Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a5aa39-f513-4c88-b477-a19f143ebb89/1/wyz8yewIOKlZX50SK26ryW-1DIg.roa
File:                     wyz8yewIOKlZX50SK26ryW-1DIg.roa (raw, json)
Hash identifier:          3zRpRgeUJLGv4XED3FuLyW/vVgUkXku+3014kYDYebg=
Subject key identifier:   C3:2C:FC:C9:EC:08:38:A9:59:5F:9D:12:2B:6E:AB:C9:6F:B5:0C:88
Certificate issuer:       /CN=fd40e476f72534d865b2e2676691efc72b36c587
Certificate serial:       B8AE
Authority key identifier: FD:40:E4:76:F7:25:34:D8:65:B2:E2:67:66:91:EF:C7:2B:36:C5:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_UDkdvclNNhlsuJnZpHvxys2xYc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/a5aa39-f513-4c88-b477-a19f143ebb89/1/wyz8yewIOKlZX50SK26ryW-1DIg.roa
Signing time:             Wed 04 May 2022 17:16:21 +0000
ROA not before:           Wed 04 May 2022 17:16:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58061
IP address blocks:        45.141.216.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47278 (0xb8ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd40e476f72534d865b2e2676691efc72b36c587
        Validity
            Not Before: May  4 17:16:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c32cfcc9ec0838a9595f9d122b6eabc96fb50c88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f1:08:75:23:e2:90:eb:d4:99:b4:0e:d0:ee:
                    b8:ae:15:9e:21:a7:57:8b:28:dc:c8:9e:6c:07:b7:
                    63:11:be:b5:72:32:2f:64:a1:06:1e:c8:ba:4c:77:
                    87:54:ce:c6:f9:7a:57:a3:83:64:e6:ee:04:82:e1:
                    45:11:a9:c7:9d:e7:bc:c8:8a:00:3b:1e:bc:84:fc:
                    85:c8:6a:a8:4b:2d:eb:02:fa:b6:2f:39:62:80:aa:
                    fb:ef:04:9f:56:70:82:6c:7e:2f:53:4b:ba:50:43:
                    35:89:0c:72:b7:35:30:0c:e9:c3:02:b6:71:62:d3:
                    e1:17:71:40:69:91:12:25:92:10:20:64:18:8b:8c:
                    4d:2f:b9:bf:f0:e8:5e:a0:45:c4:be:77:98:c1:2a:
                    c6:80:ff:7d:c8:ac:5c:81:16:ed:ff:d5:cb:4a:b9:
                    ff:59:64:dc:4e:d3:03:21:f0:11:98:f6:9e:75:c2:
                    bc:92:ae:9c:33:65:7f:5d:b4:c6:f0:99:c7:25:f6:
                    4b:e5:86:b6:05:e0:10:ce:08:03:73:6b:c1:ad:05:
                    66:8c:63:d8:a2:e0:08:06:76:1c:e5:75:9a:7e:20:
                    c2:05:55:07:16:bd:20:dd:f3:d8:e8:a9:b2:ed:39:
                    d8:8d:64:06:e8:60:27:3f:f8:da:0b:56:80:c5:28:
                    73:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:2C:FC:C9:EC:08:38:A9:59:5F:9D:12:2B:6E:AB:C9:6F:B5:0C:88
            X509v3 Authority Key Identifier:
                keyid:FD:40:E4:76:F7:25:34:D8:65:B2:E2:67:66:91:EF:C7:2B:36:C5:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_UDkdvclNNhlsuJnZpHvxys2xYc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a5aa39-f513-4c88-b477-a19f143ebb89/1/wyz8yewIOKlZX50SK26ryW-1DIg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a5aa39-f513-4c88-b477-a19f143ebb89/1/_UDkdvclNNhlsuJnZpHvxys2xYc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:8d:2b:a3:12:ae:f9:9e:90:29:0a:f8:d0:44:38:d4:fe:5f:
