Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/fapM0Bv8Sw3LBw1hVpv1S_ayTiA.roa
File:                     fapM0Bv8Sw3LBw1hVpv1S_ayTiA.roa (raw, json)
Hash identifier:          lc3WCwZfKDSo3Zz9nDGrD49N7L8uyZqTXVPx14RhKRU=
Subject key identifier:   7D:AA:4C:D0:1B:FC:4B:0D:CB:07:0D:61:56:9B:F5:4B:F6:B2:4E:20
Certificate issuer:       /CN=91f5fcedbdb84dd52fc6770d7ccfd3fc6684fa41
Certificate serial:       08A2ED34
Authority key identifier: 91:F5:FC:ED:BD:B8:4D:D5:2F:C6:77:0D:7C:CF:D3:FC:66:84:FA:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfX87b24TdUvxncNfM_T_GaE-kE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/fapM0Bv8Sw3LBw1hVpv1S_ayTiA.roa
Signing time:             Sat 01 Jan 2022 14:08:31 +0000
ROA not before:           Sat 01 Jan 2022 14:08:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202699
IP address blocks:        45.82.60.0/24 maxlen: 24
                          45.82.63.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 144895284 (0x8a2ed34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f5fcedbdb84dd52fc6770d7ccfd3fc6684fa41
        Validity
            Not Before: Jan  1 14:08:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7daa4cd01bfc4b0dcb070d61569bf54bf6b24e20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:01:cd:3c:d2:49:89:df:ac:07:10:a7:9a:d6:
                    12:43:3e:93:7f:00:64:d6:9d:21:a7:6f:c9:f6:43:
                    ac:5d:f0:41:a4:05:91:fd:93:8d:14:e3:88:95:41:
                    49:50:d9:85:5f:9c:d4:d7:59:b9:03:dd:c2:f8:29:
                    b3:25:50:cf:20:36:8e:58:3b:43:cf:12:91:4e:0c:
                    cb:24:e1:c6:ec:bd:ce:e4:0e:b4:cd:c3:44:24:e8:
                    d8:fe:1b:eb:a1:52:ed:28:de:f8:54:73:7c:06:97:
                    b8:d3:86:f3:e6:b1:e1:41:00:95:2a:69:65:3b:f9:
                    20:64:4b:f2:6f:fa:e8:c8:a1:f8:e2:5a:bf:fa:bf:
                    54:70:3d:53:7a:09:23:cd:6a:48:95:fc:23:b8:21:
                    cb:0f:e4:cf:d7:b2:f7:97:4e:39:84:2e:a6:16:bd:
                    b8:88:e4:1d:c6:af:5d:b8:1d:d3:26:b7:d1:95:0f:
                    d6:a5:60:2a:35:0c:d4:75:20:7e:a0:5f:55:c1:ff:
                    78:89:70:99:fd:32:2e:94:62:9e:a1:6a:ff:eb:63:
                    1f:9e:1a:35:b3:a9:2d:9d:18:af:cd:65:36:85:e3:
                    ba:a8:50:81:d1:eb:b8:e4:ef:80:0d:ff:16:c4:e9:
                    22:1c:3a:88:a7:4b:eb:50:bf:2d:6b:ce:90:0d:d9:
                    ca:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:AA:4C:D0:1B:FC:4B:0D:CB:07:0D:61:56:9B:F5:4B:F6:B2:4E:20
            X509v3 Authority Key Identifier:
                keyid:91:F5:FC:ED:BD:B8:4D:D5:2F:C6:77:0D:7C:CF:D3:FC:66:84:FA:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfX87b24TdUvxncNfM_T_GaE-kE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/fapM0Bv8Sw3LBw1hVpv1S_ayTiA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/kfX87b24TdUvxncNfM_T_GaE-kE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.60.0/24
