Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/kYLTkYd0FZ9UPjBlvSqydBeZt-w.roa
File:                     kYLTkYd0FZ9UPjBlvSqydBeZt-w.roa (raw, json)
Hash identifier:          Z495rw0UjQS+uuwXYu3eF3WRNRyquOXUSBeFfvMDvMM=
Subject key identifier:   91:82:D3:91:87:74:15:9F:54:3E:30:65:BD:2A:B2:74:17:99:B7:EC
Certificate issuer:       /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial:       01842CEF9B85BD6B0C033B8B5EB0A60E4860
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/kYLTkYd0FZ9UPjBlvSqydBeZt-w.roa
Signing time:             Mon 31 Oct 2022 07:26:51 +0000
ROA not before:           Mon 31 Oct 2022 07:26:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        45.81.255.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2c:ef:9b:85:bd:6b:0c:03:3b:8b:5e:b0:a6:0e:48:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
        Validity
            Not Before: Oct 31 07:26:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9182d3918774159f543e3065bd2ab2741799b7ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:34:13:cf:5d:b2:8d:a4:5a:08:27:31:b0:3d:
                    de:79:78:c6:66:dc:4d:d0:7a:ef:84:66:b2:50:9f:
                    f2:dc:00:75:82:0d:03:53:54:7e:13:5c:37:6a:bd:
                    a2:fb:3d:1a:3e:10:45:ac:a0:05:32:eb:5b:45:3c:
                    e9:28:32:5e:5d:c6:f3:a6:dd:6b:28:da:92:f2:90:
                    c4:e1:d0:8f:99:ce:d8:10:c6:d6:44:29:d6:f4:87:
                    0c:b8:36:d9:53:1b:76:78:2a:fa:84:79:f9:eb:ce:
                    f2:a3:b7:ba:47:80:e5:94:7c:07:b0:f5:3e:56:b1:
                    9c:90:ad:92:2a:05:b6:ed:98:35:98:28:ea:e3:a9:
                    55:09:f2:fb:ff:5a:fb:b5:0d:2d:40:a7:be:b1:bb:
                    e3:81:9e:75:1f:5d:0c:e8:51:f9:77:7d:02:3b:2b:
                    af:ce:94:52:12:c3:97:a1:ba:91:fe:a7:57:c9:18:
                    5e:72:1e:87:04:54:73:0a:3d:38:a3:90:ea:64:18:
                    44:c5:05:00:5f:fa:8e:db:a7:d1:35:a5:26:15:0f:
                    3e:af:b1:9b:1d:d4:3e:68:2f:7e:6e:4d:8d:ed:5b:
                    0e:e6:e6:a8:c6:0d:c3:4b:08:68:71:a8:1b:68:51:
                    89:ce:ea:e5:4d:7b:60:8c:89:e4:bb:53:a2:a9:cb:
                    2c:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:82:D3:91:87:74:15:9F:54:3E:30:65:BD:2A:B2:74:17:99:B7:EC
            X509v3 Authority Key Identifier:
                keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/kYLTkYd0FZ9UPjBlvSqydBeZt-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:bd:71:08:0a:a0:d1:29:4c:b9:f4:b2:2f:ef:5b:6c:e5:44:
         6e:af:cf:fc:5c:d0:54:75:28:43:4f:2e:a3:83:39:f9:49:11:
         f1:d2:67:b9:55:18:9c:ab:e2:c5:1d:78:83:d9:18:c0:1f:a8:
         1a:eb:53:0c:d3:78:e9:6b:18:a8:b9:5b:30:c0:d0:d7:e2:f3:
         2e:12:cb:9d:16:c7:75:94:58:b7:09:ae:01:bd:28:61:80:70:
         69:28:f9:c1:48:13:17:c8:02:1d:71:12:48:3c:1c:c2:9d:f1:
         15:e9:76:02:99:9e:92:4d:c0:4d:e6:0d:09:83:e6:f1:0a:a8:
         50:44:af:40:7f:9d:49:00:e5:b2:6f:a5:a5:25:32:e0:4e:36:
         63:1e:30:54:d3:2c:dc:86:92:6b:d1:bd:46:6d:2f:9d:ab:61:
         9d:ba:68:b5:b3:e0:e3:69:3d:d9:48:c0:78:1c:60:95:54:46:
         89:ef:d1:70:6a:a3:02:19:d6:0e:6c:d3:a9:80:b5:d5:08:44:
         0a:70:e2:39:89:97:27:db:de:c7:f3:cb:aa:55:47:54:4f:f5:
         af:27:32:d7:17:5d:cc:d9:ef:0f:01:b8:f0:d5:dc:07:eb:32:
         56:00:ee:4a:4e:20:67:2e:8b:e0:e4:1f:ca:34:78:d4:54:14:
         77:bc:3f:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQs75uFvWsMAzuLXrCmDkhgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjIxMDMxMDcyNjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTgyZDM5MTg3NzQxNTlmNTQzZTMwNjViZDJhYjI3NDE3OTliN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijQTz12yjaRaCCcxsD3eeXjGZtxN
0HrvhGayUJ/y3AB1gg0DU1R+E1w3ar2i+z0aPhBFrKAFMutbRTzpKDJeXcbzpt1r
KNqS8pDE4dCPmc7YEMbWRCnW9IcMuDbZUxt2eCr6hHn5687yo7e6R4DllHwHsPU+
VrGckK2SKgW27Zg1mCjq46lVCfL7/1r7tQ0tQKe+sbvjgZ51H10M6FH5d30COyuv
zpRSEsOXobqR/qdXyRhech6HBFRzCj04o5DqZBhExQUAX/qO26fRNaUmFQ8+r7Gb
HdQ+aC9+bk2N7VsO5uaoxg3DSwhocagbaFGJzurlTXtgjInku1OiqcssEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGC05GHdBWfVD4wZb0qsnQXmbfsMB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEva1lMVGtZZDBGWjlVUGpCbHZTcXlkQmVadC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVH/MA0G
CSqGSIb3DQEBCwUAA4IBAQCdvXEICqDRKUy59LIv71ts5URur8/8XNBUdShDTy6j
gzn5SRHx0me5VRicq+LFHXiD2RjAH6ga61MM03jpaxiouVswwNDX4vMuEsudFsd1
lFi3Ca4BvShhgHBpKPnBSBMXyAIdcRJIPBzCnfEV6XYCmZ6STcBN5g0Jg+bxCqhQ
RK9Af51JAOWyb6WlJTLgTjZjHjBU0yzchpJr0b1GbS+dq2Gdumi1s+DjaT3ZSMB4
HGCVVEaJ79FwaqMCGdYObNOpgLXVCEQKcOI5iZcn297H88uqVUdUT/WvJzLXF13M
2e8PAbjw1dwH6zJWAO5KTiBnLovg5B/KNHjUVBR3vD/Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:35 2024 by rpki-client on console-ams.rpki-client.org