Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d12e2b-4a4a-4d9e-bbc6-72075b203efb/1/SG2RbtOE3TjJtCkcA0uUrp7kvRw.roa
File:                     SG2RbtOE3TjJtCkcA0uUrp7kvRw.roa (raw, json)
Hash identifier:          Re3UCJKYPYvUZ5deTzw905mnzW1ghA8MEka9teP4G0g=
Subject key identifier:   48:6D:91:6E:D3:84:DD:38:C9:B4:29:1C:03:4B:94:AE:9E:E4:BD:1C
Certificate issuer:       /CN=839c87178ff28099472f2f7fe9716bfc13b68240
Certificate serial:       02BDBE8E
Authority key identifier: 83:9C:87:17:8F:F2:80:99:47:2F:2F:7F:E9:71:6B:FC:13:B6:82:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g5yHF4_ygJlHLy9_6XFr_BO2gkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/d12e2b-4a4a-4d9e-bbc6-72075b203efb/1/SG2RbtOE3TjJtCkcA0uUrp7kvRw.roa
Signing time:             Sat 01 Jan 2022 08:58:10 +0000
ROA not before:           Sat 01 Jan 2022 08:58:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     26636
IP address blocks:        45.157.160.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45989518 (0x2bdbe8e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=839c87178ff28099472f2f7fe9716bfc13b68240
        Validity
            Not Before: Jan  1 08:58:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=486d916ed384dd38c9b4291c034b94ae9ee4bd1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:09:fe:4a:57:ef:c7:aa:05:28:ba:61:46:77:
                    0e:df:df:7c:f5:05:13:97:5a:d7:12:f7:39:45:92:
                    d1:cd:af:37:a2:76:0a:5b:67:f1:57:ed:cb:ab:dd:
                    71:3c:27:b6:af:b1:17:19:d2:90:18:23:09:c2:fa:
                    b1:92:ef:c8:33:99:62:55:c2:c5:3b:a6:ff:c0:b9:
                    67:3a:62:e2:0d:cf:d9:b1:2d:80:92:4f:f1:87:6b:
                    31:b9:4d:dd:b1:1b:19:2a:e0:7d:13:32:5d:70:c3:
                    93:a3:4d:fb:fe:20:92:5b:a9:c7:4f:50:3f:77:55:
                    34:f7:74:cc:de:93:e1:a0:03:52:c5:5e:ed:b2:31:
                    a6:47:82:1e:21:e6:36:80:74:ae:b5:23:cc:e8:fe:
                    49:9b:74:df:c1:73:bf:b0:ac:d5:4e:2b:68:ca:90:
                    31:99:25:c9:99:3c:63:8b:4a:af:da:34:c7:d0:6a:
                    f1:1c:e4:25:70:63:89:ab:8d:42:13:1f:eb:7a:fc:
                    18:a3:b8:8e:e6:e2:0f:b0:72:25:46:51:f6:59:e7:
                    72:89:39:fc:f3:8d:1a:a0:27:6b:44:13:10:70:ab:
                    bc:14:8e:1d:f5:a4:0b:72:0b:c7:aa:27:70:6d:9b:
                    a2:d9:3f:4d:50:06:c1:07:4d:34:d2:9a:e5:d7:92:
                    3f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:6D:91:6E:D3:84:DD:38:C9:B4:29:1C:03:4B:94:AE:9E:E4:BD:1C
            X509v3 Authority Key Identifier:
                keyid:83:9C:87:17:8F:F2:80:99:47:2F:2F:7F:E9:71:6B:FC:13:B6:82:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5yHF4_ygJlHLy9_6XFr_BO2gkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d12e2b-4a4a-4d9e-bbc6-72075b203efb/1/SG2RbtOE3TjJtCkcA0uUrp7kvRw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d12e2b-4a4a-4d9e-bbc6-72075b203efb/1/g5yHF4_ygJlHLy9_6XFr_BO2gkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:58:9e:0f:c6:9c:b0:88:f6:84:09:df:7d:fe:9c:c3:62:bf:
         c2:5f:4a:7e:7d:69:0d:68:d2:fc:6b:fb:23:da:24:88:4c:ab:
         ff:f3:70:30:ec:ec:20:b6:d8:e4:ad:0e:e9:ef:93:1e:32:3c:
         31:69:8b:f1:5e:74:05:7d:ff:92:d1:d7:a3:9b:4a:6c:20:61:
         fd:63:90:b5:65:9d:c1:9a:b1:c4:a8:c0:20:35:c0:7f:de:f6:
         cd:04:bc:d5:01:39:e2:d8:01:70:94:6a:28:81:bb:c0:4c:f2:
         22:64:9e:32:9d:6a:6b:7b:91:3c:ce:37:32:28:97:7b:95:a0:
         e6:5d:4f:54:bc:f7:0b:01:e2:c5:ef:80:91:b2:bb:92:a8:2d:
         a3:04:da:6f:e5:d7:35:6d:18:81:50:68:3d:aa:0c:bc:a0:af:
         49:a4:9b:f5:b2:7a:c5:60:f6:9a:1c:be:60:d3:95:4f:45:69:
         b1:4c:e6:62:70:c5:d6:81:8a:c4:38:e0:84:53:a1:df:a9:0c:
         3c:b1:0b:84:9f:c5:c0:ad:14:95:4d:74:d5:0a:39:78:8b:2c:
         56:21:6c:c2:4f:34:16:51:ab:c0:64:4f:9c:99:da:8f:b4:74:
         9d:2e:d3:6a:c6:d0:25:cd:f6:5e:4f:03:82:7b:a9:53:c5:e7:
         ab:0d:bd:55
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAr2+jjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzljODcxNzhmZjI4MDk5NDcyZjJmN2ZlOTcxNmJmYzEzYjY4MjQwMB4XDTIyMDEw
MTA4NTgxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg2ZDkxNmVkMzg0
ZGQzOGM5YjQyOTFjMDM0Yjk0YWU5ZWU0YmQxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsJ/kpX78eqBSi6YUZ3Dt/ffPUFE5da1xL3OUWS0c2vN6J2
Cltn8Vfty6vdcTwntq+xFxnSkBgjCcL6sZLvyDOZYlXCxTum/8C5Zzpi4g3P2bEt
gJJP8YdrMblN3bEbGSrgfRMyXXDDk6NN+/4gklupx09QP3dVNPd0zN6T4aADUsVe
7bIxpkeCHiHmNoB0rrUjzOj+SZt038Fzv7Cs1U4raMqQMZklyZk8Y4tKr9o0x9Bq
8RzkJXBjiauNQhMf63r8GKO4jubiD7ByJUZR9lnncok5/PONGqAna0QTEHCrvBSO
HfWkC3ILx6oncG2botk/TVAGwQdNNNKa5deSPyUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRIbZFu04TdOMm0KRwDS5SunuS9HDAfBgNVHSMEGDAWgBSDnIcXj/KAmUcv
L3/pcWv8E7aCQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2c1eUhGNF95Z0psSEx5OV82WEZyX0JPMmdrQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvZDEyZTJiLTRhNGEtNGQ5ZS1iYmM2LTcyMDc1YjIwM2VmYi8x
L1NHMlJidE9FM1RqSnRDa2NBMHVVcnA3a3ZSdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
ZDEyZTJiLTRhNGEtNGQ5ZS1iYmM2LTcyMDc1YjIwM2VmYi8xL2c1eUhGNF95Z0ps
SEx5OV82WEZyX0JPMmdrQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2doDANBgkqhkiG9w0BAQsFAAOC
AQEAS1ieD8acsIj2hAnfff6cw2K/wl9Kfn1pDWjS/Gv7I9okiEyr//NwMOzsILbY
5K0O6e+THjI8MWmL8V50BX3/ktHXo5tKbCBh/WOQtWWdwZqxxKjAIDXAf972zQS8
1QE54tgBcJRqKIG7wEzyImSeMp1qa3uRPM43MiiXe5Wg5l1PVLz3CwHixe+AkbK7
kqgtowTab+XXNW0YgVBoPaoMvKCvSaSb9bJ6xWD2mhy+YNOVT0VpsUzmYnDF1oGK
xDjghFOh36kMPLELhJ/FwK0UlU101Qo5eIssViFswk80FlGrwGRPnJnaj7R0nS7T
asbQJc32Xk8DgnupU8Xnqw29VQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:21 2023 by rpki-client on console-ams.rpki-client.org