         71:37:35:b7:4d:a2:6a:5f:e9:90:5a:08:aa:e2:8d:8a:7e:d8:
         8f:6d:c3:2d:e8:57:95:97:9d:e9:a1:e0:f6:62:04:ba:69:ff:
         63:39:ba:f6:03:19:08:5d:fc:2b:a1:d7:c3:a9:f5:3f:22:89:
         51:7f:50:13:01:8f:1e:c1:df:ec:79:2d:55:19:46:bb:68:57:
         56:25:c6:26:2f:22:86:a9:01:9c:29:e0:bb:a9:ee:f3:ea:ea:
         16:28:b7:a8:a7:4f:92:78:8c:f4:6a:7c:26:2f:17:fb:e9:03:
         23:62:4a:8c:a5:b8:f1:0c:d5:a6:a8:80:35:78:19:90:d0:4a:
         1f:7c:6f:27:7e:13:85:fb:2a:24:86:bb:91:a0:89:47:9e:20:
         e9:91:be:5a:08:37:7d:2a:8d:69:e5:29:a0:b9:2c:98:93:11:
         ed:31:76:36:86:b0:e6:92:40:48:c9:35:21:57:a1:f2:73:23:
         4b:cd:c0:82:81:f9:72:c6:99:42:e1:17:b9:5e:e7:ff:08:fe:
         16:9a:d5:da:86:3b:e5:97:a1:63:c8:a6:c4:70:02:8b:72:70:
         40:69:67:1f:d0:b7:76:5b:90:ad:a9:79:82:3a:ad:44:c3:36:
         00:0a:05:e4
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDALiuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZk
NDBlNDc2ZjcyNTM0ZDg2NWIyZTI2NzY2OTFlZmM3MmIzNmM1ODcwHhcNMjIwNTA0
MTcxNjIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMzJjZmNjOWVjMDgz
OGE5NTk1ZjlkMTIyYjZlYWJjOTZmYjUwYzg4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAv/EIdSPikOvUmbQO0O64rhWeIadXiyjcyJ5sB7djEb61cjIv
ZKEGHsi6THeHVM7G+XpXo4Nk5u4EguFFEanHnee8yIoAOx68hPyFyGqoSy3rAvq2
LzligKr77wSfVnCCbH4vU0u6UEM1iQxytzUwDOnDArZxYtPhF3FAaZESJZIQIGQY
i4xNL7m/8OheoEXEvneYwSrGgP99yKxcgRbt/9XLSrn/WWTcTtMDIfARmPaedcK8
kq6cM2V/XbTG8JnHJfZL5Ya2BeAQzggDc2vBrQVmjGPYouAIBnYc5XWafiDCBVUH
Fr0g3fPY6Kmy7TnYjWQG6GAnP/jaC1aAxShzIwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMMs/MnsCDipWV+dEituq8lvtQyIMB8GA1UdIwQYMBaAFP1A5Hb3JTTYZbLi
Z2aR78crNsWHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
X1VEa2R2Y2xOTmhsc3VKblpwSHZ4eXMyeFljLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80OC9hNWFhMzktZjUxMy00Yzg4LWI0NzctYTE5ZjE0M2ViYjg5LzEv
d3l6OHlld0lPS2xaWDUwU0syNnJ5Vy0xRElnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9h
NWFhMzktZjUxMy00Yzg4LWI0NzctYTE5ZjE0M2ViYjg5LzEvX1VEa2R2Y2xOTmhs
c3VKblpwSHZ4eXMyeFljLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY3YMA0GCSqGSIb3DQEBCwUAA4IB
AQBhjSujEq75npApCvjQRDjU/l9xNzW3TaJqX+mQWgiq4o2KftiPbcMt6FeVl53p
oeD2YgS6af9jObr2AxkIXfwrodfDqfU/IolRf1ATAY8ewd/seS1VGUa7aFdWJcYm
LyKGqQGcKeC7qe7z6uoWKLeop0+SeIz0anwmLxf76QMjYkqMpbjxDNWmqIA1eBmQ
0EoffG8nfhOF+yokhruRoIlHniDpkb5aCDd9Ko1p5SmguSyYkxHtMXY2hrDmkkBI
yTUhV6HycyNLzcCCgflyxplC4Re5Xuf/CP4WmtXahjvll6FjyKbEcAKLcnBAaWcf
0Ld2W5CtqXmCOq1EwzYACgXk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:39 2024 by rpki-client on console-ams.rpki-client.org