Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/l9dtWqmSIVBaC0H_9Y_bBFgGTaM.roa
File:                     l9dtWqmSIVBaC0H_9Y_bBFgGTaM.roa (raw, json)
Hash identifier:          09qCs553p+3RD0LvGgVzYtMYgD1oy14fFBzWzZIvc7Q=
Subject key identifier:   97:D7:6D:5A:A9:92:21:50:5A:0B:41:FF:F5:8F:DB:04:58:06:4D:A3
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0183EF5CFF148D8C6EB463F005BE6498B6E0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/l9dtWqmSIVBaC0H_9Y_bBFgGTaM.roa
Signing time:             Wed 19 Oct 2022 08:29:52 +0000
ROA not before:           Wed 19 Oct 2022 08:29:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208911
IP address blocks:        45.12.69.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ef:5c:ff:14:8d:8c:6e:b4:63:f0:05:be:64:98:b6:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 19 08:29:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=97d76d5aa99221505a0b41fff58fdb0458064da3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d2:2d:ec:98:63:b9:c0:37:99:d2:77:06:18:
                    b2:7f:a2:d2:d3:8b:aa:64:ac:f5:3c:e1:e3:c6:bf:
                    e4:a5:19:26:70:86:85:94:c9:f6:8e:93:82:fb:fd:
                    61:24:95:25:13:ee:2a:91:20:d7:bc:d9:b1:8f:29:
                    cf:c2:db:f9:cb:eb:2a:04:e9:9d:42:a1:68:54:b5:
                    83:b7:bd:a2:25:c5:7b:c0:e4:d6:ec:d9:31:2c:85:
                    43:ef:f0:5f:4b:f5:bb:6e:da:04:fc:a9:a6:8c:30:
                    c9:7a:7c:4f:6b:48:eb:12:16:8d:1f:75:31:41:26:
                    9f:c0:14:54:99:59:47:17:55:4a:ce:89:48:49:48:
                    71:b2:73:52:65:3d:f8:f5:cf:42:76:ca:1a:f9:5a:
                    12:bf:eb:b0:36:df:8c:2b:d4:2e:d4:29:ce:fb:a0:
                    e1:35:cf:9b:92:cb:94:fc:0c:3e:0d:48:f7:7c:90:
                    85:b5:93:7f:9c:e6:57:62:d9:c7:b5:ae:bf:ee:ce:
                    ee:b3:87:32:6b:c1:fc:01:7b:83:bc:ca:19:40:10:
                    8a:b6:e8:66:0f:89:64:c7:79:40:63:dd:ec:50:2c:
                    1a:67:fb:ec:d7:bb:d5:cc:ff:9d:3f:ac:8b:fc:66:
                    ee:af:90:de:04:98:18:6d:3b:59:e2:7f:c4:b5:d1:
                    ca:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:D7:6D:5A:A9:92:21:50:5A:0B:41:FF:F5:8F:DB:04:58:06:4D:A3
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/l9dtWqmSIVBaC0H_9Y_bBFgGTaM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:53:6b:02:59:65:ce:05:83:14:cc:1d:eb:61:ff:6e:87:f6:
         89:a4:ef:f0:11:4e:c5:cd:89:bc:a2:9b:01:53:13:02:51:20:
         17:62:da:48:92:ee:a8:3f:f7:c6:56:20:99:b8:3e:21:73:d1:
         d5:81:1b:a0:98:64:a7:e1:ae:0e:8d:9b:df:2b:8a:6f:f7:4f:
         8a:0b:b0:24:93:95:00:d1:64:74:11:32:ef:d1:1e:d5:5b:f3:
         1a:03:0f:4c:ec:31:be:0d:66:7a:b7:ca:73:c3:36:88:d3:13:
         6b:7c:cb:6e:d3:15:ab:a5:8f:80:c2:1c:08:30:e2:b5:49:58:
         9a:a4:0f:a3:ff:04:a1:4a:01:2c:e7:2f:78:8c:2c:46:7f:e7:
         ea:75:38:1a:2a:28:93:87:fa:b7:8a:73:72:6e:9b:d9:ba:5d:
         4d:f4:59:9a:2d:7c:a3:c1:c9:89:25:c6:aa:99:d6:4c:49:ec:
         ef:83:59:94:30:80:5b:7d:28:81:64:0f:a2:a2:54:72:a7:a4:
         72:e2:31:7a:69:6c:d8:93:d3:fa:ab:f2:d4:df:c5:41:a1:4b:
         74:36:74:a8:04:99:c4:ef:fe:47:bf:7c:92:6f:dd:6c:9e:e7:
         2d:68:a1:20:66:a4:bd:8b:bf:e8:e6:68:b4:8a:eb:ea:0a:fb:
         98:11:41:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPvXP8UjYxutGPwBb5kmLbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDE5MDgyOTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2Q3NmQ1YWE5OTIyMTUwNWEwYjQxZmZmNThmZGIwNDU4MDY0ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9It7JhjucA3mdJ3Bhiyf6LS04uq
ZKz1POHjxr/kpRkmcIaFlMn2jpOC+/1hJJUlE+4qkSDXvNmxjynPwtv5y+sqBOmd
QqFoVLWDt72iJcV7wOTW7NkxLIVD7/BfS/W7btoE/KmmjDDJenxPa0jrEhaNH3Ux
QSafwBRUmVlHF1VKzolISUhxsnNSZT349c9Cdsoa+VoSv+uwNt+MK9Qu1CnO+6Dh
Nc+bksuU/Aw+DUj3fJCFtZN/nOZXYtnHta6/7s7us4cya8H8AXuDvMoZQBCKtuhm
D4lkx3lAY93sUCwaZ/vs17vVzP+dP6yL/Gbur5DeBJgYbTtZ4n/EtdHKdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfXbVqpkiFQWgtB//WP2wRYBk2jMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbDlkdFdxbVNJVkJhQzBIXzlZX2JCRmdHVGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQxFMA0G
CSqGSIb3DQEBCwUAA4IBAQCZU2sCWWXOBYMUzB3rYf9uh/aJpO/wEU7FzYm8opsB
UxMCUSAXYtpIku6oP/fGViCZuD4hc9HVgRugmGSn4a4OjZvfK4pv90+KC7Akk5UA
0WR0ETLv0R7VW/MaAw9M7DG+DWZ6t8pzwzaI0xNrfMtu0xWrpY+AwhwIMOK1SVia
pA+j/wShSgEs5y94jCxGf+fqdTgaKiiTh/q3inNybpvZul1N9FmaLXyjwcmJJcaq
mdZMSezvg1mUMIBbfSiBZA+iolRyp6Ry4jF6aWzYk9P6q/LU38VBoUt0NnSoBJnE
7/5Hv3ySb91snuctaKEgZqS9i7/o5mi0iuvqCvuYEUG/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:11 2024 by rpki-client on console-ams.rpki-client.org