Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/JqgGLT3Mx65m8Xmxnu1_ujLlyF4.roa
File:                     JqgGLT3Mx65m8Xmxnu1_ujLlyF4.roa (raw, json)
Hash identifier:          Q2OJsPy/oBK44zrrnKReY4MuTlOHYnzEtlRhzejZpIY=
Subject key identifier:   26:A8:06:2D:3D:CC:C7:AE:66:F1:79:B1:9E:ED:7F:BA:32:E5:C8:5E
Certificate issuer:       /CN=706d64134faa746293c0384edac0371950f3b224
Certificate serial:       11670997
Authority key identifier: 70:6D:64:13:4F:AA:74:62:93:C0:38:4E:DA:C0:37:19:50:F3:B2:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/JqgGLT3Mx65m8Xmxnu1_ujLlyF4.roa
Signing time:             Mon 17 Jan 2022 22:30:50 +0000
ROA not before:           Mon 17 Jan 2022 22:30:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201933
IP address blocks:        45.90.42.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 291965335 (0x11670997)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=706d64134faa746293c0384edac0371950f3b224
        Validity
            Not Before: Jan 17 22:30:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=26a8062d3dccc7ae66f179b19eed7fba32e5c85e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c3:e6:7e:11:47:93:3b:ce:e6:a5:eb:92:78:
                    a9:51:3d:02:08:03:74:34:2b:67:5d:7b:2b:b4:11:
                    9c:a2:6b:43:16:f4:e3:6c:4e:87:42:e2:66:24:bd:
                    ad:ad:df:ac:22:6b:da:7e:83:95:cf:1f:00:80:df:
                    2a:d8:c1:83:5d:e6:a8:a6:f6:a7:31:74:55:c5:c4:
                    f2:2f:14:e4:ba:91:19:8b:b3:a1:41:01:2a:58:fa:
                    6e:60:9e:07:9a:8e:50:2c:24:7a:bc:8b:23:60:9b:
                    69:27:2c:bc:c0:8e:42:96:23:88:17:bb:d1:d4:92:
                    50:4d:5f:ee:11:2e:4c:8a:28:38:27:b2:25:d8:1d:
                    f6:7b:5a:6e:83:02:f2:e5:90:d3:5c:f3:8c:79:ae:
                    67:04:53:0a:1b:68:04:3e:bb:3a:c3:b1:e4:f7:d2:
                    12:b4:db:82:72:ba:11:0b:d2:5a:3f:38:1b:eb:41:
                    ea:fd:e7:32:84:25:e1:fe:93:f6:1c:18:94:f3:c9:
                    a5:90:c0:95:ee:16:f5:ff:85:f4:da:82:12:44:8a:
                    d8:e8:34:ca:3c:9e:31:bf:d9:95:27:95:ae:40:50:
                    2d:58:55:1d:0b:67:41:cd:ab:c8:9c:8f:62:03:04:
                    da:9c:5c:e7:0d:66:9e:90:27:bd:06:93:c8:b3:a7:
                    88:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:A8:06:2D:3D:CC:C7:AE:66:F1:79:B1:9E:ED:7F:BA:32:E5:C8:5E
            X509v3 Authority Key Identifier:
                keyid:70:6D:64:13:4F:AA:74:62:93:C0:38:4E:DA:C0:37:19:50:F3:B2:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/JqgGLT3Mx65m8Xmxnu1_ujLlyF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:08:f9:a1:13:d8:c2:63:75:c2:fd:76:b3:58:bc:69:67:0e:
         67:be:fc:ba:88:4c:49:52:6e:1d:0f:a6:a1:95:99:cf:22:d9:
         b3:a2:3c:c4:ce:45:17:93:16:62:45:4e:1d:f1:7f:b8:a2:06:
         2a:82:27:40:76:3b:43:2a:08:53:07:30:f0:94:55:dd:46:72:
         31:6f:30:5e:12:df:b4:d5:ee:56:8b:4b:48:10:52:9d:5e:ba:
         7d:48:0f:7f:3f:ea:8a:d2:de:ae:6a:e8:81:44:db:a3:95:c4:
         75:b0:aa:8c:d4:ad:31:51:61:c1:4a:ab:f8:53:35:84:41:04:
         25:94:5a:b5:fa:de:47:0b:06:f4:54:3f:b5:f2:41:c4:f3:5a:
         e7:21:be:41:42:7c:55:5a:d0:b5:ea:4d:51:06:49:d2:4c:6b:
         bc:82:72:8e:6e:94:37:c1:44:fb:35:d5:75:ea:78:c2:15:26:
         76:83:17:d5:00:e1:7b:4e:40:29:66:08:ea:fc:99:b5:38:b4:
         3e:9d:1e:81:b0:db:7e:8f:9f:87:6e:70:c2:54:23:d1:c1:84:
         92:19:74:df:a1:6f:f8:2f:58:4d:8d:f1:3b:65:ea:fe:83:2c:
         a3:09:96:be:18:bb:20:2c:22:5b:0f:e7:e9:6a:48:cb:d9:40:
         f6:f0:31:66
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEWcJlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDZkNjQxMzRmYWE3NDYyOTNjMDM4NGVkYWMwMzcxOTUwZjNiMjI0MB4XDTIyMDEx
NzIyMzA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjZhODA2MmQzZGNj
YzdhZTY2ZjE3OWIxOWVlZDdmYmEzMmU1Yzg1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTD5n4RR5M7zual65J4qVE9AggDdDQrZ117K7QRnKJrQxb0
42xOh0LiZiS9ra3frCJr2n6Dlc8fAIDfKtjBg13mqKb2pzF0VcXE8i8U5LqRGYuz
oUEBKlj6bmCeB5qOUCwkeryLI2CbaScsvMCOQpYjiBe70dSSUE1f7hEuTIooOCey
Jdgd9ntaboMC8uWQ01zzjHmuZwRTChtoBD67OsOx5PfSErTbgnK6EQvSWj84G+tB
6v3nMoQl4f6T9hwYlPPJpZDAle4W9f+F9NqCEkSK2Og0yjyeMb/ZlSeVrkBQLVhV
HQtnQc2ryJyPYgME2pxc5w1mnpAnvQaTyLOniKUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQmqAYtPczHrmbxebGe7X+6MuXIXjAfBgNVHSMEGDAWgBRwbWQTT6p0YpPA
OE7awDcZUPOyJDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NHMWtFMC1xZEdLVHdEaE8yc0EzR1ZEenNpUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvMzI5OGUzLTlhNTAtNGNmYi04NGU2LWQxMzdhZGUxNjZkMS8x
L0pxZ0dMVDNNeDY1bThYbXhudTFfdWpMbHlGNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
MzI5OGUzLTlhNTAtNGNmYi04NGU2LWQxMzdhZGUxNjZkMS8xL2NHMWtFMC1xZEdL
VHdEaE8yc0EzR1ZEenNpUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1aKjANBgkqhkiG9w0BAQsFAAOC
AQEAMQj5oRPYwmN1wv12s1i8aWcOZ778uohMSVJuHQ+moZWZzyLZs6I8xM5FF5MW
YkVOHfF/uKIGKoInQHY7QyoIUwcw8JRV3UZyMW8wXhLftNXuVotLSBBSnV66fUgP
fz/qitLermrogUTbo5XEdbCqjNStMVFhwUqr+FM1hEEEJZRatfreRwsG9FQ/tfJB
xPNa5yG+QUJ8VVrQtepNUQZJ0kxrvIJyjm6UN8FE+zXVdep4whUmdoMX1QDhe05A
KWYI6vyZtTi0Pp0egbDbfo+fh25wwlQj0cGEkhl036Fv+C9YTY3xO2Xq/oMsowmW
vhi7ICwiWw/n6WpIy9lA9vAxZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:43 2024 by rpki-client on console-fra.rpki-client.org