Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/nyj5K4nkZT8rQPZ_smD1hZSmGpI.roa
File:                     nyj5K4nkZT8rQPZ_smD1hZSmGpI.roa (raw, json)
Hash identifier:          pM9OKGidk4o5rz6KN/Tr+yDnAMPIMQChpziBmI8QDL8=
Subject key identifier:   9F:28:F9:2B:89:E4:65:3F:2B:40:F6:7F:B2:60:F5:85:94:A6:1A:92
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       03AC18A4
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/nyj5K4nkZT8rQPZ_smD1hZSmGpI.roa
Signing time:             Fri 11 Mar 2022 02:50:59 +0000
ROA not before:           Fri 11 Mar 2022 02:50:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     136933
IP address blocks:        45.131.178.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61610148 (0x3ac18a4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Mar 11 02:50:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9f28f92b89e4653f2b40f67fb260f58594a61a92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:89:4d:97:61:1a:fb:65:05:cb:aa:af:6f:9b:
                    18:9a:4d:59:e9:42:55:13:f9:8c:0a:e7:7e:92:b1:
                    f7:6e:f9:58:77:86:3a:d3:eb:7a:e5:b9:3b:92:c6:
                    fd:80:3c:71:4a:ae:b5:f4:2c:7e:bd:23:61:79:4f:
                    4c:85:1e:6b:2d:4a:86:48:cf:d9:34:77:e1:b7:0f:
                    31:c4:4e:5a:76:51:44:c3:3e:f5:ea:91:2a:9a:e3:
                    e6:27:fe:93:e1:94:44:ee:84:7d:83:73:51:e7:c7:
                    72:49:83:0a:f9:b3:30:3a:56:83:15:5a:f3:6f:54:
                    b9:ed:61:d3:cb:85:a2:3a:75:76:a6:b7:3a:29:43:
                    6b:4c:fa:82:b0:fa:f0:df:43:55:cc:c1:ab:e8:12:
                    92:55:fa:87:43:0e:ee:39:36:85:f6:83:3b:dd:8e:
                    51:f8:35:3a:e3:a8:c5:7c:1c:9b:08:ec:29:9d:fe:
                    99:5c:4c:05:82:a6:6c:39:6b:cc:2a:ea:ed:85:43:
                    e3:de:de:06:d1:43:b9:8b:d8:d2:e7:e5:0f:4a:ad:
                    f5:33:49:24:04:68:5d:ee:ae:b0:9d:2d:6a:74:ab:
                    e4:46:4b:d1:b4:9c:42:72:e1:43:5e:e6:6a:c6:61:
                    c3:0c:f4:71:1b:2d:ec:0e:ed:69:88:ce:e3:a8:b6:
                    c9:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:28:F9:2B:89:E4:65:3F:2B:40:F6:7F:B2:60:F5:85:94:A6:1A:92
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/nyj5K4nkZT8rQPZ_smD1hZSmGpI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:f1:ad:12:40:a7:75:65:2d:e3:1a:61:59:bc:5b:79:58:8b:
         04:c8:97:9c:cd:de:55:24:3a:79:84:4b:d2:b9:ba:d1:80:41:
         54:a8:20:05:1e:d9:aa:77:85:e3:a7:24:ec:a6:0d:6a:ac:e7:
         81:56:d2:18:ec:dd:11:3b:30:00:13:48:d8:2a:c4:8e:dc:62:
         5f:fa:b8:0d:43:29:26:77:3b:5f:05:e3:a2:11:72:55:8d:11:
         30:e3:d0:3b:46:83:98:52:9e:65:47:bb:9e:24:fc:66:47:46:
         96:4b:42:fb:7b:bb:f5:7f:59:ff:5f:7f:7a:0c:39:c2:1d:eb:
         b8:e5:d0:54:d0:62:e4:52:44:fd:b3:56:22:55:82:de:4a:1d:
         6c:84:b1:81:6c:9b:a2:99:62:87:49:80:d2:e7:67:02:a9:c3:
         c9:17:3b:50:bc:65:74:c8:4f:45:37:c1:f1:2e:e1:1c:f1:10:
         46:32:93:1a:3c:c4:23:02:b7:b5:f4:70:ca:e3:c4:45:ba:ea:
         00:7d:8c:6e:dc:bb:78:69:f5:5b:dc:36:63:82:19:23:cc:1d:
         d6:8f:f1:b5:f5:e2:0f:3f:94:1d:c6:e1:ae:70:fc:c0:a3:27:
         64:9e:e4:60:49:65:6f:38:db:95:bc:5a:b7:7c:e4:8e:18:8a:
         ad:d9:fc:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6wYpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDdiNDg3ODQ4ZmZmNjM1MzNkODdjMzI0ZWNjNTFjMmMzZWEyYWRiMB4XDTIyMDMx
MTAyNTA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWYyOGY5MmI4OWU0
NjUzZjJiNDBmNjdmYjI2MGY1ODU5NGE2MWE5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCJTZdhGvtlBcuqr2+bGJpNWelCVRP5jArnfpKx9275WHeG
OtPreuW5O5LG/YA8cUqutfQsfr0jYXlPTIUeay1KhkjP2TR34bcPMcROWnZRRMM+
9eqRKprj5if+k+GURO6EfYNzUefHckmDCvmzMDpWgxVa829Uue1h08uFojp1dqa3
OilDa0z6grD68N9DVczBq+gSklX6h0MO7jk2hfaDO92OUfg1OuOoxXwcmwjsKZ3+
mVxMBYKmbDlrzCrq7YVD497eBtFDuYvY0uflD0qt9TNJJARoXe6usJ0tanSr5EZL
0bScQnLhQ17masZhwwz0cRst7A7taYjO46i2yUcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSfKPkrieRlPytA9n+yYPWFlKYakjAfBgNVHSMEGDAWgBQ0e0h4SP/2NTPY
fDJOzFHCw+oq2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05IdEllRWpfOWpVejJId3lUc3hSd3NQcUt0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvYmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8x
L255ajVLNG5rWlQ4clFQWl9zbUQxaFpTbUdwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
YmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8xL05IdEllRWpfOWpV
ejJId3lUc3hSd3NQcUt0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2DsjANBgkqhkiG9w0BAQsFAAOC
AQEAb/GtEkCndWUt4xphWbxbeViLBMiXnM3eVSQ6eYRL0rm60YBBVKggBR7ZqneF
46ck7KYNaqzngVbSGOzdETswABNI2CrEjtxiX/q4DUMpJnc7XwXjohFyVY0RMOPQ
O0aDmFKeZUe7niT8ZkdGlktC+3u79X9Z/19/egw5wh3ruOXQVNBi5FJE/bNWIlWC
3kodbISxgWyboplih0mA0udnAqnDyRc7ULxldMhPRTfB8S7hHPEQRjKTGjzEIwK3
tfRwyuPERbrqAH2Mbty7eGn1W9w2Y4IZI8wd1o/xtfXiDz+UHcbhrnD8wKMnZJ7k
YEllbzjblbxat3zkjhiKrdn8oA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org