Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K261C49NTLFn_EebY6QDudiM3-M.roa
File:                     K261C49NTLFn_EebY6QDudiM3-M.roa (raw, json)
Hash identifier:          8IDKhcnX6rb3X/KtCLEE4L9v+o3oseeKqoqI/CmXbtA=
Subject key identifier:   2B:6E:B5:0B:8F:4D:4C:B1:67:FC:47:9B:63:A4:03:B9:D8:8C:DF:E3
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018553BB4E4FB11DB2246FD84A13D41057F8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K261C49NTLFn_EebY6QDudiM3-M.roa
Signing time:             Tue 27 Dec 2022 13:17:42 +0000
ROA not before:           Tue 27 Dec 2022 13:17:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203790
IP address blocks:        45.148.116.0/24 maxlen: 24
                          45.148.119.0/24 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          2a0e:97c0:460::/44 maxlen: 48
                          2a0e:b107:12a0::/44 maxlen: 48
                          2a10:cc40:1d0::/44 maxlen: 48
                          2a0e:b101::/32 maxlen: 48
                          2a10:cc41:110::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:53:bb:4e:4f:b1:1d:b2:24:6f:d8:4a:13:d4:10:57:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 27 13:17:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2b6eb50b8f4d4cb167fc479b63a403b9d88cdfe3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:82:9f:21:63:c1:d9:22:25:08:cd:22:08:0e:
                    98:44:52:5d:a9:73:71:d1:89:43:c0:36:b4:99:09:
                    04:05:5f:e0:8e:73:39:af:fd:51:fc:75:8c:66:3c:
                    99:43:44:7b:17:f8:74:47:03:12:5f:aa:b2:a8:ef:
                    57:15:8b:70:2d:64:99:3d:d2:5a:a7:18:2e:aa:72:
                    87:78:ac:e7:0a:df:14:dd:0b:d1:c9:f7:f0:f1:73:
                    4e:67:db:62:08:94:16:9a:51:ad:f4:91:a3:92:a4:
                    f7:2a:6e:f1:92:60:d6:3b:e8:d0:70:77:04:9a:12:
                    1e:b6:27:42:85:04:22:c7:4c:0e:cd:c3:1c:c0:3f:
                    4d:bf:9f:ee:4b:c2:59:23:4c:37:0a:b1:3d:83:af:
                    d8:73:b7:73:52:39:a0:22:35:34:e4:f0:3f:a0:d6:
                    67:75:3c:1f:b5:f0:24:18:d2:ef:c1:08:f4:3a:43:
                    a1:6e:da:ae:b8:d2:28:4d:98:a9:93:4e:35:de:b2:
                    98:de:00:05:db:09:7d:86:d1:20:c8:61:15:ca:65:
                    0b:fb:66:1e:49:c7:16:68:8f:81:d7:49:ff:69:86:
                    57:1d:31:ce:b8:84:d6:dc:0f:ae:42:2c:4e:14:f7:
                    48:25:66:0b:ab:46:91:58:18:87:7a:55:b4:79:b4:
                    b3:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:6E:B5:0B:8F:4D:4C:B1:67:FC:47:9B:63:A4:03:B9:D8:8C:DF:E3
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K261C49NTLFn_EebY6QDudiM3-M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.116.0/24
                  45.148.119.0/24
                  194.50.111.0/24
                IPv6:
                  2a0e:97c0:460::/44
                  2a0e:b101::/32
                  2a0e:b107:12a0::/44
                  2a10:cc40:1d0::/44
                  2a10:cc41:110::/44

    Signature Algorithm: sha256WithRSAEncryption
         6a:52:5c:e9:91:3c:aa:11:f6:78:35:96:81:02:0b:6f:9d:c9:
         ff:d0:e3:b4:32:35:77:ac:7b:30:4a:6b:40:58:e8:6d:95:c3:
         84:0d:49:14:c5:f1:4e:64:75:fb:33:76:74:ef:73:d5:32:e6:
         b8:b4:b8:36:c6:54:34:07:9d:96:c2:68:81:d7:87:43:9f:7a:
         fd:2f:9b:75:8d:32:76:2c:86:59:c9:96:b7:66:4f:49:6c:4e:
         e3:3b:11:24:f1:b8:be:aa:ce:94:ac:36:c3:80:41:fc:b5:5f:
         d4:09:10:50:f2:bd:67:a7:fe:61:14:d7:f1:1b:99:6a:7f:81:
         7c:2e:33:89:a2:25:d9:7c:7f:4a:5c:9c:ed:36:e6:45:3a:8f:
         41:10:c3:8d:db:79:47:5d:d5:0f:3f:2e:8c:7f:11:e4:f7:6f:
         01:00:33:f2:71:20:ac:74:d8:df:67:44:7d:53:f8:26:9c:26:
         e4:1a:cd:ec:86:5d:85:2e:68:96:0a:cc:e9:34:ba:0a:54:d1:
         fd:0e:ec:36:e6:08:ba:04:bf:c6:8e:16:81:0a:00:df:84:32:
         c9:7e:be:83:16:60:1f:4e:a9:ae:46:54:73:32:70:df:5e:54:
         f6:e8:ce:28:61:3a:55:22:55:0e:18:b5:08:2b:79:65:27:8b:
         a0:3a:b9:12
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVTu05PsR2yJG/YShPUEFf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjI3MTMxNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjZlYjUwYjhmNGQ0Y2IxNjdmYzQ3OWI2M2E0MDNiOWQ4OGNkZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IKfIWPB2SIlCM0iCA6YRFJdqXNx
0YlDwDa0mQkEBV/gjnM5r/1R/HWMZjyZQ0R7F/h0RwMSX6qyqO9XFYtwLWSZPdJa
pxguqnKHeKznCt8U3QvRyffw8XNOZ9tiCJQWmlGt9JGjkqT3Km7xkmDWO+jQcHcE
mhIetidChQQix0wOzcMcwD9Nv5/uS8JZI0w3CrE9g6/Yc7dzUjmgIjU05PA/oNZn
dTwftfAkGNLvwQj0OkOhbtquuNIoTZipk0413rKY3gAF2wl9htEgyGEVymUL+2Ye
SccWaI+B10n/aYZXHTHOuITW3A+uQixOFPdIJWYLq0aRWBiHelW0ebSzhwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCtutQuPTUyxZ/xHm2OkA7nYjN/jMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSzI2MUM0OU5UTEZuX0VlYlk2UUR1ZGlNMy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALZR0AwQA
LZR3AwQAwjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDM
QAHQAwcEKhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQBqUlzpkTyqEfZ4NZaBAgtv
ncn/0OO0MjV3rHswSmtAWOhtlcOEDUkUxfFOZHX7M3Z073PVMua4tLg2xlQ0B52W
wmiB14dDn3r9L5t1jTJ2LIZZyZa3Zk9JbE7jOxEk8bi+qs6UrDbDgEH8tV/UCRBQ
8r1np/5hFNfxG5lqf4F8LjOJoiXZfH9KXJztNuZFOo9BEMON23lHXdUPPy6MfxHk
928BADPycSCsdNjfZ0R9U/gmnCbkGs3shl2FLmiWCszpNLoKVNH9Duw25gi6BL/G
jhaBCgDfhDLJfr6DFmAfTqmuRlRzMnDfXlT26M4oYTpVIlUOGLUIK3llJ4ugOrkS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org