Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/45gPmf5-baa7eT8tIHvSac41PJ0.roa
File:                     45gPmf5-baa7eT8tIHvSac41PJ0.roa (raw, json)
Hash identifier:          sCIRv+TssbVJ9D6yi325YE3nTmmz9ONPk6hn6j9/avY=
Subject key identifier:   E3:98:0F:99:FE:7E:6D:A6:BB:79:3F:2D:20:7B:D2:69:CE:35:3C:9D
Certificate issuer:       /CN=8836bd8fad393e5131a023729315b356014e6637
Certificate serial:       0962872F
Authority key identifier: 88:36:BD:8F:AD:39:3E:51:31:A0:23:72:93:15:B3:56:01:4E:66:37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iDa9j605PlExoCNykxWzVgFOZjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/45gPmf5-baa7eT8tIHvSac41PJ0.roa
Signing time:             Sat 01 Jan 2022 15:59:19 +0000
ROA not before:           Sat 01 Jan 2022 15:59:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51485
IP address blocks:        192.40.71.0/24 maxlen: 24
                          192.40.70.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 157452079 (0x962872f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8836bd8fad393e5131a023729315b356014e6637
        Validity
            Not Before: Jan  1 15:59:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e3980f99fe7e6da6bb793f2d207bd269ce353c9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:8f:ee:87:b7:78:f2:7b:d9:2a:6d:d0:d2:a4:
                    1d:fa:26:2f:ad:eb:f7:db:45:d4:ee:04:4a:9e:cf:
                    02:2d:45:d4:a3:a8:8c:1d:3e:17:95:7b:cc:12:17:
                    6b:67:17:aa:1a:31:ff:25:20:a2:28:16:9e:33:b6:
                    e3:16:8c:bd:92:11:bb:b6:db:b0:75:d1:38:21:c4:
                    37:98:32:e1:19:ab:9b:cf:a2:22:5a:de:58:74:2e:
                    bd:6b:e5:5d:0b:23:c7:5f:2f:c2:78:90:6f:ff:9e:
                    cb:f2:0c:1b:a7:12:96:a0:1f:e4:20:0b:a8:b2:16:
                    35:ba:62:f2:c9:69:b7:5a:07:67:67:2e:5a:89:73:
                    85:22:57:00:d3:fa:73:8d:68:90:c9:43:9f:ae:ab:
                    f8:ae:2c:b3:ad:09:7b:47:6e:1f:64:70:22:d0:2d:
                    f1:87:90:a4:48:b5:7b:6d:1b:6d:dc:57:ff:14:ca:
                    80:59:72:1a:14:10:58:05:89:62:a0:a9:ac:21:17:
                    1b:9e:b6:fb:8a:8c:d7:db:dc:cb:82:6d:0d:af:e9:
                    0e:b8:27:99:b2:8e:db:a9:1f:be:d7:cd:73:73:69:
                    53:7d:b8:e0:29:e2:83:a9:20:db:cd:79:e9:2b:62:
                    0f:57:15:9e:f0:8b:3f:b1:87:b3:12:1f:b7:37:7c:
                    e6:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:98:0F:99:FE:7E:6D:A6:BB:79:3F:2D:20:7B:D2:69:CE:35:3C:9D
            X509v3 Authority Key Identifier:
                keyid:88:36:BD:8F:AD:39:3E:51:31:A0:23:72:93:15:B3:56:01:4E:66:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDa9j605PlExoCNykxWzVgFOZjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/45gPmf5-baa7eT8tIHvSac41PJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.40.70.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8e:d9:e3:a6:b7:dc:3b:0b:c5:aa:96:a5:50:79:6e:27:25:ae:
         db:62:ee:11:6f:7c:d5:97:65:3d:74:cd:21:1f:31:14:98:42:
         a0:70:d7:0c:bb:8b:97:72:d1:af:18:01:3e:76:a3:16:14:5e:
         72:d5:74:86:65:5a:f2:4a:8a:6f:37:2b:8e:37:5f:62:d7:0d:
         c4:e7:e5:1d:19:db:c9:c7:ea:46:d7:ef:71:98:cf:d6:2c:85:
         f3:39:22:ba:46:9c:37:c9:54:81:0b:e8:1c:ed:18:c0:db:f4:
         5e:f4:ea:46:03:45:3c:b2:02:bd:8c:8d:ea:b5:27:c6:8c:96:
         9a:f5:38:75:a3:b4:b4:a3:e0:4e:1a:24:d1:31:f5:fe:39:f6:
         db:49:bc:ff:79:70:d9:dd:ab:42:4f:44:e7:6a:73:f1:e2:d6:
         37:17:5d:3e:d2:43:59:8d:ed:a5:59:b5:17:91:50:71:74:f0:
         62:4a:86:0e:92:6c:f9:62:03:99:b0:73:2a:a0:9a:20:df:fa:
         d9:d0:87:e0:16:12:bc:16:83:bd:3c:f0:fa:d9:97:1e:d6:57:
         68:98:8e:0f:67:5e:48:1e:c7:ec:45:31:ca:b0:47:a0:9e:19:
         1c:f5:13:a7:84:00:71:72:5d:12:78:6b:3f:e8:7c:a8:c3:44:
         32:50:b5:17
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECWKHLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODM2YmQ4ZmFkMzkzZTUxMzFhMDIzNzI5MzE1YjM1NjAxNGU2NjM3MB4XDTIyMDEw
MTE1NTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM5ODBmOTlmZTdl
NmRhNmJiNzkzZjJkMjA3YmQyNjljZTM1M2M5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWP7oe3ePJ72Spt0NKkHfomL63r99tF1O4ESp7PAi1F1KOo
jB0+F5V7zBIXa2cXqhox/yUgoigWnjO24xaMvZIRu7bbsHXROCHEN5gy4Rmrm8+i
IlreWHQuvWvlXQsjx18vwniQb/+ey/IMG6cSlqAf5CALqLIWNbpi8slpt1oHZ2cu
WolzhSJXANP6c41okMlDn66r+K4ss60Je0duH2RwItAt8YeQpEi1e20bbdxX/xTK
gFlyGhQQWAWJYqCprCEXG562+4qM19vcy4JtDa/pDrgnmbKO26kfvtfNc3NpU324
4Cnig6kg28156StiD1cVnvCLP7GHsxIftzd85pkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjmA+Z/n5tprt5Py0ge9JpzjU8nTAfBgNVHSMEGDAWgBSINr2PrTk+UTGg
I3KTFbNWAU5mNzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lEYTlqNjA1UGxFeG9DTnlreFd6VmdGT1pqYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvMTI5YTViLWI3ZjYtNDlkMC05NWMyLTEyZjljYjBhMjExOC8x
LzQ1Z1BtZjUtYmFhN2VUOHRJSHZTYWM0MVBKMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
MTI5YTViLWI3ZjYtNDlkMC05NWMyLTEyZjljYjBhMjExOC8xL2lEYTlqNjA1UGxF
eG9DTnlreFd6VmdGT1pqYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcAoRjANBgkqhkiG9w0BAQsFAAOC
AQEAjtnjprfcOwvFqpalUHluJyWu22LuEW981ZdlPXTNIR8xFJhCoHDXDLuLl3LR
rxgBPnajFhRectV0hmVa8kqKbzcrjjdfYtcNxOflHRnbycfqRtfvcZjP1iyF8zki
ukacN8lUgQvoHO0YwNv0XvTqRgNFPLICvYyN6rUnxoyWmvU4daO0tKPgThok0TH1
/jn220m8/3lw2d2rQk9E52pz8eLWNxddPtJDWY3tpVm1F5FQcXTwYkqGDpJs+WID
mbBzKqCaIN/62dCH4BYSvBaDvTzw+tmXHtZXaJiOD2deSB7H7EUxyrBHoJ4ZHPUT
p4QAcXJdEnhrP+h8qMNEMlC1Fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:56 2024 by rpki-client on console-ams.rpki-client.org