Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/7zl3etiLxgKrV7UblYaTTSbhULE.roa
File:                     7zl3etiLxgKrV7UblYaTTSbhULE.roa (raw, json)
Hash identifier:          zhpGUQRk9+AXJwkbQ+ns/q5t40NVwNw8pkpigjDOgf4=
Subject key identifier:   EF:39:77:7A:D8:8B:C6:02:AB:57:B5:1B:95:86:93:4D:26:E1:50:B1
Certificate issuer:       /CN=111014ce8ad38d15350096d549ee1c5805d09dc8
Certificate serial:       0657BF91
Authority key identifier: 11:10:14:CE:8A:D3:8D:15:35:00:96:D5:49:EE:1C:58:05:D0:9D:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ERAUzorTjRU1AJbVSe4cWAXQncg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/7zl3etiLxgKrV7UblYaTTSbhULE.roa
Signing time:             Sat 01 Jan 2022 15:57:36 +0000
ROA not before:           Sat 01 Jan 2022 15:57:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43648
IP address blocks:        45.132.220.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 106413969 (0x657bf91)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=111014ce8ad38d15350096d549ee1c5805d09dc8
        Validity
            Not Before: Jan  1 15:57:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ef39777ad88bc602ab57b51b9586934d26e150b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:29:75:d3:cc:a4:69:5e:9c:b9:7a:65:96:29:
                    b3:76:f6:28:fa:57:4a:66:16:b3:94:c0:f9:7e:1c:
                    fd:7d:f8:97:97:17:2a:e8:1d:09:d8:2c:11:02:4e:
                    f9:14:4e:8f:c3:33:6c:a5:09:55:9a:18:86:38:ae:
                    0b:eb:11:77:81:13:d6:28:ba:58:66:c2:39:2e:cd:
                    46:d0:38:97:f4:64:43:f1:20:bd:1c:92:3a:c7:0e:
                    61:76:07:e7:f9:13:5e:ec:dc:f6:f8:da:f4:b8:3e:
                    74:e0:8e:3f:4b:fa:55:48:2a:d9:a7:01:35:ed:5a:
                    94:29:02:54:e6:83:95:4f:13:6e:ba:b2:86:03:ee:
                    48:e6:27:36:b8:3f:66:76:8d:bd:48:f5:79:62:5b:
                    27:94:57:2e:74:4d:2c:7b:f5:5d:2a:d8:51:1c:58:
                    56:41:67:df:2b:a4:a2:82:e9:6e:5e:9c:b4:18:bd:
                    85:84:b7:de:7f:a4:fb:8a:ba:98:e8:f8:bf:9a:2a:
                    a3:02:f3:89:5e:01:bf:6e:c9:81:5d:ac:7c:ca:be:
                    1c:ae:f1:ac:02:0e:f1:7e:cf:cb:5c:81:d9:da:23:
                    b7:86:8d:a4:ec:73:d0:50:bd:be:ff:ee:06:f8:da:
                    9b:b0:8f:d4:18:4a:ea:64:a2:97:0d:aa:33:f8:ac:
                    93:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:39:77:7A:D8:8B:C6:02:AB:57:B5:1B:95:86:93:4D:26:E1:50:B1
            X509v3 Authority Key Identifier:
                keyid:11:10:14:CE:8A:D3:8D:15:35:00:96:D5:49:EE:1C:58:05:D0:9D:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ERAUzorTjRU1AJbVSe4cWAXQncg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/7zl3etiLxgKrV7UblYaTTSbhULE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/ERAUzorTjRU1AJbVSe4cWAXQncg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:c1:ec:86:4d:57:ea:57:de:6d:56:c3:f8:53:1f:6f:fe:25:
