Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/1153f8-1994-4b2d-9645-f28b4d640a49/1/awNgCAXrRc8yfOlkGJcIoRBq-1E.roa
File:                     awNgCAXrRc8yfOlkGJcIoRBq-1E.roa (raw, json)
Hash identifier:          I4WzvFHMnn4E8mjkqRzwoYhjORSQoqAgQIz7BBZRTms=
Subject key identifier:   6B:03:60:08:05:EB:45:CF:32:7C:E9:64:18:97:08:A1:10:6A:FB:51
Certificate issuer:       /CN=48ea30c0f28e02269c5765bf4a045677ca2794a5
Certificate serial:       02FE628D
Authority key identifier: 48:EA:30:C0:F2:8E:02:26:9C:57:65:BF:4A:04:56:77:CA:27:94:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SOowwPKOAiacV2W_SgRWd8onlKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/1153f8-1994-4b2d-9645-f28b4d640a49/1/awNgCAXrRc8yfOlkGJcIoRBq-1E.roa
Signing time:             Sat 01 Jan 2022 05:57:48 +0000
ROA not before:           Sat 01 Jan 2022 05:57:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     800
IP address blocks:        45.147.188.0/22 maxlen: 22
                          2a09:4880::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50225805 (0x2fe628d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48ea30c0f28e02269c5765bf4a045677ca2794a5
        Validity
            Not Before: Jan  1 05:57:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6b03600805eb45cf327ce964189708a1106afb51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:2b:ab:7e:61:42:40:0c:1c:5e:35:0b:4a:d5:
                    30:8e:c6:e2:a5:5f:77:98:8a:16:3d:b5:e5:a4:da:
                    bb:fd:6c:38:ed:12:44:76:5b:84:9c:96:2d:51:09:
                    89:f3:12:60:9d:17:ce:4f:ac:3a:37:62:09:bf:dd:
                    96:f4:75:25:00:ea:15:1b:d6:15:a9:e3:f8:f0:68:
                    2a:d2:c6:c3:ae:53:97:79:63:62:5b:15:cc:26:ec:
                    7b:60:04:52:59:07:bb:69:e3:25:dd:85:72:9b:3d:
                    33:fb:fb:84:df:9f:c6:3d:cc:3b:03:78:cc:b0:2f:
                    00:c4:d6:1a:2c:10:d0:76:1a:e5:03:36:17:65:29:
                    a8:37:6a:5c:c9:b5:26:fa:e8:ef:f8:91:2b:de:9d:
                    17:e4:a5:08:ae:42:09:ed:e7:1b:ea:32:52:05:17:
                    f7:98:84:21:72:5b:c0:2f:4a:58:52:62:0d:0f:06:
                    74:78:85:dd:17:9f:b0:6c:28:65:17:74:10:06:f4:
                    62:b6:e4:ab:b5:36:a5:ff:b6:e2:0b:97:03:26:73:
                    b5:2b:87:b9:ee:ad:14:52:a6:9e:6a:18:af:96:90:
                    9a:af:35:a6:5c:b2:9d:4b:24:bc:76:bd:69:f0:20:
                    9a:56:f6:f7:f5:8d:a2:8f:9d:ee:0c:57:f5:7f:e0:
                    cc:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:03:60:08:05:EB:45:CF:32:7C:E9:64:18:97:08:A1:10:6A:FB:51
            X509v3 Authority Key Identifier:
                keyid:48:EA:30:C0:F2:8E:02:26:9C:57:65:BF:4A:04:56:77:CA:27:94:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOowwPKOAiacV2W_SgRWd8onlKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/1153f8-1994-4b2d-9645-f28b4d640a49/1/awNgCAXrRc8yfOlkGJcIoRBq-1E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/1153f8-1994-4b2d-9645-f28b4d640a49/1/SOowwPKOAiacV2W_SgRWd8onlKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.147.188.0/22
