Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YoZVHWXqefJbjBgL7MWAjFL-3hg.roa
File:                     YoZVHWXqefJbjBgL7MWAjFL-3hg.roa (raw, json)
Hash identifier:          mtH6lFu5xot5f+N0yKdYjhWps2TaQx3IqwTRzRDAB14=
Subject key identifier:   62:86:55:1D:65:EA:79:F2:5B:8C:18:0B:EC:C5:80:8C:52:FE:DE:18
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018410BA8FC756A8A53CB2CA14F9F6F85042
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YoZVHWXqefJbjBgL7MWAjFL-3hg.roa
Signing time:             Tue 25 Oct 2022 19:59:32 +0000
ROA not before:           Tue 25 Oct 2022 19:59:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203790
IP address blocks:        45.148.116.0/24 maxlen: 24
                          45.148.119.0/24 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          2a0e:97c0:460::/44 maxlen: 48
                          2a0e:b107:12a0::/44 maxlen: 48
                          2a10:cc40:1d0::/44 maxlen: 48
                          2a0e:b101::/32 maxlen: 48
                          2a10:cc41:110::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:10:ba:8f:c7:56:a8:a5:3c:b2:ca:14:f9:f6:f8:50:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 25 19:59:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6286551d65ea79f25b8c180becc5808c52fede18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e8:f3:72:e4:87:6a:92:90:7a:12:db:fc:c7:
                    c2:f8:96:34:34:7d:75:df:00:c0:6c:a8:3b:e0:19:
                    39:26:2d:fa:f0:df:f4:00:58:59:84:9f:6c:08:6f:
                    9f:4e:ef:48:fe:ee:7e:d5:12:d5:cf:47:07:36:43:
                    84:99:51:b7:cd:b3:27:7a:8e:ce:e1:a3:e3:8d:42:
                    7a:5d:5f:f7:d9:36:73:6a:c8:7d:bf:73:1c:c5:f8:
                    0f:d0:44:c0:5f:f7:d6:f3:50:a9:f6:d6:1b:c5:cf:
                    a2:54:74:e8:9e:10:69:d3:2f:7c:a8:ec:a6:42:2d:
                    ed:82:0f:16:70:eb:86:cf:67:f9:ca:57:52:a1:81:
                    6d:95:01:fb:3a:fb:84:1d:e0:19:5e:2a:b6:a7:8d:
                    8d:2b:ef:14:7b:b0:7e:c7:10:0f:b2:01:71:c0:98:
                    e0:bb:54:78:43:01:a8:a4:f4:55:41:04:2f:cd:88:
                    63:71:eb:49:5a:24:05:92:63:ca:b8:73:fa:4e:3f:
                    1b:66:54:cd:52:d5:cd:9e:9b:df:b0:be:43:4e:be:
                    53:f3:13:45:d0:3e:a9:62:43:0b:16:98:6e:be:47:
                    84:b4:7b:2b:b8:a0:e1:e9:3f:9f:35:b4:e3:72:1b:
                    47:8e:f6:06:80:b7:73:b2:e3:8e:67:e3:17:cc:97:
                    81:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:86:55:1D:65:EA:79:F2:5B:8C:18:0B:EC:C5:80:8C:52:FE:DE:18
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YoZVHWXqefJbjBgL7MWAjFL-3hg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.116.0/24
                  45.148.119.0/24
                  194.50.111.0/24
                IPv6:
                  2a0e:97c0:460::/44
                  2a0e:b101::/32
                  2a0e:b107:12a0::/44
                  2a10:cc40:1d0::/44
                  2a10:cc41:110::/44

    Signature Algorithm: sha256WithRSAEncryption
         30:7e:27:18:d4:b6:3b:37:77:f9:27:42:f4:c7:fd:76:21:21:
         48:5f:9f:57:40:84:a6:a8:ba:b6:3d:8e:1e:7b:8b:9d:b6:f1:
         85:59:ab:0a:5e:87:a8:b7:60:40:14:04:f5:94:ff:fc:5f:63:
         0d:5d:97:96:4e:28:0a:ba:64:f1:5f:53:2d:64:8b:e7:c2:4d:
         1c:47:b4:3e:8a:6d:be:2a:f6:21:cb:71:7c:15:20:e3:6e:b8:
         50:7c:3c:c3:fd:70:5c:c9:4d:ff:4a:ef:bb:b8:f4:e2:15:fa:
         4b:3f:ee:24:b0:76:40:ed:18:57:99:00:18:e5:9f:01:c9:cd:
         85:45:c3:02:74:1a:7f:54:79:32:26:1d:8c:ee:1c:49:2c:4a:
         d4:d9:a3:5e:35:6c:5b:9a:26:75:68:26:dc:4e:c0:bc:41:05:
         ce:35:b1:a5:71:71:1b:96:be:9b:8a:fa:17:85:98:22:0f:da:
         4a:9b:25:a0:1f:1f:a5:89:a7:74:74:ea:0c:3d:df:e8:19:0b:
         b6:b6:4f:7b:f5:23:51:50:a6:0e:a1:62:b2:a7:a9:6d:9a:2c:
         83:5f:49:31:85:74:b2:f9:a7:74:04:06:ad:c1:cd:3e:bf:32:
         de:01:78:ef:f3:6b:63:92:16:d1:02:66:22:c8:17:90:69:da:
         ec:97:44:72
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYQQuo/HVqilPLLKFPn2+FBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDI1MTk1OTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjg2NTUxZDY1ZWE3OWYyNWI4YzE4MGJlY2M1ODA4YzUyZmVkZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlujzcuSHapKQehLb/MfC+JY0NH11
3wDAbKg74Bk5Ji368N/0AFhZhJ9sCG+fTu9I/u5+1RLVz0cHNkOEmVG3zbMneo7O
4aPjjUJ6XV/32TZzash9v3McxfgP0ETAX/fW81Cp9tYbxc+iVHTonhBp0y98qOym
Qi3tgg8WcOuGz2f5yldSoYFtlQH7OvuEHeAZXiq2p42NK+8Ue7B+xxAPsgFxwJjg
u1R4QwGopPRVQQQvzYhjcetJWiQFkmPKuHP6Tj8bZlTNUtXNnpvfsL5DTr5T8xNF
0D6pYkMLFphuvkeEtHsruKDh6T+fNbTjchtHjvYGgLdzsuOOZ+MXzJeBjwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGKGVR1l6nnyW4wYC+zFgIxS/t4YMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWW9aVkhXWHFlZkpiakJnTDdNV0FqRkwtM2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALZR0AwQA
LZR3AwQAwjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDM
QAHQAwcEKhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQAwficY1LY7N3f5J0L0x/12
ISFIX59XQISmqLq2PY4ee4udtvGFWasKXoeot2BAFAT1lP/8X2MNXZeWTigKumTx
X1MtZIvnwk0cR7Q+im2+KvYhy3F8FSDjbrhQfDzD/XBcyU3/Su+7uPTiFfpLP+4k
sHZA7RhXmQAY5Z8Byc2FRcMCdBp/VHkyJh2M7hxJLErU2aNeNWxbmiZ1aCbcTsC8
QQXONbGlcXEblr6bivoXhZgiD9pKmyWgHx+liad0dOoMPd/oGQu2tk979SNRUKYO
oWKyp6ltmiyDX0kxhXSy+ad0BAatwc0+vzLeAXjv82tjkhbRAmYiyBeQadrsl0Ry
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:06 2024 by rpki-client on console-ams.rpki-client.org