Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/0v3zhFaHmNVwTE-PK7Cu6v2jiBY.roa
File:                     0v3zhFaHmNVwTE-PK7Cu6v2jiBY.roa (raw, json)
Hash identifier:          HzR3fDtWuaL4/Kt/lLwHzsOu84FTw1RTe7voWKPvA/s=
Subject key identifier:   D2:FD:F3:84:56:87:98:D5:70:4C:4F:8F:2B:B0:AE:EA:FD:A3:88:16
Certificate issuer:       /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial:       018335457FBA03921567983C7BB32F3996AD
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/0v3zhFaHmNVwTE-PK7Cu6v2jiBY.roa
Signing time:             Tue 13 Sep 2022 05:14:50 +0000
ROA not before:           Tue 13 Sep 2022 05:14:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207990
IP address blocks:        45.156.224.0/22 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:35:45:7f:ba:03:92:15:67:98:3c:7b:b3:2f:39:96:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
        Validity
            Not Before: Sep 13 05:14:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d2fdf384568798d5704c4f8f2bb0aeeafda38816
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d0:07:78:da:3d:da:4d:33:b9:f5:69:a8:1f:
                    ab:1f:32:77:53:93:43:a3:ac:f5:8d:96:48:2a:dc:
                    83:41:e7:6c:8b:55:9e:8a:ed:f7:b2:c8:18:ce:ee:
                    97:5f:b2:07:16:6b:15:83:5f:4d:e5:76:9f:ed:96:
                    5a:15:64:1d:5c:c9:f3:2b:5b:28:f9:7d:34:86:a2:
                    d0:43:60:a3:55:24:21:1c:50:f6:66:da:cb:de:e5:
                    5a:a2:cd:32:aa:6e:05:d2:bb:7a:86:80:d3:e2:bc:
                    6f:d9:be:7e:45:a8:ae:4f:52:4d:c1:b5:e7:7d:23:
                    34:a8:20:fb:f1:bd:40:5d:38:e9:db:6c:25:a0:73:
                    66:2d:e8:92:3c:56:a7:64:b5:4f:dc:e0:3d:ad:ce:
                    60:67:cb:12:1d:b4:a6:b1:66:8e:52:ab:2c:be:00:
                    c7:49:b6:be:14:0c:21:75:8f:1a:8d:b0:c7:49:77:
                    4c:58:0d:56:87:34:a7:fb:3e:24:d3:16:e3:2d:39:
                    39:46:9c:28:fa:17:bb:07:f0:6f:55:ca:1e:60:16:
                    e7:15:5d:61:d6:6d:0a:70:57:17:37:7d:81:4f:16:
                    7a:cd:9c:e3:45:82:61:f2:47:ba:ca:da:3e:fb:9f:
                    fe:5a:b2:9b:92:3a:d6:fa:a6:cb:34:9a:5a:1c:4b:
                    dd:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:FD:F3:84:56:87:98:D5:70:4C:4F:8F:2B:B0:AE:EA:FD:A3:88:16
            X509v3 Authority Key Identifier:
                keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/0v3zhFaHmNVwTE-PK7Cu6v2jiBY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         98:31:51:49:58:a6:36:97:e6:d5:24:38:48:1d:ec:99:74:c5:
         28:21:95:2a:6c:e0:62:83:7d:fb:ac:2a:1e:82:e4:0d:a8:00:
         7d:49:e0:66:d4:8e:32:16:78:7f:06:ad:45:b7:d3:27:7e:bf:
         9a:70:3f:b0:d3:11:f3:45:2d:6b:2a:89:da:90:5f:c6:79:98:
         a6:f6:80:6a:61:dd:fc:e4:cc:96:65:fd:6e:e9:b6:c1:18:46:
         99:4f:ca:60:4b:8d:6f:2f:a7:7c:2b:df:cb:85:20:7f:0b:85:
         f3:bc:95:4c:53:cc:4c:d9:76:be:b5:b7:3a:af:ae:2e:8d:04:
         b9:1b:ab:4a:75:5b:96:9f:be:47:a8:d2:9b:8d:a0:6b:bb:0d:
         7f:ec:11:c4:82:27:c9:15:24:f8:3c:57:e7:2d:21:54:24:6b:
         f7:63:44:d4:e3:0a:75:5f:5a:02:ab:5f:86:09:d3:62:3a:38:
         1c:10:19:8a:e2:57:50:b4:23:19:c9:35:00:da:89:27:5a:00:
         cd:1f:30:7d:4b:4b:84:9a:51:d2:2d:ed:96:eb:1a:f5:83:e0:
         d6:50:94:90:be:03:bb:5a:b0:13:d2:20:42:4d:48:9e:40:52:
         34:a1:fc:26:14:c2:bc:bc:fa:7c:dd:ca:d8:b7:f4:99:d5:97:
         cc:18:b7:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM1RX+6A5IVZ5g8e7MvOZatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjIwOTEzMDUxNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZkZjM4NDU2ODc5OGQ1NzA0YzRmOGYyYmIwYWVlYWZkYTM4ODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9AHeNo92k0zufVpqB+rHzJ3U5ND
o6z1jZZIKtyDQedsi1Weiu33ssgYzu6XX7IHFmsVg19N5Xaf7ZZaFWQdXMnzK1so
+X00hqLQQ2CjVSQhHFD2ZtrL3uVaos0yqm4F0rt6hoDT4rxv2b5+RaiuT1JNwbXn
fSM0qCD78b1AXTjp22wloHNmLeiSPFanZLVP3OA9rc5gZ8sSHbSmsWaOUqssvgDH
Sba+FAwhdY8ajbDHSXdMWA1WhzSn+z4k0xbjLTk5Rpwo+he7B/BvVcoeYBbnFV1h
1m0KcFcXN32BTxZ6zZzjRYJh8ke6yto++5/+WrKbkjrW+qbLNJpaHEvdrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNL984RWh5jVcExPjyuwrur9o4gWMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvMHYzemhGYUhtTlZ3VEUtUEs3Q3U2djJqaUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZzgMA0G
CSqGSIb3DQEBCwUAA4IBAQCYMVFJWKY2l+bVJDhIHeyZdMUoIZUqbOBig337rCoe
guQNqAB9SeBm1I4yFnh/Bq1Ft9Mnfr+acD+w0xHzRS1rKonakF/GeZim9oBqYd38
5MyWZf1u6bbBGEaZT8pgS41vL6d8K9/LhSB/C4XzvJVMU8xM2Xa+tbc6r64ujQS5
G6tKdVuWn75HqNKbjaBruw1/7BHEgifJFST4PFfnLSFUJGv3Y0TU4wp1X1oCq1+G
CdNiOjgcEBmK4ldQtCMZyTUA2oknWgDNHzB9S0uEmlHSLe2W6xr1g+DWUJSQvgO7
WrAT0iBCTUieQFI0ofwmFMK8vPp83crYt/SZ1ZfMGLd6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:47 2024 by rpki-client on console-ams.rpki-client.org