Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/dyzFcqkJBHve0t14K8lJm445KOM.roa
File:                     dyzFcqkJBHve0t14K8lJm445KOM.roa (raw, json)
Hash identifier:          w5klN8u86dnylH8ckoh75HGggFsQdKwKWgzURP5Eawg=
Subject key identifier:   77:2C:C5:72:A9:09:04:7B:DE:D2:DD:78:2B:C9:49:9B:8E:39:28:E3
Certificate issuer:       /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial:       082F86B4
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/dyzFcqkJBHve0t14K8lJm445KOM.roa
Signing time:             Sat 01 Jan 2022 13:07:30 +0000
ROA not before:           Sat 01 Jan 2022 13:07:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201364
IP address blocks:        45.10.56.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137332404 (0x82f86b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
        Validity
            Not Before: Jan  1 13:07:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=772cc572a909047bded2dd782bc9499b8e3928e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:98:3d:5b:95:54:13:58:56:d3:15:30:5b:1e:
                    87:65:ec:cd:d1:f0:5b:08:e7:2d:52:28:14:e2:15:
                    fe:b0:25:b4:14:f6:41:c5:65:80:2a:69:95:ec:b7:
                    51:a2:e1:b2:8a:bb:4c:cd:02:ad:ab:47:01:90:fe:
                    ce:ae:0a:42:0a:36:4c:12:7b:60:72:ea:96:d9:fc:
                    ef:a2:b5:a6:2d:1a:f1:af:71:e7:97:f8:47:67:55:
                    fb:52:9b:bf:4b:f0:80:90:d2:5e:36:cf:cc:f1:37:
                    4b:ba:e6:a8:e3:83:e5:fa:df:95:db:c3:39:63:a7:
                    79:88:a8:5f:4d:c7:b8:af:69:38:1f:0b:69:dc:b1:
                    e5:d2:44:b8:59:6e:c4:74:6d:77:14:24:43:c1:8f:
                    8a:a9:bc:22:13:56:7c:60:3e:7c:7a:30:f9:90:c4:
                    b1:e1:57:90:5f:53:ee:77:78:3b:13:c4:04:6b:99:
                    e6:87:d4:38:eb:92:6e:cb:b0:84:22:48:e9:69:d9:
                    13:28:2e:d4:0d:2e:f4:f4:a6:b8:cb:86:b8:8c:9a:
                    2f:78:0f:5a:d2:17:8c:4d:84:26:0b:21:b6:d5:3a:
                    5a:5c:1a:00:11:9f:15:a6:6b:bc:77:de:3f:f9:8d:
                    76:7f:98:b4:73:5a:eb:cc:9e:24:da:54:54:5a:6a:
                    39:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:2C:C5:72:A9:09:04:7B:DE:D2:DD:78:2B:C9:49:9B:8E:39:28:E3
            X509v3 Authority Key Identifier:
                keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/dyzFcqkJBHve0t14K8lJm445KOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:32:13:3d:cf:eb:17:f0:4c:96:6b:2e:b6:7f:fc:73:7f:35:
         7e:cf:f9:99:17:98:88:5f:90:7d:05:dd:f0:49:ae:8e:25:f9:
         d4:f5:90:42:10:ae:e0:c6:b8:08:70:0d:66:c2:2e:6b:4b:6b:
         86:bf:3d:99:d5:16:b3:db:d0:1c:b2:d6:7a:d6:79:e3:76:d2:
         3f:ed:60:3f:21:45:bd:e9:e8:e4:33:74:e6:83:d0:07:9a:62:
         af:86:d8:90:77:00:10:48:71:da:11:c6:6d:0c:e4:9a:cb:4f:
         7b:51:63:2d:a6:cc:b6:fa:05:b8:c8:29:1c:61:ec:e0:6a:90:
         57:f9:ef:16:66:66:41:b5:02:90:ea:dc:2e:82:a2:84:97:cd:
         87:ba:65:e2:20:5c:0d:d8:62:ae:f7:65:56:97:43:90:b9:6d:
         fc:46:4d:14:45:a2:b2:82:7e:1c:1f:0c:3d:45:89:d1:dc:e3:
         e1:90:22:77:dc:2e:10:36:4a:8d:df:ba:31:ab:c7:17:05:b2:
         d6:d2:56:98:50:e0:c7:29:15:de:9e:59:04:e0:98:64:0d:cc:
         c6:97:3b:ee:fc:2b:9d:5c:4c:c5:af:ca:cf:fb:e6:e9:8a:60:
         cf:d9:f5:d8:46:c1:d2:df:3a:2b:f9:77:d9:3c:74:c6:4e:80:
         df:f4:31:1d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECC+GtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MDU1OWNlODg5YWU0MjQxMTIxZmUwYTE2NTNlNGI5NTVmM2VkZjRiMB4XDTIyMDEw
MTEzMDczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzcyY2M1NzJhOTA5
MDQ3YmRlZDJkZDc4MmJjOTQ5OWI4ZTM5MjhlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuYPVuVVBNYVtMVMFseh2XszdHwWwjnLVIoFOIV/rAltBT2
QcVlgCppley3UaLhsoq7TM0CratHAZD+zq4KQgo2TBJ7YHLqltn876K1pi0a8a9x
55f4R2dV+1Kbv0vwgJDSXjbPzPE3S7rmqOOD5frfldvDOWOneYioX03HuK9pOB8L
adyx5dJEuFluxHRtdxQkQ8GPiqm8IhNWfGA+fHow+ZDEseFXkF9T7nd4OxPEBGuZ
5ofUOOuSbsuwhCJI6WnZEygu1A0u9PSmuMuGuIyaL3gPWtIXjE2EJgshttU6Wlwa
ABGfFaZrvHfeP/mNdn+YtHNa68yeJNpUVFpqOYECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR3LMVyqQkEe97S3XgryUmbjjko4zAfBgNVHSMEGDAWgBTgVZzoia5CQRIf
4KFlPkuVXz7fSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRGV2M2SW11UWtFU0gtQ2haVDVMbFY4LTMwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvMWZhNGExLTlhMWMtNDdkZS1hY2E2LTk0NDk5NTdmZDVhNS8x
L2R5ekZjcWtKQkh2ZTB0MTRLOGxKbTQ0NUtPTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
MWZhNGExLTlhMWMtNDdkZS1hY2E2LTk0NDk5NTdmZDVhNS8xLzRGV2M2SW11UWtF
U0gtQ2haVDVMbFY4LTMwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0KODANBgkqhkiG9w0BAQsFAAOC
AQEAETITPc/rF/BMlmsutn/8c381fs/5mReYiF+QfQXd8EmujiX51PWQQhCu4Ma4
CHANZsIua0trhr89mdUWs9vQHLLWetZ543bSP+1gPyFFveno5DN05oPQB5pir4bY
kHcAEEhx2hHGbQzkmstPe1FjLabMtvoFuMgpHGHs4GqQV/nvFmZmQbUCkOrcLoKi
hJfNh7pl4iBcDdhirvdlVpdDkLlt/EZNFEWisoJ+HB8MPUWJ0dzj4ZAid9wuEDZK
jd+6MavHFwWy1tJWmFDgxykV3p5ZBOCYZA3Mxpc77vwrnVxMxa/Kz/vm6Ypgz9n1
2EbB0t86K/l32Tx0xk6A3/QxHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:30 2024 by rpki-client on console-fra.rpki-client.org