Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/Yby2r94xj96AjRCDtkou1zGLSDM.roa
File:                     Yby2r94xj96AjRCDtkou1zGLSDM.roa (raw, json)
Hash identifier:          Ft0xM3arLMc//WV1Kmo/MueGOQNC34CvsmDSmmc7wJU=
Subject key identifier:   61:BC:B6:AF:DE:31:8F:DE:80:8D:10:83:B6:4A:2E:D7:31:8B:48:33
Certificate issuer:       /CN=df83cc17f26bc6a97c44d8a2436a95c72a94bff1
Certificate serial:       07376C04
Authority key identifier: DF:83:CC:17:F2:6B:C6:A9:7C:44:D8:A2:43:6A:95:C7:2A:94:BF:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/34PMF_Jrxql8RNiiQ2qVxyqUv_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/Yby2r94xj96AjRCDtkou1zGLSDM.roa
Signing time:             Sat 01 Jan 2022 01:56:10 +0000
ROA not before:           Sat 01 Jan 2022 01:56:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48821
IP address blocks:        45.159.32.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121072644 (0x7376c04)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df83cc17f26bc6a97c44d8a2436a95c72a94bff1
        Validity
            Not Before: Jan  1 01:56:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=61bcb6afde318fde808d1083b64a2ed7318b4833
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a8:a1:97:a5:d9:9a:d9:e7:6d:45:26:45:06:
                    7f:bc:7e:43:89:cc:97:b2:7e:cb:91:a2:29:f5:b7:
                    cc:8e:4c:10:91:55:21:10:22:68:a5:d9:59:5e:78:
                    bc:34:7e:a4:11:a4:2a:4b:db:1d:fd:8e:e5:b7:9c:
                    b7:fe:98:b6:4f:d4:c9:03:fb:f6:d4:8a:99:b4:e1:
                    96:30:9c:de:26:85:b2:25:7f:54:50:95:3a:4a:5f:
                    81:c8:9e:fc:7e:cf:c5:99:2e:db:f1:a5:82:df:e1:
                    c6:37:c0:61:7b:e5:65:c3:59:35:41:ec:4e:e9:75:
                    cf:cd:d0:81:a4:78:3c:1d:e3:fe:e7:8c:08:f4:c1:
                    ed:37:f2:60:af:da:41:fb:6e:39:fb:85:b8:8d:dc:
                    2d:28:bf:b7:d0:e3:7f:e0:dd:38:e2:b1:a8:8a:93:
                    47:b3:bd:72:56:26:39:20:ed:0f:34:1c:66:54:cc:
                    90:8e:4c:6d:0b:38:4f:b3:23:38:7e:35:6f:c1:a6:
                    f2:8c:f3:94:a5:4e:27:92:67:0e:99:99:80:9f:96:
                    70:a7:66:01:5d:69:96:b1:a7:89:b1:5a:fa:3b:f1:
                    0a:4b:8f:e7:c4:ea:bc:7f:78:e4:66:e0:a9:d8:58:
                    4a:79:e1:40:60:13:be:80:6d:f4:5f:0a:1d:f5:bf:
                    61:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:BC:B6:AF:DE:31:8F:DE:80:8D:10:83:B6:4A:2E:D7:31:8B:48:33
            X509v3 Authority Key Identifier:
                keyid:DF:83:CC:17:F2:6B:C6:A9:7C:44:D8:A2:43:6A:95:C7:2A:94:BF:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34PMF_Jrxql8RNiiQ2qVxyqUv_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/Yby2r94xj96AjRCDtkou1zGLSDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/34PMF_Jrxql8RNiiQ2qVxyqUv_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:ec:8b:31:dc:be:4c:f6:f1:ff:dd:3d:7b:f7:1f:ab:34:65:
         8f:58:33:75:95:70:6e:5a:51:fa:38:f2:c9:13:c3:1c:7f:1c:
         2c:a9:76:9c:d8:d1:38:cd:de:9f:cf:36:80:47:98:07:74:09:
         24:00:3c:93:a4:e3:08:02:45:c8:44:ad:6c:ad:e4:00:fd:5a:
         19:f4:f4:55:2c:16:66:84:2f:95:27:a2:fd:b8:48:96:22:4b:
         92:38:81:61:bc:ec:58:db:6a:df:c8:b8:e7:52:d4:c9:5e:ee:
         80:94:ec:b5:ef:60:61:35:30:c3:a1:a7:23:62:78:9a:d8:1f:
         f2:24:d3:3d:54:d5:df:03:09:ff:1d:25:50:14:32:40:8c:92:
         18:12:e8:b4:25:6b:60:4b:77:b6:b6:77:e8:e9:cb:23:99:60:
         ec:4f:65:03:bd:f5:ce:fe:94:10:11:95:01:74:f7:31:00:93:
         dd:b7:40:49:8a:81:9f:d4:23:5d:11:67:bc:bb:93:31:a1:4a:
         92:4e:15:ed:22:38:0a:4a:ca:38:ec:53:9c:52:ec:39:b1:ea:
         ee:b6:7e:74:45:a4:85:43:d4:85:f2:76:ec:43:8c:90:51:86:
         d7:52:d7:05:72:92:65:e2:27:02:99:c1:e0:13:85:34:a2:a0:
         39:10:35:2a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBzdsBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZjgzY2MxN2YyNmJjNmE5N2M0NGQ4YTI0MzZhOTVjNzJhOTRiZmYxMB4XDTIyMDEw
MTAxNTYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFiY2I2YWZkZTMx
OGZkZTgwOGQxMDgzYjY0YTJlZDczMThiNDgzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGooZel2ZrZ521FJkUGf7x+Q4nMl7J+y5GiKfW3zI5MEJFV
IRAiaKXZWV54vDR+pBGkKkvbHf2O5bect/6Ytk/UyQP79tSKmbThljCc3iaFsiV/
VFCVOkpfgcie/H7PxZku2/Glgt/hxjfAYXvlZcNZNUHsTul1z83QgaR4PB3j/ueM
CPTB7TfyYK/aQftuOfuFuI3cLSi/t9Djf+DdOOKxqIqTR7O9clYmOSDtDzQcZlTM
kI5MbQs4T7MjOH41b8Gm8ozzlKVOJ5JnDpmZgJ+WcKdmAV1plrGnibFa+jvxCkuP
58TqvH945GbgqdhYSnnhQGATvoBt9F8KHfW/YQ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRhvLav3jGP3oCNEIO2Si7XMYtIMzAfBgNVHSMEGDAWgBTfg8wX8mvGqXxE
2KJDapXHKpS/8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM0UE1GX0pyeHFsOFJOaWlRMnFWeHlxVXZfRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvODQwNjgzLTUxOWMtNGE0ZC1hZTQ2LTA2OWFkM2Q2ZTViMC8x
L1lieTJyOTR4ajk2QWpSQ0R0a291MXpHTFNETS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
ODQwNjgzLTUxOWMtNGE0ZC1hZTQ2LTA2OWFkM2Q2ZTViMC8xLzM0UE1GX0pyeHFs
OFJOaWlRMnFWeHlxVXZfRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2fIDANBgkqhkiG9w0BAQsFAAOC
AQEAkuyLMdy+TPbx/909e/cfqzRlj1gzdZVwblpR+jjyyRPDHH8cLKl2nNjROM3e
n882gEeYB3QJJAA8k6TjCAJFyEStbK3kAP1aGfT0VSwWZoQvlSei/bhIliJLkjiB
YbzsWNtq38i451LUyV7ugJTste9gYTUww6GnI2J4mtgf8iTTPVTV3wMJ/x0lUBQy
QIySGBLotCVrYEt3trZ36OnLI5lg7E9lA731zv6UEBGVAXT3MQCT3bdASYqBn9Qj
XRFnvLuTMaFKkk4V7SI4CkrKOOxTnFLsObHq7rZ+dEWkhUPUhfJ27EOMkFGG11LX
BXKSZeInApnB4BOFNKKgORA1Kg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:01 2024 by rpki-client on console-ams.rpki-client.org