Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/YLi7Fasg3uBj8w-p7UoM1Y9sbH4.roa
File:                     YLi7Fasg3uBj8w-p7UoM1Y9sbH4.roa (raw, json)
Hash identifier:          erLrpiarqIQ0gs7kijg/M+8CHvuEMHJW++jdd7DuQOw=
Subject key identifier:   60:B8:BB:15:AB:20:DE:E0:63:F3:0F:A9:ED:4A:0C:D5:8F:6C:6C:7E
Certificate issuer:       /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial:       01832D045B0368C30BB594A251D140A23B19
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/YLi7Fasg3uBj8w-p7UoM1Y9sbH4.roa
Signing time:             Sun 11 Sep 2022 14:46:43 +0000
ROA not before:           Sun 11 Sep 2022 14:46:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205007
IP address blocks:        45.89.55.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:2d:04:5b:03:68:c3:0b:b5:94:a2:51:d1:40:a2:3b:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
        Validity
            Not Before: Sep 11 14:46:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=60b8bb15ab20dee063f30fa9ed4a0cd58f6c6c7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:21:65:4a:83:d6:8c:8d:da:8d:90:13:8a:40:
                    e3:21:d9:32:a6:3e:46:d3:df:13:40:75:7b:7a:0c:
                    2a:95:bc:47:49:cd:61:7f:e3:a0:20:7f:c1:45:8a:
                    a3:e0:fa:90:58:3b:0c:0e:1c:e0:7b:4b:8e:f0:9f:
                    ca:11:0c:8a:db:d7:56:cf:5c:7e:dd:81:a3:1a:3c:
                    05:43:62:72:f3:5e:02:49:41:65:02:68:bd:39:f7:
                    08:85:31:fa:60:a7:f9:f5:48:8b:76:b6:df:d6:be:
                    27:9c:37:db:90:30:f9:7e:66:55:9a:f0:84:08:6f:
                    c5:4d:ff:15:98:d1:c4:46:20:4c:13:a2:67:02:77:
                    c2:6a:8e:8e:36:3a:76:4c:84:2a:b2:93:e0:2d:c0:
                    67:4e:20:31:98:18:73:31:77:21:56:fa:a2:ed:1b:
                    80:2c:e7:f4:1f:5e:4b:0a:f1:38:82:7c:8d:4f:96:
                    18:0c:a4:bb:1a:4b:82:be:74:08:f5:8a:4f:28:cb:
                    71:5d:ad:dd:f0:ef:f4:92:c6:c0:f4:9d:9f:f4:b9:
                    f8:15:96:86:cd:35:37:f3:c0:7d:a4:65:01:c9:32:
                    03:5a:39:4e:01:27:93:04:f6:e9:b7:c7:df:c4:c9:
                    7b:96:d2:12:0a:cc:14:f3:86:25:88:f9:f9:fd:7e:
                    71:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:B8:BB:15:AB:20:DE:E0:63:F3:0F:A9:ED:4A:0C:D5:8F:6C:6C:7E
            X509v3 Authority Key Identifier:
                keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/YLi7Fasg3uBj8w-p7UoM1Y9sbH4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d4:02:a5:fc:37:df:a9:91:40:71:20:97:a5:55:ff:7a:54:14:
         d6:ff:1d:9f:39:15:3f:f3:81:4b:9c:5c:cb:3f:bf:98:24:f5:
         01:f0:e5:60:dd:c7:9c:4a:70:9d:e7:c5:b7:41:71:84:65:73:
         0d:ba:27:aa:f1:e5:2f:d7:a2:fc:5e:28:2a:2f:72:93:72:ee:
         2f:af:82:34:3f:71:60:f6:70:0e:a2:7a:b8:6b:8e:99:06:ce:
         75:9f:72:21:fd:56:bb:3e:a2:54:b1:e0:5e:a8:78:02:32:be:
         5f:55:d6:10:d1:5f:4c:69:b8:4f:1d:b5:c2:f3:56:3c:23:41:
         1b:8d:2d:0e:01:91:94:9c:f6:3c:d5:28:fb:a5:7d:8d:4d:32:
         4c:52:c7:12:ea:51:c6:2b:5c:19:98:28:c0:9c:5e:e3:37:00:
         b2:df:32:1f:80:53:29:23:81:9b:30:fc:96:83:91:b8:92:36:
         9f:50:5a:f6:52:76:31:fa:b8:91:e6:a0:cb:bb:07:bd:21:66:
         7b:09:b5:ec:ec:c5:bb:27:a5:83:7b:c8:a3:88:ac:b2:61:28:
         fc:e2:3f:f7:03:2e:1f:51:7f:31:a4:2c:d2:c7:e6:41:be:ef:
         03:7b:0f:54:c2:f4:b9:86:8b:1d:24:56:ce:55:04:d9:4a:60:
         2a:1c:a5:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMtBFsDaMMLtZSiUdFAojsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIwOTExMTQ0NjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGI4YmIxNWFiMjBkZWUwNjNmMzBmYTllZDRhMGNkNThmNmM2YzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSFlSoPWjI3ajZATikDjIdkypj5G
098TQHV7egwqlbxHSc1hf+OgIH/BRYqj4PqQWDsMDhzge0uO8J/KEQyK29dWz1x+
3YGjGjwFQ2Jy814CSUFlAmi9OfcIhTH6YKf59UiLdrbf1r4nnDfbkDD5fmZVmvCE
CG/FTf8VmNHERiBME6JnAnfCao6ONjp2TIQqspPgLcBnTiAxmBhzMXchVvqi7RuA
LOf0H15LCvE4gnyNT5YYDKS7GkuCvnQI9YpPKMtxXa3d8O/0ksbA9J2f9Ln4FZaG
zTU388B9pGUByTIDWjlOASeTBPbpt8ffxMl7ltISCswU84YliPn5/X5xLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGC4uxWrIN7gY/MPqe1KDNWPbGx+MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvWUxpN0Zhc2czdUJqOHctcDdVb00xWTlzYkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVk3MA0G
CSqGSIb3DQEBCwUAA4IBAQDUAqX8N9+pkUBxIJelVf96VBTW/x2fORU/84FLnFzL
P7+YJPUB8OVg3cecSnCd58W3QXGEZXMNuieq8eUv16L8XigqL3KTcu4vr4I0P3Fg
9nAOonq4a46ZBs51n3Ih/Va7PqJUseBeqHgCMr5fVdYQ0V9MabhPHbXC81Y8I0Eb
jS0OAZGUnPY81Sj7pX2NTTJMUscS6lHGK1wZmCjAnF7jNwCy3zIfgFMpI4GbMPyW
g5G4kjafUFr2UnYx+riR5qDLuwe9IWZ7CbXs7MW7J6WDe8ijiKyyYSj84j/3Ay4f
UX8xpCzSx+ZBvu8Dew9UwvS5hosdJFbOVQTZSmAqHKVL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:23 2024 by rpki-client on console-fra.rpki-client.org