Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/af262c-e2cd-4841-850f-02f35ad877f3/1/CyQQbr9icml3Ph4tB_dmUSo1pUM.roa
File:                     CyQQbr9icml3Ph4tB_dmUSo1pUM.roa (raw, json)
Hash identifier:          x/MkoKZvtDZPSMcfacW4kRMvHRwNpXP8unpArXCgRYE=
Subject key identifier:   0B:24:10:6E:BF:62:72:69:77:3E:1E:2D:07:F7:66:51:2A:35:A5:43
Certificate issuer:       /CN=3e19048348d7ecb9f1191080555bf4458a1a54e7
Certificate serial:       07B09F97
Authority key identifier: 3E:19:04:83:48:D7:EC:B9:F1:19:10:80:55:5B:F4:45:8A:1A:54:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PhkEg0jX7LnxGRCAVVv0RYoaVOc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/af262c-e2cd-4841-850f-02f35ad877f3/1/CyQQbr9icml3Ph4tB_dmUSo1pUM.roa
Signing time:             Sat 01 Jan 2022 15:58:30 +0000
ROA not before:           Sat 01 Jan 2022 15:58:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209181
IP address blocks:        45.90.105.0/24 maxlen: 24
                          45.90.104.0/22 maxlen: 22
                          45.90.104.0/24 maxlen: 24
                          45.90.107.0/24 maxlen: 24
                          45.90.106.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129015703 (0x7b09f97)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e19048348d7ecb9f1191080555bf4458a1a54e7
        Validity
            Not Before: Jan  1 15:58:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0b24106ebf627269773e1e2d07f766512a35a543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:73:12:32:05:93:d5:9a:9b:ae:4c:ba:27:26:
                    66:04:d9:b3:2b:80:9b:e6:a9:43:9d:cc:ab:16:8a:
                    78:1f:f1:98:16:c8:76:34:ee:3f:4a:e0:ff:15:60:
                    f7:28:8e:57:df:a2:26:db:83:09:30:a3:39:97:c9:
                    c6:d5:19:aa:83:c6:bb:e0:cb:56:2e:cf:53:ea:23:
                    59:4d:e4:17:e1:96:27:c8:cf:f9:83:1d:52:06:94:
                    06:7d:bc:67:f2:4c:75:58:df:5e:6d:d3:6c:3d:25:
                    6b:db:e0:20:55:bf:e9:79:9f:2f:b6:54:43:8e:95:
                    9f:c8:3d:b5:1a:43:cc:6f:31:d8:54:8b:2e:b2:0a:
                    80:61:84:7f:09:14:c1:e5:62:0c:ee:16:2d:a4:14:
                    69:44:92:64:56:c1:da:e6:15:6d:33:65:e2:a0:ad:
                    cf:ac:16:71:0a:34:dd:4b:65:53:3e:2f:d3:d4:50:
                    d8:da:b6:45:01:b2:a4:f3:5e:32:81:83:b9:02:f8:
                    73:aa:53:b8:da:d6:c0:ee:d4:22:16:9e:01:ab:30:
                    71:94:89:92:3f:82:20:fd:49:18:c2:a0:f5:b1:23:
                    bf:71:6d:b6:59:98:30:76:93:92:cf:07:e4:cd:43:
                    6a:92:cb:9f:52:2e:87:60:2f:e0:94:3e:2a:e3:b9:
                    db:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:24:10:6E:BF:62:72:69:77:3E:1E:2D:07:F7:66:51:2A:35:A5:43
            X509v3 Authority Key Identifier:
