Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/nAUpBvMnUcBzuXK_2sLhhzyMVVg.roa
File:                     nAUpBvMnUcBzuXK_2sLhhzyMVVg.roa (raw, json)
Hash identifier:          fmfGENlPq42z8sQ8lBJszAcGpXxm0P1KfEeB8WP4JcA=
Subject key identifier:   9C:05:29:06:F3:27:51:C0:73:B9:72:BF:DA:C2:E1:87:3C:8C:55:58
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       018419E29682222673464E833B1B69704A0F
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/nAUpBvMnUcBzuXK_2sLhhzyMVVg.roa
Signing time:             Thu 27 Oct 2022 14:39:50 +0000
ROA not before:           Thu 27 Oct 2022 14:39:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3170
IP address blocks:        45.84.241.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:19:e2:96:82:22:26:73:46:4e:83:3b:1b:69:70:4a:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Oct 27 14:39:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9c052906f32751c073b972bfdac2e1873c8c5558
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:66:52:b5:77:fd:c4:61:8a:e3:27:8e:cc:76:
                    7c:0f:53:bd:98:7d:fe:80:aa:2d:64:0b:38:cc:d5:
                    73:25:8f:93:dc:bb:ab:a2:8c:15:00:c3:1f:7d:c8:
                    fc:ee:fa:5e:45:14:01:f2:db:7d:ee:9c:2b:45:d0:
                    91:26:2f:06:c1:e1:97:5e:0e:79:37:0e:d0:b6:d9:
                    4a:91:d4:10:00:42:74:d2:2a:5f:04:fd:3f:c2:39:
                    5c:32:2a:4a:e0:c7:67:61:7b:3d:f4:49:46:db:07:
                    f6:51:7b:5b:9f:47:0c:6a:4a:2f:b3:b0:82:cd:48:
                    1d:93:88:63:d3:ee:b8:7a:0d:a1:81:68:40:10:ca:
                    e9:dc:54:fe:c2:ed:cb:33:03:4c:21:c3:aa:90:93:
                    38:1f:76:e1:c7:5e:ec:b4:a1:10:67:b5:cd:d9:87:
                    c9:b6:98:91:2a:5d:6a:e0:83:ce:c2:1e:69:a0:20:
                    da:46:a2:aa:b0:ad:6a:0e:7a:38:03:33:6b:a1:53:
                    df:09:d3:1a:21:1a:7b:48:11:93:3c:c9:73:72:2a:
                    0b:0e:55:fd:16:a3:46:27:6b:fb:0e:67:0d:9a:3d:
                    bf:d7:58:f2:ae:c4:ff:a8:c6:f3:f3:64:54:c9:45:
                    6d:e0:a2:17:40:cf:58:0d:06:c4:e8:d9:52:8c:ea:
                    f2:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:05:29:06:F3:27:51:C0:73:B9:72:BF:DA:C2:E1:87:3C:8C:55:58
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/nAUpBvMnUcBzuXK_2sLhhzyMVVg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.84.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:2c:33:62:65:ea:b3:3e:ef:28:d8:86:d4:49:10:c8:4d:52:
         49:53:41:8a:5c:c0:54:42:6f:e5:cb:cd:eb:c6:dc:9b:b4:a0:
         8a:8d:dd:1a:55:2b:02:55:8e:a8:ee:96:fb:f0:18:f2:83:0c:
         d6:ed:87:5e:26:4c:84:ff:55:d2:35:9b:02:f1:0f:5c:f1:3a:
         55:d2:26:fb:56:5b:f7:06:47:0b:6f:c4:11:e2:d5:69:55:b9:
         2a:24:22:f7:ae:59:e1:c0:4a:06:6d:a2:f0:82:49:ca:9e:9b:
         7e:ea:57:2e:c1:22:48:d7:4f:0b:f9:d1:d8:49:bf:51:c8:ff:
         d3:5c:d3:af:f5:07:bb:4f:d0:16:fe:49:54:1f:7b:ae:0c:47:
         35:e6:e4:26:0e:59:62:07:53:dc:0d:10:e0:c8:f2:56:19:52:
         3e:f1:8c:09:8f:fc:b1:5e:74:76:71:d5:b5:ae:18:42:31:c7:
         a0:19:2c:20:65:51:52:d4:e5:a8:bb:38:8b:43:c0:d2:21:48:
         16:2c:71:d3:f0:c4:9d:29:30:72:3d:f1:4f:1e:f8:91:6f:83:
         c3:43:c8:4e:d5:29:f5:03:6a:31:06:75:86:08:39:f8:78:bb:
         08:35:9d:66:ff:52:46:ec:0d:8a:d4:b0:97:b7:70:53:a2:18:
         ec:e5:aa:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQZ4paCIiZzRk6DOxtpcEoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjIxMDI3MTQzOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzA1MjkwNmYzMjc1MWMwNzNiOTcyYmZkYWMyZTE4NzNjOGM1NTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGZStXf9xGGK4yeOzHZ8D1O9mH3+
gKotZAs4zNVzJY+T3LuroowVAMMffcj87vpeRRQB8tt97pwrRdCRJi8GweGXXg55
Nw7QttlKkdQQAEJ00ipfBP0/wjlcMipK4MdnYXs99ElG2wf2UXtbn0cMakovs7CC
zUgdk4hj0+64eg2hgWhAEMrp3FT+wu3LMwNMIcOqkJM4H3bhx17stKEQZ7XN2YfJ
tpiRKl1q4IPOwh5poCDaRqKqsK1qDno4AzNroVPfCdMaIRp7SBGTPMlzcioLDlX9
FqNGJ2v7DmcNmj2/11jyrsT/qMbz82RUyUVt4KIXQM9YDQbE6NlSjOry7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwFKQbzJ1HAc7lyv9rC4Yc8jFVYMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvbkFVcEJ2TW5VY0J6dVhLXzJzTGhoenlNVlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVTxMA0G
CSqGSIb3DQEBCwUAA4IBAQAlLDNiZeqzPu8o2IbUSRDITVJJU0GKXMBUQm/ly83r
xtybtKCKjd0aVSsCVY6o7pb78BjygwzW7YdeJkyE/1XSNZsC8Q9c8TpV0ib7Vlv3
BkcLb8QR4tVpVbkqJCL3rlnhwEoGbaLwgknKnpt+6lcuwSJI108L+dHYSb9RyP/T
XNOv9Qe7T9AW/klUH3uuDEc15uQmDlliB1PcDRDgyPJWGVI+8YwJj/yxXnR2cdW1
rhhCMcegGSwgZVFS1OWouziLQ8DSIUgWLHHT8MSdKTByPfFPHviRb4PDQ8hO1Sn1
A2oxBnWGCDn4eLsINZ1m/1JG7A2K1LCXt3BTohjs5ap+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org