Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/prMP22_8WsvfrAGKIeIystns8wE.roa
File:                     prMP22_8WsvfrAGKIeIystns8wE.roa (raw, json)
Hash identifier:          9m71OuQB4LXGJa28Hj+0fL1twxL5LgcBXgM/0lskT3A=
Subject key identifier:   A6:B3:0F:DB:6F:FC:5A:CB:DF:AC:01:8A:21:E2:32:B2:D9:EC:F3:01
Certificate issuer:       /CN=00911779c767d2364e86f4e27ef8c5fe9bb01090
Certificate serial:       094B2A74
Authority key identifier: 00:91:17:79:C7:67:D2:36:4E:86:F4:E2:7E:F8:C5:FE:9B:B0:10:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AJEXecdn0jZOhvTifvjF_puwEJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/prMP22_8WsvfrAGKIeIystns8wE.roa
Signing time:             Sat 01 Jan 2022 08:05:12 +0000
ROA not before:           Sat 01 Jan 2022 08:05:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60406
IP address blocks:        5.45.189.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155921012 (0x94b2a74)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00911779c767d2364e86f4e27ef8c5fe9bb01090
        Validity
            Not Before: Jan  1 08:05:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a6b30fdb6ffc5acbdfac018a21e232b2d9ecf301
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:9c:29:bd:0a:d2:82:a3:9f:e4:b5:64:0a:e4:
                    f2:41:9e:39:d5:51:8b:a4:9e:5f:b5:e5:c1:0c:f4:
                    5c:41:f0:f2:61:58:95:41:e7:57:94:be:e5:02:af:
                    76:2e:7e:03:18:0e:66:ae:a9:bd:2b:f3:51:23:b1:
                    f5:18:cf:0c:4e:44:10:7e:ca:6c:df:57:de:3f:1f:
                    f3:54:bc:60:78:06:64:02:a7:09:1e:b2:1f:bf:66:
                    38:c7:b7:eb:b8:2f:49:cc:ce:2d:66:96:ca:cc:3c:
                    4d:43:8d:72:2c:91:f1:64:2b:4e:ac:d6:fe:00:2b:
                    04:06:2d:c8:29:c7:33:3c:b4:f1:ef:38:2a:01:a8:
                    ba:c2:1e:91:da:4a:84:2a:2a:aa:bb:ed:67:3f:16:
                    df:2b:32:10:0a:51:8e:ca:d3:31:f6:da:e2:aa:77:
                    4e:72:ad:6c:01:7d:01:6c:bc:11:ee:7b:ab:a0:38:
                    74:86:21:07:08:6d:d9:dc:b9:7a:74:13:31:cd:3e:
                    10:4c:97:70:2e:19:82:39:f3:94:f2:68:3b:7e:c2:
                    04:52:cf:a8:b9:7f:b8:eb:4b:4a:38:33:19:2a:eb:
                    95:bc:27:ed:0a:2a:fd:9e:6f:91:03:5b:4d:6b:86:
                    72:29:8c:60:bb:d0:34:6d:f8:f7:2d:a8:e5:a2:75:
                    93:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:B3:0F:DB:6F:FC:5A:CB:DF:AC:01:8A:21:E2:32:B2:D9:EC:F3:01
            X509v3 Authority Key Identifier:
                keyid:00:91:17:79:C7:67:D2:36:4E:86:F4:E2:7E:F8:C5:FE:9B:B0:10:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJEXecdn0jZOhvTifvjF_puwEJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/prMP22_8WsvfrAGKIeIystns8wE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/AJEXecdn0jZOhvTifvjF_puwEJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.45.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:1d:71:9d:61:82:02:6e:4f:98:f6:fa:97:32:73:60:46:38:
         c8:77:b1:d7:16:5c:43:78:a3:c9:8b:bf:b6:3a:52:a0:cf:8a:
         cc:dd:65:ef:8e:98:61:07:be:ea:c8:3b:2f:41:90:86:79:13:
         ab:14:7b:ef:8a:6e:98:4f:dc:ee:0e:38:90:d7:b1:bb:db:6f:
         d3:b1:d8:28:f1:a9:4d:6c:71:32:e9:dc:8c:c7:cd:37:13:05:
         d1:dc:bf:b7:ea:72:3c:f9:db:81:3b:af:e1:65:f0:11:f4:52:
         d8:82:2e:68:b4:b7:7a:21:60:a4:71:8a:87:ca:7b:a9:8a:85:
         84:a9:0d:b5:c2:b6:f1:02:5e:c5:84:cb:fc:5c:fa:46:73:ab:
         04:d7:ee:78:5b:50:16:81:cf:62:64:fc:0f:7a:51:bb:e2:10:
         01:62:5e:05:c9:00:31:db:09:25:25:33:ae:bd:80:c1:7f:40:
         fb:9d:f5:48:ac:d6:85:e9:fc:2c:ab:88:ea:7e:d2:14:63:77:
         cd:20:b2:ba:70:20:4d:04:2b:a4:a4:00:b1:c9:f6:95:0a:71:
         80:99:ea:02:e0:3b:82:56:e8:41:d8:9c:ff:85:7f:3a:fa:7f:
         ca:5f:12:40:46:de:8c:c3:42:d0:e1:6f:3b:04:05:0a:d7:0e:
         23:8a:dd:39
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECUsqdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDkxMTc3OWM3NjdkMjM2NGU4NmY0ZTI3ZWY4YzVmZTliYjAxMDkwMB4XDTIyMDEw
MTA4MDUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZiMzBmZGI2ZmZj
NWFjYmRmYWMwMThhMjFlMjMyYjJkOWVjZjMwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMScKb0K0oKjn+S1ZArk8kGeOdVRi6SeX7XlwQz0XEHw8mFY
lUHnV5S+5QKvdi5+AxgOZq6pvSvzUSOx9RjPDE5EEH7KbN9X3j8f81S8YHgGZAKn
CR6yH79mOMe367gvSczOLWaWysw8TUONciyR8WQrTqzW/gArBAYtyCnHMzy08e84
KgGousIekdpKhCoqqrvtZz8W3ysyEApRjsrTMfba4qp3TnKtbAF9AWy8Ee57q6A4
dIYhBwht2dy5enQTMc0+EEyXcC4ZgjnzlPJoO37CBFLPqLl/uOtLSjgzGSrrlbwn
7Qoq/Z5vkQNbTWuGcimMYLvQNG349y2o5aJ1k3kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSmsw/bb/xay9+sAYoh4jKy2ezzATAfBgNVHSMEGDAWgBQAkRd5x2fSNk6G
9OJ++MX+m7AQkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FKRVhlY2RuMGpaT2h2VGlmdmpGX3B1d0VKQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvMjU5ZmJlLTI4NTUtNGUxOS05MThmLTYyYzFiMWZmM2EyNi8x
L3ByTVAyMl84V3N2ZnJBR0tJZUl5c3Ruczh3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
MjU5ZmJlLTI4NTUtNGUxOS05MThmLTYyYzFiMWZmM2EyNi8xL0FKRVhlY2RuMGpa
T2h2VGlmdmpGX3B1d0VKQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAUtvTANBgkqhkiG9w0BAQsFAAOC
AQEASh1xnWGCAm5PmPb6lzJzYEY4yHex1xZcQ3ijyYu/tjpSoM+KzN1l746YYQe+
6sg7L0GQhnkTqxR774pumE/c7g44kNexu9tv07HYKPGpTWxxMuncjMfNNxMF0dy/
t+pyPPnbgTuv4WXwEfRS2IIuaLS3eiFgpHGKh8p7qYqFhKkNtcK28QJexYTL/Fz6
RnOrBNfueFtQFoHPYmT8D3pRu+IQAWJeBckAMdsJJSUzrr2AwX9A+531SKzWhen8
LKuI6n7SFGN3zSCyunAgTQQrpKQAscn2lQpxgJnqAuA7glboQdic/4V/Ovp/yl8S
QEbejMNC0OFvOwQFCtcOI4rdOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:39 2024 by rpki-client on console-fra.rpki-client.org