Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/IvVzxE8C68AkIIYerFOLXpUj3tk.roa
File:                     IvVzxE8C68AkIIYerFOLXpUj3tk.roa (raw, json)
Hash identifier:          iTTcg9hql5do3Bsl6DpHfN7xmuYxe/NgnB11mCRinSs=
Subject key identifier:   22:F5:73:C4:4F:02:EB:C0:24:20:86:1E:AC:53:8B:5E:95:23:DE:D9
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       0184A5EA71BDBD76F6948B5F55D1860DB0D6
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/IvVzxE8C68AkIIYerFOLXpUj3tk.roa
Signing time:             Wed 23 Nov 2022 19:15:15 +0000
ROA not before:           Wed 23 Nov 2022 19:15:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        45.139.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a5:ea:71:bd:bd:76:f6:94:8b:5f:55:d1:86:0d:b0:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Nov 23 19:15:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=22f573c44f02ebc02420861eac538b5e9523ded9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:3b:30:f9:88:c5:c6:88:e1:cd:12:07:9e:98:
                    39:6f:56:3e:2e:37:43:23:f4:9a:13:d4:0d:9f:1f:
                    1f:6a:96:bb:0c:98:9f:bd:ce:8c:d0:a8:72:40:67:
                    53:92:99:69:d1:6d:e7:19:22:50:d6:6d:18:92:f9:
                    24:b5:d0:b8:4e:43:bd:78:58:17:cb:36:7d:4d:db:
                    0a:a2:a4:eb:f8:03:4a:f3:1b:60:b6:a7:b1:16:83:
                    16:1e:15:df:0b:fa:d8:01:0c:96:c4:2d:ad:88:17:
                    07:3b:3d:0a:8d:54:38:80:1d:2b:ac:0e:12:6a:00:
                    5f:47:04:7f:fb:19:ee:ce:8d:90:a6:50:ec:a1:5f:
                    36:b1:3b:93:ee:ca:be:be:e7:9a:42:52:e3:50:68:
                    07:4f:26:07:bb:6f:92:e4:99:17:b2:3f:07:5e:d3:
                    84:c8:9e:e2:5b:36:60:b0:18:cf:3f:b2:e6:5e:4c:
                    28:bd:94:7d:36:38:29:cd:1e:d6:95:42:d3:65:05:
                    45:b8:30:d5:b8:2d:c4:3f:92:32:e4:e2:f0:2b:01:
                    2e:3e:f3:fe:8f:09:2f:e0:e2:5d:12:b8:0e:ac:7d:
                    a8:75:13:12:47:30:84:dc:00:67:d1:06:a6:06:a8:
                    f5:64:20:06:b8:37:c3:f1:4f:ed:a1:05:41:b2:cc:
                    65:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:F5:73:C4:4F:02:EB:C0:24:20:86:1E:AC:53:8B:5E:95:23:DE:D9
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/IvVzxE8C68AkIIYerFOLXpUj3tk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.139.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:8b:cd:9d:0c:46:2c:ec:dd:9c:31:85:7f:cc:2a:ac:46:3f:
         7a:fd:7d:5b:00:2e:07:1c:dd:44:39:8e:00:aa:ac:0b:1b:74:
         41:56:d3:c5:e8:c2:42:73:4a:1b:dd:aa:b5:e6:a3:b8:ce:b1:
         d6:c4:c9:c8:87:96:fa:21:06:07:08:9c:97:9c:bb:a4:12:f1:
         99:a5:c9:6f:8d:13:ac:2d:99:f1:79:66:37:e9:5b:f5:82:9a:
         19:7f:dd:70:20:a8:2a:16:ff:a4:14:ba:d5:6a:58:39:d7:76:
         97:7e:93:8d:f5:a9:b7:58:b8:40:b5:92:59:c8:a7:12:d3:db:
         3a:cd:0a:2e:eb:bc:db:60:33:f1:64:04:b8:81:bc:1d:bb:00:
         e4:38:17:01:00:2d:fa:f5:41:ac:b9:6f:0f:47:0e:e9:6d:19:
         9b:40:d8:f2:2d:82:e3:72:4b:c7:2e:dc:8b:d4:fd:16:19:99:
         6e:e9:a6:75:31:e9:a5:be:9b:70:30:ab:88:8b:57:85:73:38:
         34:e9:89:7b:5f:6a:0d:2a:43:f9:91:07:74:e0:56:3d:b8:56:
         19:a0:96:9a:a1:9c:93:0d:a5:29:8f:bf:27:c2:ec:a0:b2:db:
         e6:59:d8:d9:c7:50:70:cf:1d:6c:a6:9c:e4:73:3b:54:22:52:
         97:f6:f1:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSl6nG9vXb2lItfVdGGDbDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjIxMTIzMTkxNTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmY1NzNjNDRmMDJlYmMwMjQyMDg2MWVhYzUzOGI1ZTk1MjNkZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTsw+YjFxojhzRIHnpg5b1Y+LjdD
I/SaE9QNnx8fapa7DJifvc6M0KhyQGdTkplp0W3nGSJQ1m0YkvkktdC4TkO9eFgX
yzZ9TdsKoqTr+ANK8xtgtqexFoMWHhXfC/rYAQyWxC2tiBcHOz0KjVQ4gB0rrA4S
agBfRwR/+xnuzo2QplDsoV82sTuT7sq+vueaQlLjUGgHTyYHu2+S5JkXsj8HXtOE
yJ7iWzZgsBjPP7LmXkwovZR9NjgpzR7WlULTZQVFuDDVuC3EP5Iy5OLwKwEuPvP+
jwkv4OJdErgOrH2odRMSRzCE3ABn0QamBqj1ZCAGuDfD8U/toQVBssxleQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCL1c8RPAuvAJCCGHqxTi16VI97ZMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvSXZWenhFOEM2OEFrSUlZZXJGT0xYcFVqM3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYvHMA0G
CSqGSIb3DQEBCwUAA4IBAQA5i82dDEYs7N2cMYV/zCqsRj96/X1bAC4HHN1EOY4A
qqwLG3RBVtPF6MJCc0ob3aq15qO4zrHWxMnIh5b6IQYHCJyXnLukEvGZpclvjROs
LZnxeWY36Vv1gpoZf91wIKgqFv+kFLrValg513aXfpON9am3WLhAtZJZyKcS09s6
zQou67zbYDPxZAS4gbwduwDkOBcBAC369UGsuW8PRw7pbRmbQNjyLYLjckvHLtyL
1P0WGZlu6aZ1MemlvptwMKuIi1eFczg06Yl7X2oNKkP5kQd04FY9uFYZoJaaoZyT
DaUpj78nwuygstvmWdjZx1Bwzx1sppzkcztUIlKX9vGp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org