Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/45i9s-s94yij10uLMty3pAvR--8.roa
File:                     45i9s-s94yij10uLMty3pAvR--8.roa (raw, json)
Hash identifier:          FWW7jfJLpGXetPrii76raAaCRJQ88ishOmU4oEgcMEU=
Subject key identifier:   E3:98:BD:B3:EB:3D:E3:28:A3:D7:4B:8B:32:DC:B7:A4:0B:D1:FB:EF
Certificate issuer:       /CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Certificate serial:       05438E76
Authority key identifier: 23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/45i9s-s94yij10uLMty3pAvR--8.roa
Signing time:             Sat 01 Jan 2022 04:01:58 +0000
ROA not before:           Sat 01 Jan 2022 04:01:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        87.236.67.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 88313462 (0x5438e76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23b1943087ce69623e76b2145b3479ac204ba1c9
        Validity
            Not Before: Jan  1 04:01:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e398bdb3eb3de328a3d74b8b32dcb7a40bd1fbef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7f:02:b8:08:3a:26:75:8d:60:f8:99:60:0f:
                    5b:21:4e:68:c3:e9:4a:5f:9a:28:e2:42:f6:b0:ca:
                    8c:0d:94:a3:27:fa:0e:0f:38:c8:04:c4:d5:e0:dd:
                    0f:16:dd:35:41:96:50:c9:d5:2b:27:c6:dc:2a:95:
                    a1:c9:b5:82:43:51:26:fa:43:7a:ea:ab:d6:c7:88:
                    3e:da:e8:df:93:b9:73:07:2a:c1:15:c9:28:ce:1d:
                    f2:e6:6c:fb:b4:87:09:07:8f:f0:bc:72:fb:28:43:
                    58:3a:6e:1c:b4:4e:4c:f9:6b:e1:5f:aa:37:0b:0d:
                    e4:92:05:7b:59:ce:c1:94:1c:38:db:18:02:79:e8:
                    b2:1c:0f:b7:0b:16:45:98:dd:1b:ae:4f:44:c8:e3:
                    ea:bb:ea:8f:2c:f8:81:ac:b8:86:6f:ac:9f:b1:06:
                    0d:8e:46:7e:05:7a:a6:fe:39:03:3f:0d:d3:f8:2e:
                    50:1c:9b:93:97:3a:7f:97:a9:65:74:e5:18:21:df:
                    d0:eb:4c:21:b9:0e:a3:d1:5f:6f:b1:7b:37:13:d7:
                    57:aa:24:1f:f0:c7:14:a0:fd:5b:97:f4:54:07:9c:
                    3f:ac:67:1b:07:8f:67:fe:0c:b9:d6:bd:0c:ee:bd:
                    7d:dd:bb:d4:8c:48:7a:5e:a9:b4:41:6c:b0:3c:2c:
                    3c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:98:BD:B3:EB:3D:E3:28:A3:D7:4B:8B:32:DC:B7:A4:0B:D1:FB:EF
            X509v3 Authority Key Identifier:
                keyid:23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/45i9s-s94yij10uLMty3pAvR--8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:45:7e:6a:c0:5e:70:8a:38:36:2c:fb:31:1d:69:24:5f:94:
         a4:8a:21:6d:07:84:54:03:54:31:12:83:27:51:ea:02:60:7f:
         c1:cc:a9:83:c6:2b:d8:73:c2:e2:20:02:c5:d3:de:d2:83:75:
         56:ee:2d:3d:d2:72:d8:c4:86:e2:5d:25:8b:84:51:2c:3c:9b:
         31:81:42:2a:67:8f:f9:89:fb:57:2f:14:3e:45:29:c9:c3:f2:
         d1:6c:d9:b1:83:8c:5c:67:e8:64:f9:b4:ec:07:8a:bd:1e:b7:
         2f:8d:b8:a7:56:b8:b9:3f:4a:dd:e7:31:6f:29:b1:ef:fc:ff:
         33:64:2b:cd:c7:0b:39:e4:a5:f3:cd:1c:78:04:d0:a7:64:a0:
         45:50:25:59:c8:d2:95:a4:91:e5:e2:ae:d2:96:4f:21:a6:52:
         f2:24:67:54:5b:5b:52:1d:06:6c:1c:f2:84:6a:b6:6e:05:ac:
         69:d7:60:29:08:1f:13:62:42:99:a4:38:0f:8f:c6:13:44:0e:
         eb:34:ef:d0:d8:7b:77:f3:b4:0c:cb:c6:a0:4f:a7:a7:8b:7d:
         0e:4d:1e:62:03:56:29:2e:5d:51:ba:3f:63:cb:e5:21:39:09:
         78:f2:d3:fb:b7:b8:b7:c8:0a:d9:1f:86:fa:7d:55:2b:d9:e5:
         7f:f1:cb:b2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBUOOdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2IxOTQzMDg3Y2U2OTYyM2U3NmIyMTQ1YjM0NzlhYzIwNGJhMWM5MB4XDTIyMDEw
MTA0MDE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM5OGJkYjNlYjNk
ZTMyOGEzZDc0YjhiMzJkY2I3YTQwYmQxZmJlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9/ArgIOiZ1jWD4mWAPWyFOaMPpSl+aKOJC9rDKjA2Uoyf6
Dg84yATE1eDdDxbdNUGWUMnVKyfG3CqVocm1gkNRJvpDeuqr1seIPtro35O5cwcq
wRXJKM4d8uZs+7SHCQeP8Lxy+yhDWDpuHLROTPlr4V+qNwsN5JIFe1nOwZQcONsY
AnnoshwPtwsWRZjdG65PRMjj6rvqjyz4gay4hm+sn7EGDY5GfgV6pv45Az8N0/gu
UBybk5c6f5epZXTlGCHf0OtMIbkOo9Ffb7F7NxPXV6okH/DHFKD9W5f0VAecP6xn
GwePZ/4Muda9DO69fd271IxIel6ptEFssDwsPLkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjmL2z6z3jKKPXS4sy3LekC9H77zAfBgNVHSMEGDAWgBQjsZQwh85pYj52
shRbNHmsIEuhyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k3R1VNSWZPYVdJLWRySVVXelI1ckNCTG9jay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvNzNmMWM5LTgyYjAtNGVkZS1iODk5LWY3NDJmMzk1YWFmOS8x
LzQ1aTlzLXM5NHlpajEwdUxNdHkzcEF2Ui0tOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
NzNmMWM5LTgyYjAtNGVkZS1iODk5LWY3NDJmMzk1YWFmOS8xL0k3R1VNSWZPYVdJ
LWRySVVXelI1ckNCTG9jay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFfsQzANBgkqhkiG9w0BAQsFAAOC
AQEAa0V+asBecIo4Niz7MR1pJF+UpIohbQeEVANUMRKDJ1HqAmB/wcypg8Yr2HPC
4iACxdPe0oN1Vu4tPdJy2MSG4l0li4RRLDybMYFCKmeP+Yn7Vy8UPkUpycPy0WzZ
sYOMXGfoZPm07AeKvR63L424p1a4uT9K3ecxbymx7/z/M2QrzccLOeSl880ceATQ
p2SgRVAlWcjSlaSR5eKu0pZPIaZS8iRnVFtbUh0GbBzyhGq2bgWsaddgKQgfE2JC
maQ4D4/GE0QO6zTv0Nh7d/O0DMvGoE+np4t9Dk0eYgNWKS5dUbo/Y8vlITkJePLT
+7e4t8gK2R+G+n1VK9nlf/HLsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:13 2024 by rpki-client on console-ams.rpki-client.org