Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/CQUB3Guw49-CtEtWok2s3LnC-Jk.roa
File:                     CQUB3Guw49-CtEtWok2s3LnC-Jk.roa (raw, json)
Hash identifier:          BxFfkl7C4U3sc2jw7LRvSU3TO3BxZwXoIat5TU3etWo=
Subject key identifier:   09:05:01:DC:6B:B0:E3:DF:82:B4:4B:56:A2:4D:AC:DC:B9:C2:F8:99
Certificate issuer:       /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial:       0185116A8B19928100029AF7FDED54291645
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/CQUB3Guw49-CtEtWok2s3LnC-Jk.roa
Signing time:             Wed 14 Dec 2022 16:14:33 +0000
ROA not before:           Wed 14 Dec 2022 16:14:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        45.81.255.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:11:6a:8b:19:92:81:00:02:9a:f7:fd:ed:54:29:16:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
        Validity
            Not Before: Dec 14 16:14:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=090501dc6bb0e3df82b44b56a24dacdcb9c2f899
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:78:ba:b1:89:67:8e:39:36:20:db:59:49:09:
                    01:3d:1c:0b:ae:8c:27:db:65:19:db:d8:cf:71:02:
                    b6:3d:41:9d:03:67:a1:65:1f:d4:ce:51:bc:44:97:
                    07:6d:48:7f:ac:a7:a6:6e:da:8e:29:85:d7:7f:c3:
                    87:75:23:f7:f0:eb:ba:a9:c5:aa:2f:b5:36:4b:ae:
                    4e:ef:bf:11:37:b5:ca:20:90:ee:32:5c:f0:ae:fb:
                    0a:86:03:e3:cf:77:7d:52:90:2b:6b:67:89:a3:d2:
                    e0:fa:f9:cc:00:71:78:66:4d:2b:84:eb:e6:b9:17:
                    d4:f0:fa:da:b8:ab:a9:9d:4a:e9:37:f5:15:61:80:
                    8f:78:13:a9:2d:f7:9d:66:ce:c8:5d:91:46:25:15:
                    64:23:e1:ca:7a:a3:5a:d8:3a:0e:df:2f:26:f2:f3:
                    25:93:ef:42:1a:44:ca:0f:58:d0:f5:61:a9:2d:30:
                    8d:c9:a0:b0:a1:1e:71:16:ea:6a:aa:39:03:5f:b0:
                    76:3a:d0:8d:dc:0d:ef:33:cd:06:9f:b2:64:a4:ab:
                    a6:b4:57:e3:e1:4a:51:71:dc:e3:4d:9c:24:ff:6d:
                    da:9d:eb:20:aa:c1:36:b3:73:52:b4:3c:16:f1:3f:
                    91:ab:7e:07:2a:49:e3:dc:5a:2a:53:30:8c:89:d1:
                    0c:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:05:01:DC:6B:B0:E3:DF:82:B4:4B:56:A2:4D:AC:DC:B9:C2:F8:99
            X509v3 Authority Key Identifier:
                keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/CQUB3Guw49-CtEtWok2s3LnC-Jk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:fc:b0:04:42:3d:c1:27:f0:4d:da:d5:52:ee:aa:0b:8c:c1:
         f7:ed:f0:29:ec:06:ef:83:59:32:01:55:5c:59:be:d1:8d:7e:
         5d:82:63:3f:12:0e:79:d2:12:5d:46:00:47:8c:10:05:50:6b:
         ef:2e:e9:53:e7:0f:18:7b:02:ea:09:5c:68:87:d5:23:c3:43:
         ba:0a:95:5d:9e:d9:9a:0b:e4:cf:a0:f9:86:79:9a:54:48:d5:
         98:d5:13:9f:aa:a0:0c:15:63:40:7d:6b:ff:7c:97:09:2b:4a:
         b9:55:0a:f8:56:fe:8d:0f:f9:50:ff:81:43:70:26:e0:5f:c4:
         34:63:b0:f2:a5:b0:b9:c9:2e:f9:75:33:5d:19:5d:e7:10:1e:
         75:85:7c:e0:99:52:a0:f8:bc:20:c4:02:2c:e5:28:70:1e:be:
         cc:0b:6d:27:c3:44:2a:77:f7:1f:22:c8:89:14:78:58:fc:48:
         bd:c4:7a:75:2b:99:38:f1:65:c9:15:f4:44:41:98:21:17:ed:
         78:fd:47:ad:56:50:7c:fe:3b:0a:28:2d:26:e1:f0:ae:78:16:
         37:4d:c6:49:4e:11:3a:04:4b:e8:16:f5:c3:01:e0:22:08:9b:
         53:88:82:cd:9d:18:d3:2c:56:82:2f:03:71:2b:26:7c:e9:de:
         87:79:5a:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYURaosZkoEAApr3/e1UKRZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjIxMjE0MTYxNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA1MDFkYzZiYjBlM2RmODJiNDRiNTZhMjRkYWNkY2I5YzJmODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHi6sYlnjjk2INtZSQkBPRwLrown
22UZ29jPcQK2PUGdA2ehZR/UzlG8RJcHbUh/rKembtqOKYXXf8OHdSP38Ou6qcWq
L7U2S65O778RN7XKIJDuMlzwrvsKhgPjz3d9UpAra2eJo9Lg+vnMAHF4Zk0rhOvm
uRfU8PrauKupnUrpN/UVYYCPeBOpLfedZs7IXZFGJRVkI+HKeqNa2DoO3y8m8vMl
k+9CGkTKD1jQ9WGpLTCNyaCwoR5xFupqqjkDX7B2OtCN3A3vM80Gn7JkpKumtFfj
4UpRcdzjTZwk/23anesgqsE2s3NStDwW8T+Rq34HKknj3FoqUzCMidEMMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkFAdxrsOPfgrRLVqJNrNy5wviZMB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvQ1FVQjNHdXc0OS1DdEV0V29rMnMzTG5DLUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVH/MA0G
CSqGSIb3DQEBCwUAA4IBAQBZ/LAEQj3BJ/BN2tVS7qoLjMH37fAp7Abvg1kyAVVc
Wb7RjX5dgmM/Eg550hJdRgBHjBAFUGvvLulT5w8YewLqCVxoh9Ujw0O6CpVdntma
C+TPoPmGeZpUSNWY1ROfqqAMFWNAfWv/fJcJK0q5VQr4Vv6ND/lQ/4FDcCbgX8Q0
Y7DypbC5yS75dTNdGV3nEB51hXzgmVKg+LwgxAIs5ShwHr7MC20nw0Qqd/cfIsiJ
FHhY/Ei9xHp1K5k48WXJFfREQZghF+14/UetVlB8/jsKKC0m4fCueBY3TcZJThE6
BEvoFvXDAeAiCJtTiILNnRjTLFaCLwNxKyZ86d6HeVpt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:15 2024 by rpki-client on console-fra.rpki-client.org