Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/nXyQqSEA9SMK7ptIv_dmnXcGlGE.roa
File:                     nXyQqSEA9SMK7ptIv_dmnXcGlGE.roa (raw, json)
Hash identifier:          LvJ1CRB8RPSdnWaKnE9M3xgyjyIwVG1WTObDcZB8rws=
Subject key identifier:   9D:7C:90:A9:21:00:F5:23:0A:EE:9B:48:BF:F7:66:9D:77:06:94:61
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018288B1AD752D76E73DCE9253682C4F9286
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/nXyQqSEA9SMK7ptIv_dmnXcGlGE.roa
Signing time:             Wed 10 Aug 2022 16:58:41 +0000
ROA not before:           Wed 10 Aug 2022 16:58:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207238
IP address blocks:        45.150.44.0/22 maxlen: 22
                          91.242.102.0/24 maxlen: 24
                          91.242.68.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:88:b1:ad:75:2d:76:e7:3d:ce:92:53:68:2c:4f:92:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Aug 10 16:58:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9d7c90a92100f5230aee9b48bff7669d77069461
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:25:d0:25:5d:ab:bf:c8:12:64:48:13:90:70:
                    e7:6b:4e:67:6c:c6:9e:89:6b:e1:99:1d:cb:d2:e5:
                    68:ab:66:19:b9:08:14:37:ce:d1:eb:b6:a8:15:47:
                    7d:5f:90:a1:6d:02:77:16:ee:57:16:33:ff:9b:2e:
                    82:11:dd:84:cb:21:df:cc:21:21:e3:cd:b3:66:1a:
                    eb:44:e7:81:6e:b0:69:0c:44:63:aa:35:c6:a5:76:
                    fd:5b:b0:a6:4d:73:8c:18:34:b6:ba:2b:05:21:6f:
                    91:d2:e2:5b:11:69:31:31:8b:26:91:a9:8a:7c:59:
                    8c:2b:e8:4e:32:c7:1e:02:b8:8c:8a:9f:95:54:38:
                    08:46:56:e2:bb:63:22:1c:de:e1:11:0c:8f:dc:78:
                    52:3b:43:85:d6:b4:ab:d9:09:d2:aa:24:bd:69:2d:
                    ae:44:bc:97:d3:3b:b8:e3:37:8d:e9:b8:b1:e8:7e:
                    60:72:01:ef:62:78:5c:42:c6:8b:36:b3:84:d3:73:
                    3a:1c:87:49:20:97:1d:90:3f:57:b6:03:74:c0:47:
                    7d:bd:b9:11:6d:af:c8:f6:2a:ea:d2:16:7a:85:d9:
                    e9:5a:36:e5:0a:a8:9b:2d:d4:95:3b:80:ba:b7:67:
                    3f:a4:f5:ab:6a:c5:6c:2c:02:9a:0d:dc:b0:9d:1a:
                    c4:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:7C:90:A9:21:00:F5:23:0A:EE:9B:48:BF:F7:66:9D:77:06:94:61
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/nXyQqSEA9SMK7ptIv_dmnXcGlGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.44.0/22
                  91.242.68.0/23
                  91.242.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:94:4a:3d:42:aa:6b:0f:e6:fe:c8:03:4a:51:84:80:2e:ed:
         b2:59:35:fe:a2:fe:9c:2a:58:bb:7b:fc:00:a1:4e:32:8d:c8:
         4b:c1:2d:7e:5d:b1:dd:3b:7b:57:95:ec:e4:c4:b6:46:44:82:
         d7:c7:0e:7c:4f:4e:d7:7c:7c:e8:2e:79:5d:d1:68:29:6d:9b:
         ec:d4:e0:ae:3d:9e:cb:0b:79:17:e9:5c:3d:33:38:fc:02:72:
         b4:91:2b:6d:ac:3d:c5:40:61:97:26:70:85:3a:b6:56:63:61:
         9a:93:2e:d4:f7:6e:a6:15:55:aa:64:e9:d5:8d:32:bd:c7:dc:
         83:72:ee:81:cf:be:10:df:ad:cb:f1:4a:06:e3:e8:d9:d6:d6:
         4f:cb:7c:09:32:5e:2a:74:3c:39:51:a6:1c:17:5c:6c:8c:d5:
         80:fc:75:0d:19:0c:6d:06:a8:8e:1e:12:e7:f9:d9:e0:e3:0b:
         6d:c8:9c:53:b1:bb:2e:b5:bd:41:86:14:99:31:66:03:18:14:
         65:87:51:cc:20:e0:30:30:1c:1a:ad:2c:bc:30:21:4e:0c:32:
         a1:d8:42:5d:5c:89:a0:f7:01:32:aa:03:a0:5e:ad:32:5d:70:
         38:53:53:f0:dd:f2:43:03:a0:b2:39:c8:2f:7e:c5:2e:c7:f8:
         b8:44:97:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKIsa11LXbnPc6SU2gsT5KGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwODEwMTY1ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdjOTBhOTIxMDBmNTIzMGFlZTliNDhiZmY3NjY5ZDc3MDY5NDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCXQJV2rv8gSZEgTkHDna05nbMae
iWvhmR3L0uVoq2YZuQgUN87R67aoFUd9X5ChbQJ3Fu5XFjP/my6CEd2EyyHfzCEh
482zZhrrROeBbrBpDERjqjXGpXb9W7CmTXOMGDS2uisFIW+R0uJbEWkxMYsmkamK
fFmMK+hOMsceAriMip+VVDgIRlbiu2MiHN7hEQyP3HhSO0OF1rSr2QnSqiS9aS2u
RLyX0zu44zeN6bix6H5gcgHvYnhcQsaLNrOE03M6HIdJIJcdkD9XtgN0wEd9vbkR
ba/I9irq0hZ6hdnpWjblCqibLdSVO4C6t2c/pPWrasVsLAKaDdywnRrEOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ18kKkhAPUjCu6bSL/3Zp13BpRhMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvblh5UXFTRUE5U01LN3B0SXZfZG1uWGNHbEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZYsAwQB
W/JEAwQAW/JmMA0GCSqGSIb3DQEBCwUAA4IBAQColEo9QqprD+b+yANKUYSALu2y
WTX+ov6cKli7e/wAoU4yjchLwS1+XbHdO3tXlezkxLZGRILXxw58T07XfHzoLnld
0WgpbZvs1OCuPZ7LC3kX6Vw9Mzj8AnK0kSttrD3FQGGXJnCFOrZWY2Gaky7U926m
FVWqZOnVjTK9x9yDcu6Bz74Q363L8UoG4+jZ1tZPy3wJMl4qdDw5UaYcF1xsjNWA
/HUNGQxtBqiOHhLn+dng4wttyJxTsbsutb1BhhSZMWYDGBRlh1HMIOAwMBwarSy8
MCFODDKh2EJdXImg9wEyqgOgXq0yXXA4U1Pw3fJDA6CyOcgvfsUux/i4RJe3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org