Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/NPalhvQ9r_4dxoyK_OJkSYxUN4E.roa
File:                     NPalhvQ9r_4dxoyK_OJkSYxUN4E.roa (raw, json)
Hash identifier:          TTIqFpuEdR2NTD931PncsKohLUqzROwqRWIaxCDgO40=
Subject key identifier:   34:F6:A5:86:F4:3D:AF:FE:1D:C6:8C:8A:FC:E2:64:49:8C:54:37:81
Certificate issuer:       /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial:       0969529A
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/NPalhvQ9r_4dxoyK_OJkSYxUN4E.roa
Signing time:             Mon 28 Feb 2022 08:16:32 +0000
ROA not before:           Mon 28 Feb 2022 08:16:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     23470
IP address blocks:        45.93.16.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 157897370 (0x969529a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
        Validity
            Not Before: Feb 28 08:16:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=34f6a586f43daffe1dc68c8afce264498c543781
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:b6:54:f1:1e:b7:13:42:8a:ba:0a:48:ed:c2:
                    1e:42:19:ce:50:c1:7f:49:ae:6b:49:d2:bb:ab:d1:
                    db:e3:0a:7d:f9:bf:6b:bf:79:a0:3e:60:d4:b5:02:
                    a5:f5:bc:bd:b3:98:cf:ef:84:e6:d1:9d:5d:e3:88:
                    c2:df:00:62:18:a9:83:a9:26:af:56:a1:97:47:d7:
                    21:24:38:19:5e:ac:c9:88:48:c7:c1:37:cd:1a:80:
                    fd:65:5b:d0:a7:2c:54:d0:57:6c:13:af:9e:03:ee:
                    a8:c3:22:6c:72:23:c3:05:b3:51:61:8d:4d:04:6d:
                    30:ce:23:20:08:eb:66:f4:48:78:fc:43:b1:dc:38:
                    fb:49:57:b4:10:41:76:98:a6:88:2f:02:64:06:d0:
                    71:fd:4e:fc:61:4d:1c:ab:71:b2:4b:20:84:d2:a7:
                    59:37:83:3a:97:a5:f5:2d:7a:2d:23:71:c6:55:a9:
                    d4:45:cc:e3:cd:24:2f:8c:73:12:4b:d0:aa:32:34:
                    03:cb:04:21:97:33:eb:ca:72:1c:82:07:32:0b:81:
                    7b:19:d2:25:1f:64:bc:0b:3c:60:71:5c:92:75:28:
                    04:9e:70:5c:96:d8:d0:f3:64:6b:3a:cd:c4:07:b7:
                    79:88:02:fe:28:e8:62:a7:43:b5:ef:67:1c:d8:5f:
                    0b:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:F6:A5:86:F4:3D:AF:FE:1D:C6:8C:8A:FC:E2:64:49:8C:54:37:81
            X509v3 Authority Key Identifier:
                keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/NPalhvQ9r_4dxoyK_OJkSYxUN4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.93.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:16:11:88:96:62:14:ce:ff:a5:75:38:a1:ed:be:4c:9d:c5:
         38:cb:53:49:c8:26:47:ef:d7:f2:c2:47:7a:77:c8:69:56:ad:
         f3:ce:c9:1c:0f:60:21:2a:ff:ab:48:b6:d7:f5:f8:9f:59:9a:
         1d:20:d8:c7:26:98:cf:44:d6:2d:8b:99:b7:67:e6:f6:a2:f4:
         07:9a:b9:8e:b1:de:a1:7e:1f:87:80:0c:56:2b:ee:0e:05:aa:
         61:20:64:94:47:b3:18:4e:7a:59:85:63:88:dd:71:88:7e:14:
         7e:e2:eb:8b:5c:f5:4c:92:86:1f:eb:d9:2b:11:ca:52:de:2b:
         89:51:76:e2:1d:73:ab:aa:2e:55:13:b5:45:28:b5:ab:63:73:
         2d:f6:28:30:f7:c7:5c:8b:15:38:0c:81:2c:6f:7a:55:ba:d5:
         aa:68:71:cc:e7:9d:f0:0e:82:e7:80:94:d3:02:31:03:bb:74:
         73:57:45:e2:b1:fc:d5:46:08:1d:b9:2c:44:16:3b:42:a5:9b:
         fe:91:49:ae:f8:61:c9:5f:56:36:04:0d:e3:64:5c:6a:dc:76:
         d7:8d:87:58:fc:e4:6d:1a:ab:c9:50:ba:57:2f:3d:a8:69:a2:
         9c:da:5a:9a:9a:ec:5b:60:ad:b6:2e:b4:49:d0:e5:ce:cc:f1:
         69:e8:08:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECWlSmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
N2QwM2YyOTgxODBjYzEwOWYxOWQ0YjE5OTJjN2Q3MWM1NmM4ZGNjMB4XDTIyMDIy
ODA4MTYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRmNmE1ODZmNDNk
YWZmZTFkYzY4YzhhZmNlMjY0NDk4YzU0Mzc4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOi2VPEetxNCiroKSO3CHkIZzlDBf0mua0nSu6vR2+MKffm/
a795oD5g1LUCpfW8vbOYz++E5tGdXeOIwt8AYhipg6kmr1ahl0fXISQ4GV6syYhI
x8E3zRqA/WVb0KcsVNBXbBOvngPuqMMibHIjwwWzUWGNTQRtMM4jIAjrZvRIePxD
sdw4+0lXtBBBdpimiC8CZAbQcf1O/GFNHKtxsksghNKnWTeDOpel9S16LSNxxlWp
1EXM480kL4xzEkvQqjI0A8sEIZcz68pyHIIHMguBexnSJR9kvAs8YHFcknUoBJ5w
XJbY0PNkazrNxAe3eYgC/ijoYqdDte9nHNhfC60CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ09qWG9D2v/h3GjIr84mRJjFQ3gTAfBgNVHSMEGDAWgBQX0D8pgYDMEJ8Z
1LGZLH1xxWyNzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y5QV9LWUdBekJDZkdkU3htU3g5Y2NWc2pjdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvODJlMjUzLTAxNzctNGEyMC1iZWZlLTkxOGFjNjQ2MjY3OS8x
L05QYWxodlE5cl80ZHhveUtfT0prU1l4VU40RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
ODJlMjUzLTAxNzctNGEyMC1iZWZlLTkxOGFjNjQ2MjY3OS8xL0Y5QV9LWUdBekJD
ZkdkU3htU3g5Y2NWc2pjdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1dEDANBgkqhkiG9w0BAQsFAAOC
AQEAehYRiJZiFM7/pXU4oe2+TJ3FOMtTScgmR+/X8sJHenfIaVat887JHA9gISr/
q0i21/X4n1maHSDYxyaYz0TWLYuZt2fm9qL0B5q5jrHeoX4fh4AMVivuDgWqYSBk
lEezGE56WYVjiN1xiH4UfuLri1z1TJKGH+vZKxHKUt4riVF24h1zq6ouVRO1RSi1
q2NzLfYoMPfHXIsVOAyBLG96VbrVqmhxzOed8A6C54CU0wIxA7t0c1dF4rH81UYI
HbksRBY7QqWb/pFJrvhhyV9WNgQN42Rcatx2142HWPzkbRqryVC6Vy89qGminNpa
mprsW2Ctti60SdDlzszxaegItQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:04 2024 by rpki-client on console-ams.rpki-client.org