         54:ce:f0:b1:cc:0b:86:f8:74:4e:96:56:9d:1e:83:67:8e:ae:
         a3:18:20:8c:b7:56:ec:35:d2:5f:d0:12:85:74:9c:b5:68:a5:
         0e:4b:3c:8c:e3:36:af:d5:0e:d4:00:c9:b9:24:39:f1:33:57:
         f4:10:8a:aa:30:bd:5e:b3:8b:ec:71:ac:fc:9b:22:03:18:17:
         09:ae:50:5b:9b:5d:4b:86:de:9b:b6:08:44:3e:c0:39:2d:d7:
         c2:3a:83:32:0f:46:21:53:0e:11:66:31:44:f9:64:74:c6:cf:
         25:c7:91:d8:0b:ce:92:eb:f9:1f:5f:f0:1b:3b:af:27:25:ca:
         3a:00:6a:84:5c:89:5d:d2:9c:ed:bd:b4:83:74:43:94:a2:7d:
         75:29:55:37:28:0c:c3:3d:e5:7a:81:8f:b6:9e:b4:dc:d8:42:
         59:4f:e1:e9:c6:a2:36:28:a4:9c:dc:19:68:37:ca:e4:79:16:
         4b:49:02:6e:b8:8c:06:c3:93:ba:18:30:9c:c1:41:dc:d0:a0:
         5a:91:d7:b8:d0:e2:66:1e:71:9f:c0:2e:0c:cc:99:6a:a7:58:
         72:2a:e1:9b:64:4d:20:b9:10:49:a6:d2:59:dc:fa:ab:75:57:
         0c:44:df:cb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBle/kTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTEwMTRjZThhZDM4ZDE1MzUwMDk2ZDU0OWVlMWM1ODA1ZDA5ZGM4MB4XDTIyMDEw
MTE1NTczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWYzOTc3N2FkODhi
YzYwMmFiNTdiNTFiOTU4NjkzNGQyNmUxNTBiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQpddPMpGlenLl6ZZYps3b2KPpXSmYWs5TA+X4c/X34l5cX
KugdCdgsEQJO+RROj8MzbKUJVZoYhjiuC+sRd4ET1ii6WGbCOS7NRtA4l/RkQ/Eg
vRySOscOYXYH5/kTXuzc9vja9Lg+dOCOP0v6VUgq2acBNe1alCkCVOaDlU8Tbrqy
hgPuSOYnNrg/ZnaNvUj1eWJbJ5RXLnRNLHv1XSrYURxYVkFn3yukooLpbl6ctBi9
hYS33n+k+4q6mOj4v5oqowLziV4Bv27JgV2sfMq+HK7xrAIO8X7Py1yB2dojt4aN
pOxz0FC9vv/uBvjam7CP1BhK6mSilw2qM/isk80CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTvOXd62IvGAqtXtRuVhpNNJuFQsTAfBgNVHSMEGDAWgBQREBTOitONFTUA
ltVJ7hxYBdCdyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VSQVV6b3JUalJVMUFKYlZTZTRjV0FYUW5jZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvZDZjNzUyLWFhNGItNGZhNy1hYjFmLTkxYTM5NDY4NDY0NC8x
Lzd6bDNldGlMeGdLclY3VWJsWWFUVFNiaFVMRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
ZDZjNzUyLWFhNGItNGZhNy1hYjFmLTkxYTM5NDY4NDY0NC8xL0VSQVV6b3JUalJV
MUFKYlZTZTRjV0FYUW5jZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2E3DANBgkqhkiG9w0BAQsFAAOC
AQEAo8Hshk1X6lfebVbD+FMfb/4lVM7wscwLhvh0TpZWnR6DZ46uoxggjLdW7DXS
X9AShXSctWilDks8jOM2r9UO1ADJuSQ58TNX9BCKqjC9XrOL7HGs/JsiAxgXCa5Q
W5tdS4bem7YIRD7AOS3XwjqDMg9GIVMOEWYxRPlkdMbPJceR2AvOkuv5H1/wGzuv
JyXKOgBqhFyJXdKc7b20g3RDlKJ9dSlVNygMwz3leoGPtp603NhCWU/h6caiNiik
nNwZaDfK5HkWS0kCbriMBsOTuhgwnMFB3NCgWpHXuNDiZh5xn8AuDMyZaqdYcirh
m2RNILkQSabSWdz6q3VXDETfyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:08 2024 by rpki-client on console-fra.rpki-client.org