                  45.82.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:51:8d:7e:ae:3a:1a:a8:da:cc:4c:40:81:02:90:3c:7d:33:
         76:bf:45:4a:27:9c:e9:46:22:d0:db:9e:a6:4b:c6:04:a0:d4:
         46:be:a2:b7:a6:c2:18:5d:d1:d2:ae:40:e9:2d:84:5c:33:47:
         6b:f7:95:d4:8b:b3:6a:70:18:7d:6c:b2:04:4c:0a:f6:7c:8d:
         4c:2f:a9:f6:4b:52:0a:3c:09:0b:f4:c3:9e:ca:50:43:1f:1b:
         2f:dd:bd:be:6f:ae:d8:b3:e5:54:41:61:ac:95:8a:a9:84:bb:
         f5:d9:5c:79:27:5d:95:cc:08:31:03:74:40:12:dd:99:8e:68:
         77:d3:96:86:45:18:79:c7:ef:3d:cb:af:be:09:40:ed:17:3e:
         63:f5:40:35:3e:15:85:20:2e:92:d5:d0:c1:ae:4a:2c:d5:7c:
         55:90:cc:44:79:10:81:0a:23:c6:bc:f6:95:c3:5d:50:b3:ca:
         7b:52:b0:8c:43:14:fa:a4:82:b6:a6:32:5f:bd:e1:25:25:68:
         9e:6f:47:8a:d9:a0:a9:bc:5d:59:9b:e2:76:fa:51:d2:10:e0:
         99:e1:d7:9d:b5:24:9f:18:6e:8d:d8:dd:87:c2:df:9a:dc:67:
         d1:1a:47:df:81:9e:ce:2d:f6:d2:a7:f6:5b:8f:6d:4e:59:ff:
         9d:33:41:10
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECKLtNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MWY1ZmNlZGJkYjg0ZGQ1MmZjNjc3MGQ3Y2NmZDNmYzY2ODRmYTQxMB4XDTIyMDEw
MTE0MDgzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RhYTRjZDAxYmZj
NGIwZGNiMDcwZDYxNTY5YmY1NGJmNmIyNGUyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgBzTzSSYnfrAcQp5rWEkM+k38AZNadIadvyfZDrF3wQaQF
kf2TjRTjiJVBSVDZhV+c1NdZuQPdwvgpsyVQzyA2jlg7Q88SkU4MyyThxuy9zuQO
tM3DRCTo2P4b66FS7Sje+FRzfAaXuNOG8+ax4UEAlSppZTv5IGRL8m/66Mih+OJa
v/q/VHA9U3oJI81qSJX8I7ghyw/kz9ey95dOOYQupha9uIjkHcavXbgd0ya30ZUP
1qVgKjUM1HUgfqBfVcH/eIlwmf0yLpRinqFq/+tjH54aNbOpLZ0Yr81lNoXjuqhQ
gdHruOTvgA3/FsTpIhw6iKdL61C/LWvOkA3ZyocCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR9qkzQG/xLDcsHDWFWm/VL9rJOIDAfBgNVHSMEGDAWgBSR9fztvbhN1S/G
dw18z9P8ZoT6QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tmWDg3YjI0VGRVdnhuY05mTV9UX0dhRS1rRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvOWEwOTgxLTBhZDgtNDhhNS1iZmVjLThjYzk4MzM2MTFlNi8x
L2ZhcE0wQnY4U3czTEJ3MWhWcHYxU19heVRpQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
OWEwOTgxLTBhZDgtNDhhNS1iZmVjLThjYzk4MzM2MTFlNi8xL2tmWDg3YjI0VGRV
dnhuY05mTV9UX0dhRS1rRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC1SPAMEAC1SPzANBgkqhkiG9w0B
AQsFAAOCAQEALVGNfq46GqjazExAgQKQPH0zdr9FSiec6UYi0NuepkvGBKDURr6i
t6bCGF3R0q5A6S2EXDNHa/eV1IuzanAYfWyyBEwK9nyNTC+p9ktSCjwJC/TDnspQ
Qx8bL929vm+u2LPlVEFhrJWKqYS79dlceSddlcwIMQN0QBLdmY5od9OWhkUYecfv
PcuvvglA7Rc+Y/VANT4VhSAuktXQwa5KLNV8VZDMRHkQgQojxrz2lcNdULPKe1Kw
jEMU+qSCtqYyX73hJSVonm9HitmgqbxdWZvidvpR0hDgmeHXnbUknxhujdjdh8Lf
mtxn0RpH34Gezi320qf2W49tTln/nTNBEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:37 2024 by rpki-client on console-ams.rpki-client.org