Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/qkBA7Klihy-ruJyWkEiTfEMguw0.roa
File:                     qkBA7Klihy-ruJyWkEiTfEMguw0.roa (raw, json)
Hash identifier:          +1+EPqFMcUaqobcpxyf+YJt2ABWkqUEzZVvVNTJ5G3g=
Subject key identifier:   AA:40:40:EC:A9:62:87:2F:AB:B8:9C:96:90:48:93:7C:43:20:BB:0D
Certificate issuer:       /CN=00911779c767d2364e86f4e27ef8c5fe9bb01090
Certificate serial:       094C28E8
Authority key identifier: 00:91:17:79:C7:67:D2:36:4E:86:F4:E2:7E:F8:C5:FE:9B:B0:10:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AJEXecdn0jZOhvTifvjF_puwEJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/qkBA7Klihy-ruJyWkEiTfEMguw0.roa
Signing time:             Sat 01 Jan 2022 08:05:12 +0000
ROA not before:           Sat 01 Jan 2022 08:05:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198867
IP address blocks:        5.45.190.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155986152 (0x94c28e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00911779c767d2364e86f4e27ef8c5fe9bb01090
        Validity
            Not Before: Jan  1 08:05:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aa4040eca962872fabb89c969048937c4320bb0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:aa:31:4c:d6:07:91:1a:ff:98:f3:e9:c9:eb:
                    e7:0a:19:16:3f:e5:5d:60:f4:9b:01:ef:8e:45:94:
                    af:02:11:33:fc:ea:79:0f:08:5c:85:90:b5:a6:6d:
                    28:39:ed:65:c5:12:62:e7:69:a4:3d:08:4f:3b:d4:
                    f1:8a:92:7e:ab:77:7a:4d:c0:8d:1f:6c:b6:23:fe:
                    ec:60:1e:fb:da:33:df:f9:6f:df:6b:ff:8c:11:f3:
                    47:a4:75:08:25:21:eb:f9:94:4e:35:5f:fe:09:21:
                    49:ba:eb:c5:cb:b6:37:53:6e:65:ab:16:74:68:fd:
                    49:ea:81:21:d4:97:cd:f8:34:56:3d:65:c9:f6:29:
                    43:bd:62:1b:63:1f:5c:47:9a:e1:ea:e7:67:1e:bf:
                    f2:81:e7:28:b4:79:60:e8:35:50:1e:ac:7c:f6:1e:
                    d7:77:49:13:f1:8d:0d:8d:06:5e:17:cb:f6:89:63:
                    9e:ad:a3:32:77:61:85:26:42:ca:14:d0:2c:ce:06:
                    63:98:43:2c:77:24:07:db:bd:fb:d2:1a:88:31:2b:
                    60:49:cb:df:fd:df:4b:6d:3e:86:a8:bd:f3:b7:ab:
                    6a:cd:30:70:6f:31:4a:b6:43:a8:3e:a2:85:76:5a:
                    76:f4:99:a9:77:30:01:9b:8a:8b:2c:13:1a:52:1b:
                    7a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:40:40:EC:A9:62:87:2F:AB:B8:9C:96:90:48:93:7C:43:20:BB:0D
            X509v3 Authority Key Identifier:
                keyid:00:91:17:79:C7:67:D2:36:4E:86:F4:E2:7E:F8:C5:FE:9B:B0:10:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJEXecdn0jZOhvTifvjF_puwEJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/qkBA7Klihy-ruJyWkEiTfEMguw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/AJEXecdn0jZOhvTifvjF_puwEJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.45.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:38:09:eb:b5:18:aa:5c:2c:17:17:17:0c:22:5c:9f:2a:6b:
         6c:04:49:4f:70:59:be:cf:5c:a7:f7:da:41:30:43:db:4c:52:
         fd:52:b9:70:61:62:b2:b0:72:91:bf:ee:5b:36:b2:bc:0f:bc:
         04:71:31:e5:31:5a:fa:0b:ad:94:97:16:34:32:2c:20:68:a9:
         fd:cf:bb:40:40:0b:33:d6:92:5d:84:c7:7d:32:36:ea:25:59:
         3f:3d:59:27:23:1b:11:8f:a0:14:0b:64:b2:04:76:e9:51:7d:
         ca:23:61:95:7e:21:79:ff:75:e4:49:fa:94:36:0f:8a:5a:5e:
         4f:01:56:43:44:9b:39:79:a2:6d:ef:89:6f:9e:11:ca:db:07:
         73:22:7f:d6:5f:3f:72:41:05:f8:cb:fb:43:7a:47:07:e0:6a:
         40:bd:22:8f:e8:5f:53:d6:63:57:59:8c:f9:ca:6c:10:8c:17:
         77:88:89:5f:69:71:cf:64:e2:3b:88:00:a1:e5:f0:71:b4:79:
         4e:98:a5:dd:93:b1:d3:16:47:59:b7:e1:be:49:34:7b:db:08:
         6e:51:af:61:25:c3:b7:c2:a8:c8:5b:07:87:4a:69:75:00:a5:
         04:31:05:06:db:0c:19:6a:4e:1a:04:4b:e7:fe:e4:9e:6a:81:
         bd:3a:38:40
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECUwo6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDkxMTc3OWM3NjdkMjM2NGU4NmY0ZTI3ZWY4YzVmZTliYjAxMDkwMB4XDTIyMDEw
MTA4MDUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE0MDQwZWNhOTYy
ODcyZmFiYjg5Yzk2OTA0ODkzN2M0MzIwYmIwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSqMUzWB5Ea/5jz6cnr5woZFj/lXWD0mwHvjkWUrwIRM/zq
eQ8IXIWQtaZtKDntZcUSYudppD0ITzvU8YqSfqt3ek3AjR9stiP+7GAe+9oz3/lv
32v/jBHzR6R1CCUh6/mUTjVf/gkhSbrrxcu2N1NuZasWdGj9SeqBIdSXzfg0Vj1l
yfYpQ71iG2MfXEea4ernZx6/8oHnKLR5YOg1UB6sfPYe13dJE/GNDY0GXhfL9olj
nq2jMndhhSZCyhTQLM4GY5hDLHckB9u9+9IaiDErYEnL3/3fS20+hqi987eras0w
cG8xSrZDqD6ihXZadvSZqXcwAZuKiywTGlIbem8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqQEDsqWKHL6u4nJaQSJN8QyC7DTAfBgNVHSMEGDAWgBQAkRd5x2fSNk6G
9OJ++MX+m7AQkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FKRVhlY2RuMGpaT2h2VGlmdmpGX3B1d0VKQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvMjU5ZmJlLTI4NTUtNGUxOS05MThmLTYyYzFiMWZmM2EyNi8x
L3FrQkE3S2xpaHktcnVKeVdrRWlUZkVNZ3V3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
MjU5ZmJlLTI4NTUtNGUxOS05MThmLTYyYzFiMWZmM2EyNi8xL0FKRVhlY2RuMGpa
T2h2VGlmdmpGX3B1d0VKQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAUtvjANBgkqhkiG9w0BAQsFAAOC
AQEAjDgJ67UYqlwsFxcXDCJcnyprbARJT3BZvs9cp/faQTBD20xS/VK5cGFisrBy
kb/uWzayvA+8BHEx5TFa+gutlJcWNDIsIGip/c+7QEALM9aSXYTHfTI26iVZPz1Z
JyMbEY+gFAtksgR26VF9yiNhlX4hef915En6lDYPilpeTwFWQ0SbOXmibe+Jb54R
ytsHcyJ/1l8/ckEF+Mv7Q3pHB+BqQL0ij+hfU9ZjV1mM+cpsEIwXd4iJX2lxz2Ti
O4gAoeXwcbR5Tpil3ZOx0xZHWbfhvkk0e9sIblGvYSXDt8KoyFsHh0ppdQClBDEF
BtsMGWpOGgRL5/7knmqBvTo4QA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:11 2024 by rpki-client on console-ams.rpki-client.org