Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/3Jb-0SNP4-Hy-U_gCR6LunMkVLo.roa
File:                     3Jb-0SNP4-Hy-U_gCR6LunMkVLo.roa (raw, json)
Hash identifier:          8NsikJRAskwgfIJ4dXdknaVlQ5zxNpBPJrRKHn942zc=
Subject key identifier:   DC:96:FE:D1:23:4F:E3:E1:F2:F9:4F:E0:09:1E:8B:BA:73:24:54:BA
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       01854BE82255A378538DA807852BE73166CC
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/3Jb-0SNP4-Hy-U_gCR6LunMkVLo.roa
Signing time:             Mon 26 Dec 2022 00:49:42 +0000
ROA not before:           Mon 26 Dec 2022 00:49:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        45.150.174.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:4b:e8:22:55:a3:78:53:8d:a8:07:85:2b:e7:31:66:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Dec 26 00:49:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dc96fed1234fe3e1f2f94fe0091e8bba732454ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ff:d0:2d:1d:b8:b4:4f:52:1c:82:55:28:36:
                    7a:ba:b1:7a:31:84:05:51:28:f0:66:a2:a6:70:e8:
                    bb:44:aa:fe:5c:9d:c6:6a:52:0d:9d:33:82:f6:ef:
                    2b:5f:cc:76:1a:1b:8f:b4:26:c2:ee:41:69:3d:f8:
                    fe:a2:56:d2:b4:fc:d4:f2:74:43:5b:19:5a:d2:e2:
                    e4:1f:d1:93:5d:c5:c2:b2:3b:3d:cc:42:5e:e0:b9:
                    fc:37:b8:6f:7e:db:f4:ce:be:03:34:2c:1b:46:6f:
                    d1:a1:9b:41:37:87:2a:aa:b8:cd:a3:b4:41:36:9f:
                    99:9a:50:8c:f7:5f:70:38:71:82:3d:ed:50:26:08:
                    d5:58:10:f1:fb:73:90:32:4c:44:e5:c6:69:12:04:
                    94:0a:c3:67:d7:4c:f4:d4:e0:4e:c0:1c:59:0e:82:
                    b9:21:48:2c:fc:66:19:6f:b5:26:4f:a3:93:bd:d4:
                    de:a7:ca:02:f6:f8:4b:e0:ee:e1:80:98:14:a4:b7:
                    aa:3a:6a:e7:60:6c:9e:15:97:80:73:d9:c8:d3:b6:
                    dc:d7:63:da:e7:c2:bb:4d:ec:3b:76:e7:1a:b5:95:
                    2a:bc:03:e2:7b:18:e3:01:1a:df:86:f4:55:ad:26:
                    3c:83:f1:d3:37:98:36:49:81:00:66:28:9a:44:0c:
                    0b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:96:FE:D1:23:4F:E3:E1:F2:F9:4F:E0:09:1E:8B:BA:73:24:54:BA
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/3Jb-0SNP4-Hy-U_gCR6LunMkVLo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:e4:71:2b:58:7c:32:5a:44:4e:95:34:fa:4b:ea:fe:77:9e:
         9d:e9:c7:71:c0:1d:23:de:ef:fe:74:f8:8b:ab:d4:a8:30:71:
         03:ca:c8:c8:2f:cc:88:d7:3c:ba:e4:99:ce:8d:25:70:0a:96:
         4f:e7:a6:88:e9:d0:70:f1:4b:3e:ad:b7:0b:65:04:92:41:9f:
         fc:80:24:10:5f:b7:81:55:88:ae:c7:70:ff:5e:2f:80:ae:f5:
         8d:aa:db:b8:e8:44:75:b3:ce:3b:27:74:a0:e7:b1:f3:b0:58:
         ad:78:9f:1b:46:92:a4:a0:d1:ea:48:59:ec:9f:c1:f3:80:9a:
         3f:22:5a:3d:16:8d:cb:2d:fe:df:33:f8:f7:64:0a:c7:a7:cf:
         20:c4:d7:8c:55:4e:ac:22:bb:c8:f9:a5:4d:d6:d0:61:7a:ea:
         ba:d5:d0:f5:bb:63:70:61:d0:5e:76:af:3c:63:b6:81:92:bf:
         15:23:78:26:29:3b:87:71:5d:b9:04:a3:80:8c:1f:52:a6:5e:
         ed:d7:e6:57:4a:a1:e9:70:16:f1:23:9e:e0:b2:35:3a:56:0e:
         61:21:74:95:39:aa:7c:e2:d7:16:8e:17:86:7a:93:7d:96:0c:
         82:22:1d:50:18:d4:af:a6:63:07:8f:24:be:9c:2e:7b:68:50:
         ad:d4:11:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVL6CJVo3hTjagHhSvnMWbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjIxMjI2MDA0OTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk2ZmVkMTIzNGZlM2UxZjJmOTRmZTAwOTFlOGJiYTczMjQ1NGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP/QLR24tE9SHIJVKDZ6urF6MYQF
USjwZqKmcOi7RKr+XJ3GalINnTOC9u8rX8x2GhuPtCbC7kFpPfj+olbStPzU8nRD
Wxla0uLkH9GTXcXCsjs9zEJe4Ln8N7hvftv0zr4DNCwbRm/RoZtBN4cqqrjNo7RB
Np+ZmlCM919wOHGCPe1QJgjVWBDx+3OQMkxE5cZpEgSUCsNn10z01OBOwBxZDoK5
IUgs/GYZb7UmT6OTvdTep8oC9vhL4O7hgJgUpLeqOmrnYGyeFZeAc9nI07bc12Pa
58K7Tew7ducatZUqvAPiexjjARrfhvRVrSY8g/HTN5g2SYEAZiiaRAwLIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyW/tEjT+Ph8vlP4Akei7pzJFS6MB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvM0piLTBTTlA0LUh5LVVfZ0NSNkx1bk1rVkxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZauMA0G
CSqGSIb3DQEBCwUAA4IBAQAH5HErWHwyWkROlTT6S+r+d56d6cdxwB0j3u/+dPiL
q9SoMHEDysjIL8yI1zy65JnOjSVwCpZP56aI6dBw8Us+rbcLZQSSQZ/8gCQQX7eB
VYiux3D/Xi+ArvWNqtu46ER1s847J3Sg57HzsFiteJ8bRpKkoNHqSFnsn8HzgJo/
Ilo9Fo3LLf7fM/j3ZArHp88gxNeMVU6sIrvI+aVN1tBheuq61dD1u2NwYdBedq88
Y7aBkr8VI3gmKTuHcV25BKOAjB9Spl7t1+ZXSqHpcBbxI57gsjU6Vg5hIXSVOap8
4tcWjheGepN9lgyCIh1QGNSvpmMHjyS+nC57aFCt1BHf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org