                IPv6:
                  2a09:4880::/32

    Signature Algorithm: sha256WithRSAEncryption
         33:64:a1:6f:a2:74:6b:d5:f4:b8:d1:10:c8:33:d4:a8:cd:f0:
         79:e6:58:66:e5:88:bf:5d:65:1b:6f:ba:0b:15:e2:2a:18:d4:
         0e:23:ef:ed:31:c1:e1:88:fb:36:85:82:a0:bd:a0:b3:43:05:
         d6:29:d2:02:58:d2:89:2d:ea:ef:82:01:d3:ab:e9:cc:a9:fc:
         43:3d:f7:34:e9:c8:6c:5a:b6:dc:a7:c7:d4:2f:8b:f4:af:c6:
         3b:74:fe:17:48:b2:84:78:5e:b5:05:50:8c:0a:bd:23:88:17:
         15:20:19:9c:67:92:43:f3:65:eb:ac:63:a5:7c:26:aa:24:8b:
         e1:1e:7a:a5:2f:8b:92:90:70:90:7e:fd:7d:87:9b:3e:22:52:
         d1:65:9a:da:e6:37:40:89:8f:c7:8f:04:bf:47:9a:c6:c8:36:
         32:90:ba:59:2e:dc:5e:72:b5:a2:39:19:38:1f:44:59:61:59:
         b8:b1:86:ac:b4:c1:d4:93:bb:bc:b3:d2:00:b4:da:d4:0a:bd:
         a0:14:4b:ad:76:33:76:c0:b8:76:e8:c5:69:3e:70:be:9b:c1:
         59:5e:85:4b:cf:41:d6:54:ea:f4:27:53:11:84:2d:68:11:c0:
         f1:dd:20:d1:90:d7:94:d9:15:09:ee:5d:dc:3f:f4:95:72:bc:
         4a:ab:b0:fb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAv5ijTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OGVhMzBjMGYyOGUwMjI2OWM1NzY1YmY0YTA0NTY3N2NhMjc5NGE1MB4XDTIyMDEw
MTA1NTc0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmIwMzYwMDgwNWVi
NDVjZjMyN2NlOTY0MTg5NzA4YTExMDZhZmI1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8rq35hQkAMHF41C0rVMI7G4qVfd5iKFj215aTau/1sOO0S
RHZbhJyWLVEJifMSYJ0Xzk+sOjdiCb/dlvR1JQDqFRvWFanj+PBoKtLGw65Tl3lj
YlsVzCbse2AEUlkHu2njJd2Fcps9M/v7hN+fxj3MOwN4zLAvAMTWGiwQ0HYa5QM2
F2UpqDdqXMm1Jvro7/iRK96dF+SlCK5CCe3nG+oyUgUX95iEIXJbwC9KWFJiDQ8G
dHiF3RefsGwoZRd0EAb0Yrbkq7U2pf+24guXAyZztSuHue6tFFKmnmoYr5aQmq81
plyynUskvHa9afAgmlb29/WNoo+d7gxX9X/gzMcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRrA2AIBetFzzJ86WQYlwihEGr7UTAfBgNVHSMEGDAWgBRI6jDA8o4CJpxX
Zb9KBFZ3yieUpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NPb3d3UEtPQWlhY1YyV19TZ1JXZDhvbmxLVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvMTE1M2Y4LTE5OTQtNGIyZC05NjQ1LWYyOGI0ZDY0MGE0OS8x
L2F3TmdDQVhyUmM4eWZPbGtHSmNJb1JCcS0xRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
MTE1M2Y4LTE5OTQtNGIyZC05NjQ1LWYyOGI0ZDY0MGE0OS8xL1NPb3d3UEtPQWlh
Y1YyV19TZ1JXZDhvbmxLVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2TvDANBAIAAjAHAwUAKglIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAM2Shb6J0a9X0uNEQyDPUqM3weeZYZuWIv11lG2+6
CxXiKhjUDiPv7THB4Yj7NoWCoL2gs0MF1inSAljSiS3q74IB06vpzKn8Qz33NOnI
bFq23KfH1C+L9K/GO3T+F0iyhHhetQVQjAq9I4gXFSAZnGeSQ/Nl66xjpXwmqiSL
4R56pS+LkpBwkH79fYebPiJS0WWa2uY3QImPx48Ev0eaxsg2MpC6WS7cXnK1ojkZ
OB9EWWFZuLGGrLTB1JO7vLPSALTa1Aq9oBRLrXYzdsC4dujFaT5wvpvBWV6FS89B
1lTq9CdTEYQtaBHA8d0g0ZDXlNkVCe5d3D/0lXK8Squw+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:11 2024 by rpki-client on console-fra.rpki-client.org