                keyid:3E:19:04:83:48:D7:EC:B9:F1:19:10:80:55:5B:F4:45:8A:1A:54:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PhkEg0jX7LnxGRCAVVv0RYoaVOc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/af262c-e2cd-4841-850f-02f35ad877f3/1/CyQQbr9icml3Ph4tB_dmUSo1pUM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/af262c-e2cd-4841-850f-02f35ad877f3/1/PhkEg0jX7LnxGRCAVVv0RYoaVOc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:c8:44:91:30:9d:0f:27:ae:2c:8c:a0:a4:0b:42:0e:b2:e7:
         0d:df:e8:c7:4e:18:54:b7:80:8d:55:a1:a7:a6:28:a6:ab:02:
         43:de:88:e8:41:cb:09:7f:5c:1d:bc:6a:c1:15:48:e0:c8:6b:
         35:77:77:12:be:a9:fc:18:3f:0e:ae:e6:73:ea:02:6d:c3:7e:
         37:b0:0a:3d:ab:2b:50:6b:00:74:a7:c4:03:4c:0e:1f:52:4a:
         7e:82:80:a1:99:a7:15:19:08:2a:db:fd:27:b9:9f:2f:b0:91:
         0f:23:5e:f0:5b:df:36:b5:81:11:9c:ff:64:07:98:53:ae:46:
         97:93:6a:b9:d2:fb:a7:1e:1d:97:39:f2:c6:6c:5f:0e:46:cb:
         1d:46:b9:15:e2:58:85:c7:0c:f4:40:f7:ba:04:e6:43:00:4e:
         6f:09:87:4a:e8:69:4b:f1:08:be:a3:dd:d2:7c:42:22:c3:c8:
         2b:d8:dc:0b:8e:b4:bb:71:52:51:29:0b:73:07:eb:f0:25:ef:
         e8:17:c4:d0:15:a4:91:05:7c:f5:b8:49:0a:9f:d6:61:60:8c:
         f8:77:fd:6c:a1:8f:2b:32:e9:e7:71:24:6f:38:21:b5:cb:5d:
         1c:b4:4d:89:20:ce:fd:51:cf:2f:19:67:9d:8a:ff:b0:6e:1c:
         48:f6:a2:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB7CflzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTE5MDQ4MzQ4ZDdlY2I5ZjExOTEwODA1NTViZjQ0NThhMWE1NGU3MB4XDTIyMDEw
MTE1NTgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGIyNDEwNmViZjYy
NzI2OTc3M2UxZTJkMDdmNzY2NTEyYTM1YTU0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFzEjIFk9Wam65MuicmZgTZsyuAm+apQ53MqxaKeB/xmBbI
djTuP0rg/xVg9yiOV9+iJtuDCTCjOZfJxtUZqoPGu+DLVi7PU+ojWU3kF+GWJ8jP
+YMdUgaUBn28Z/JMdVjfXm3TbD0la9vgIFW/6XmfL7ZUQ46Vn8g9tRpDzG8x2FSL
LrIKgGGEfwkUweViDO4WLaQUaUSSZFbB2uYVbTNl4qCtz6wWcQo03UtlUz4v09RQ
2Nq2RQGypPNeMoGDuQL4c6pTuNrWwO7UIhaeAaswcZSJkj+CIP1JGMKg9bEjv3Ft
tlmYMHaTks8H5M1DapLLn1Iuh2Av4JQ+KuO52/cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQLJBBuv2JyaXc+Hi0H92ZRKjWlQzAfBgNVHSMEGDAWgBQ+GQSDSNfsufEZ
EIBVW/RFihpU5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Boa0VnMGpYN0xueEdSQ0FWVnYwUllvYVZPYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvYWYyNjJjLWUyY2QtNDg0MS04NTBmLTAyZjM1YWQ4NzdmMy8x
L0N5UVFicjlpY21sM1BoNHRCX2RtVVNvMXBVTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
YWYyNjJjLWUyY2QtNDg0MS04NTBmLTAyZjM1YWQ4NzdmMy8xL1Boa0VnMGpYN0xu
eEdSQ0FWVnYwUllvYVZPYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1aaDANBgkqhkiG9w0BAQsFAAOC
AQEAUMhEkTCdDyeuLIygpAtCDrLnDd/ox04YVLeAjVWhp6YopqsCQ96I6EHLCX9c
HbxqwRVI4MhrNXd3Er6p/Bg/Dq7mc+oCbcN+N7AKPasrUGsAdKfEA0wOH1JKfoKA
oZmnFRkIKtv9J7mfL7CRDyNe8FvfNrWBEZz/ZAeYU65Gl5NqudL7px4dlznyxmxf
DkbLHUa5FeJYhccM9ED3ugTmQwBObwmHSuhpS/EIvqPd0nxCIsPIK9jcC460u3FS
USkLcwfr8CXv6BfE0BWkkQV89bhJCp/WYWCM+Hf9bKGPKzLp53EkbzghtctdHLRN
iSDO/VHPLxlnnYr/sG4cSPai2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:08 2024 by rpki-client on console-fra.rpki-client.org