NwPzuP068qM6vKmvi2tvXhrS9iVH3DAMAD+9pqRmJ1qECZLnGHvMn8E5v
n5kXqzKqbaRy1sxEKFsl5o1IofApI7uRwhedLx9UjFTCY4ndbTPC2R18m48UBB0B
k5mhJ5VrfpC5mZJjVzvcuhC68EaRNrdauSqJesSbQSDaVt/wPmhCnR8HSs2Q0r5C
rrSPDnfCsJkspny6kUVcpXgw2BO+F1yLDhit
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:53 2023 by rpki-client on console-ams.rpki-client.org