Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/YwjTcd90b1y5FJFZe1PdAHXaU98.roa
File:                     YwjTcd90b1y5FJFZe1PdAHXaU98.roa (raw, json)
Hash identifier:          wR4bI+QJvBjUPwM3MoNamXg0Z0r5CFUEk0R7FzMf2cw=
Subject key identifier:   63:08:D3:71:DF:74:6F:5C:B9:14:91:59:7B:53:DD:00:75:DA:53:DF
Certificate issuer:       /CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Certificate serial:       067A036D
Authority key identifier: 28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/YwjTcd90b1y5FJFZe1PdAHXaU98.roa
Signing time:             Tue 03 May 2022 19:36:49 +0000
ROA not before:           Tue 03 May 2022 19:36:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        45.11.70.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 108659565 (0x67a036d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
        Validity
            Not Before: May  3 19:36:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6308d371df746f5cb91491597b53dd0075da53df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:78:e2:c7:e1:cd:19:6a:84:3e:4c:5b:50:a9:
                    9a:3a:95:05:45:43:e3:43:54:6a:14:99:17:d1:57:
                    55:2e:12:4f:37:fd:22:9c:78:9b:9d:0c:9e:4a:2b:
                    72:f0:77:bd:b5:de:62:4b:20:68:4a:9f:fb:5d:fe:
                    c1:60:1e:76:4d:f0:c7:79:17:12:46:d4:59:82:20:
                    f1:be:23:25:76:cc:70:3b:75:e1:33:e3:3b:46:c6:
                    b1:0b:26:02:b7:3f:5f:36:c2:cb:51:7d:90:77:60:
                    9a:fa:b6:dd:e0:99:78:0f:7a:e0:65:2c:35:3f:dc:
                    25:db:50:9e:e5:56:fc:c0:9d:bf:26:ec:04:58:b4:
                    09:a2:20:06:d8:50:4f:b4:17:06:42:a4:ec:28:9f:
                    e0:1e:30:c4:06:ce:d3:2a:d7:03:45:cc:9a:f0:b3:
                    84:05:98:d8:1b:5d:98:a9:5e:7d:fb:f6:9f:48:ea:
                    7b:d8:79:52:ff:9d:47:b5:7e:17:fb:dd:fa:49:14:
                    ee:ad:5f:09:2d:36:48:cd:79:39:29:f7:ca:40:0c:
                    b8:27:b6:2c:99:8a:23:27:b2:ef:87:c1:6e:59:09:
                    69:ed:5b:27:f3:18:93:03:44:54:ad:92:98:df:42:
                    bb:d3:ff:ae:ce:0c:6a:81:af:9a:89:21:d2:4a:31:
                    53:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:08:D3:71:DF:74:6F:5C:B9:14:91:59:7B:53:DD:00:75:DA:53:DF
            X509v3 Authority Key Identifier:
                keyid:28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/YwjTcd90b1y5FJFZe1PdAHXaU98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/KGS7NPtdFsqdH6P5eUy0jUvthHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:71:b9:93:91:2a:6d:d8:bb:ae:c3:cc:43:21:a2:72:1f:41:
         56:5a:e0:bd:ce:53:c1:99:43:a9:7e:1e:4f:50:72:9f:ce:30:
         d5:1c:c6:4c:05:bd:92:cb:23:3b:be:44:59:8d:64:16:ae:c4:
         d2:b0:a5:c0:35:87:b6:6b:ff:1f:90:c3:5e:b9:9d:4a:65:67:
         e0:6d:2d:b6:b2:44:da:c6:03:71:c4:73:bd:10:03:22:4c:f9:
         e7:51:68:9e:a2:68:13:7b:9c:14:0b:6d:4d:ef:18:88:6b:53:
         0b:43:9f:4b:6d:40:ff:5e:f6:1f:1d:5e:01:25:05:b1:18:ca:
         34:62:5e:8b:7c:73:f8:88:d7:d7:b1:91:3e:e0:b2:dd:36:b4:
         50:48:3c:5d:28:13:7c:b9:95:c4:40:c1:34:5e:d9:6d:82:6b:
         7c:6e:21:35:d9:b7:78:bc:b4:a4:14:c4:96:72:4c:bd:6a:96:
         da:5d:86:f5:5c:31:31:58:14:6c:13:71:1e:e1:34:7e:d9:10:
         66:5e:50:5f:f9:71:d7:92:ff:eb:fe:d3:b8:08:25:78:24:bd:
         a2:25:d3:f7:fd:2c:9a:05:cc:e2:af:0f:bb:f4:4d:45:98:a5:
         5f:8c:81:e2:ea:f4:3c:81:50:e9:cf:91:cb:fb:9f:8c:5f:28:
         93:91:e9:1c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBnoDbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODY0YmIzNGZiNWQxNmNhOWQxZmEzZjk3OTRjYjQ4ZDRiZWQ4NDczMB4XDTIyMDUw
MzE5MzY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjMwOGQzNzFkZjc0
NmY1Y2I5MTQ5MTU5N2I1M2RkMDA3NWRhNTNkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALt44sfhzRlqhD5MW1CpmjqVBUVD40NUahSZF9FXVS4STzf9
Ipx4m50MnkorcvB3vbXeYksgaEqf+13+wWAedk3wx3kXEkbUWYIg8b4jJXbMcDt1
4TPjO0bGsQsmArc/XzbCy1F9kHdgmvq23eCZeA964GUsNT/cJdtQnuVW/MCdvybs
BFi0CaIgBthQT7QXBkKk7Cif4B4wxAbO0yrXA0XMmvCzhAWY2BtdmKleffv2n0jq
e9h5Uv+dR7V+F/vd+kkU7q1fCS02SM15OSn3ykAMuCe2LJmKIyey74fBblkJae1b
J/MYkwNEVK2SmN9Cu9P/rs4MaoGvmokh0koxU20CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRjCNNx33RvXLkUkVl7U90AddpT3zAfBgNVHSMEGDAWgBQoZLs0+10Wyp0f
o/l5TLSNS+2EczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tHUzdOUHRkRnNxZEg2UDVlVXkwalV2dGhITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvNDdmNDQ1LTVlYTktNDM3ZC1hNTlhLTU5MDBhNTk0N2I4ZC8x
L1l3alRjZDkwYjF5NUZKRlplMVBkQUhYYVU5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
NDdmNDQ1LTVlYTktNDM3ZC1hNTlhLTU5MDBhNTk0N2I4ZC8xL0tHUzdOUHRkRnNx
ZEg2UDVlVXkwalV2dGhITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0LRjANBgkqhkiG9w0BAQsFAAOC
AQEAYnG5k5Eqbdi7rsPMQyGich9BVlrgvc5TwZlDqX4eT1Byn84w1RzGTAW9kssj
O75EWY1kFq7E0rClwDWHtmv/H5DDXrmdSmVn4G0ttrJE2sYDccRzvRADIkz551Fo
nqJoE3ucFAttTe8YiGtTC0OfS21A/172Hx1eASUFsRjKNGJei3xz+IjX17GRPuCy
3Ta0UEg8XSgTfLmVxEDBNF7ZbYJrfG4hNdm3eLy0pBTElnJMvWqW2l2G9VwxMVgU
bBNxHuE0ftkQZl5QX/lx15L/6/7TuAgleCS9oiXT9/0smgXM4q8Pu/RNRZilX4yB
4ur0PIFQ6c+Ry/ufjF8ok5HpHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:06 2024 by rpki-client on console-ams.rpki-client.org