Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/kVT89c3zy_soqojVx2JiQ8H2J0U.roa
File:                     kVT89c3zy_soqojVx2JiQ8H2J0U.roa (raw, json)
Hash identifier:          uNixugbToLaVTMZCJvcWVCtP0VfF/n7ETUiPNAtR/Z0=
Subject key identifier:   91:54:FC:F5:CD:F3:CB:FB:28:AA:88:D5:C7:62:62:43:C1:F6:27:45
Certificate issuer:       /CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
Certificate serial:       019993F7
Authority key identifier: 28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/kVT89c3zy_soqojVx2JiQ8H2J0U.roa
Signing time:             Sat 01 Jan 2022 13:06:21 +0000
ROA not before:           Sat 01 Jan 2022 13:06:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        45.145.232.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26842103 (0x19993f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
        Validity
            Not Before: Jan  1 13:06:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9154fcf5cdf3cbfb28aa88d5c7626243c1f62745
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:33:1a:0a:a2:54:ce:b0:50:75:57:eb:12:be:
                    12:e8:c2:32:65:21:8b:b1:f2:72:a5:b1:39:6d:44:
                    65:74:8c:0e:be:6f:ac:af:67:be:ef:37:26:e7:4d:
                    d5:91:9f:a5:68:d9:2d:53:4c:33:8a:08:e7:65:57:
                    72:bc:f5:a2:5b:8b:39:8d:62:c7:f8:1d:c0:17:70:
                    cc:a6:39:40:2d:18:80:06:1a:40:dc:9f:d8:51:6a:
                    f1:60:02:3d:61:1a:27:15:55:1d:72:e2:60:a1:28:
                    e6:b7:f7:ba:10:f4:34:db:bb:59:aa:19:b2:79:b9:
                    dd:ff:99:e4:cf:be:63:fb:c4:ee:de:49:50:d4:42:
                    56:7f:a9:18:a9:94:cc:0c:7d:4e:28:a4:e4:af:ed:
                    1a:5a:2a:3b:ff:e9:c5:da:98:a0:65:98:6a:31:de:
                    52:1a:d5:3b:c3:60:6f:0a:ce:d0:78:69:4d:d8:76:
                    dd:8c:59:51:2c:a0:01:53:1b:32:8a:da:55:ab:41:
                    c3:0b:c3:40:80:a7:da:1d:b3:e9:29:df:38:f2:fd:
                    a7:72:27:09:7b:5d:2d:f0:35:9a:15:ba:4e:3c:09:
                    7f:85:35:70:b6:10:b7:2d:34:69:c1:50:33:4f:16:
                    b8:13:54:e0:88:9b:83:8f:4d:ed:38:ba:07:ae:98:
                    76:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:54:FC:F5:CD:F3:CB:FB:28:AA:88:D5:C7:62:62:43:C1:F6:27:45
            X509v3 Authority Key Identifier:
                keyid:28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/kVT89c3zy_soqojVx2JiQ8H2J0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:9b:ed:a3:64:95:e1:55:f2:7b:1e:55:89:83:fb:2a:84:5b:
         4a:24:8c:ef:39:70:3a:43:c5:05:82:0a:54:81:5a:10:49:39:
         52:0b:9b:39:1e:da:43:dc:6a:1e:43:85:e8:c6:76:67:1c:f1:
         cb:a5:ca:6a:14:d6:34:fa:5e:ad:a2:ff:4e:cd:85:a2:5b:b4:
         fe:d6:f0:e3:e6:8a:51:73:ec:97:6a:fb:d7:4b:6e:64:aa:f2:
         b5:fd:aa:09:9f:10:c3:f8:ce:db:49:10:18:df:13:df:43:bb:
         60:2c:b8:c5:3b:d1:36:5e:0e:65:08:f9:e8:48:e2:d1:d0:4b:
         76:14:0b:83:ba:c8:13:a6:30:ba:90:29:e7:b8:f4:d7:c3:7a:
         2e:19:17:e0:c2:af:8f:d5:25:d0:46:ca:7d:d2:10:95:ec:d5:
         96:ac:e4:91:2e:70:24:5b:eb:9e:43:da:41:1f:f6:7b:e6:3b:
         aa:da:62:e0:07:9d:3c:b1:8e:0d:1a:01:45:cf:4c:f0:e9:da:
         a9:8a:16:1c:f7:28:16:a7:4a:db:12:76:5e:dd:cf:ba:e6:64:
         25:98:e6:df:fd:d4:f5:ab:17:af:0d:2d:0e:c3:55:9b:fb:d2:
         04:d3:fd:9b:00:81:f8:ae:b2:3b:d1:e7:9c:ff:8f:7a:ad:e5:
         72:8a:bd:75
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAZmT9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OGM2ODAwZDc0YmM0MTA1YjQwZTc3ZWEwODViYTAyNmRiZWVjMzVmMB4XDTIyMDEw
MTEzMDYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTE1NGZjZjVjZGYz
Y2JmYjI4YWE4OGQ1Yzc2MjYyNDNjMWY2Mjc0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEzGgqiVM6wUHVX6xK+EujCMmUhi7HycqWxOW1EZXSMDr5v
rK9nvu83JudN1ZGfpWjZLVNMM4oI52VXcrz1oluLOY1ix/gdwBdwzKY5QC0YgAYa
QNyf2FFq8WACPWEaJxVVHXLiYKEo5rf3uhD0NNu7WaoZsnm53f+Z5M++Y/vE7t5J
UNRCVn+pGKmUzAx9Tiik5K/tGloqO//pxdqYoGWYajHeUhrVO8NgbwrO0HhpTdh2
3YxZUSygAVMbMoraVatBwwvDQICn2h2z6SnfOPL9p3InCXtdLfA1mhW6TjwJf4U1
cLYQty00acFQM08WuBNU4Iibg49N7Ti6B66YdiUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSRVPz1zfPL+yiqiNXHYmJDwfYnRTAfBgNVHSMEGDAWgBQoxoANdLxBBbQO
d+oIW6Am2+7DXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tNYUFEWFM4UVFXMERuZnFDRnVnSnR2dXcxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvMjQyOTExLTkzYzAtNDVlNy05MDEyLTQ5MzliYmZkZmI4Ni8x
L2tWVDg5YzN6eV9zb3FvalZ4MkppUThIMkowVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
MjQyOTExLTkzYzAtNDVlNy05MDEyLTQ5MzliYmZkZmI4Ni8xL0tNYUFEWFM4UVFX
MERuZnFDRnVnSnR2dXcxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2R6DANBgkqhkiG9w0BAQsFAAOC
AQEAf5vto2SV4VXyex5ViYP7KoRbSiSM7zlwOkPFBYIKVIFaEEk5UgubOR7aQ9xq
HkOF6MZ2Zxzxy6XKahTWNPperaL/Ts2Folu0/tbw4+aKUXPsl2r710tuZKrytf2q
CZ8Qw/jO20kQGN8T30O7YCy4xTvRNl4OZQj56Eji0dBLdhQLg7rIE6YwupAp57j0
18N6LhkX4MKvj9Ul0EbKfdIQlezVlqzkkS5wJFvrnkPaQR/2e+Y7qtpi4AedPLGO
DRoBRc9M8OnaqYoWHPcoFqdK2xJ2Xt3PuuZkJZjm3/3U9asXrw0tDsNVm/vSBNP9
mwCB+K6yO9HnnP+Peq3lcoq9dQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:26 2023 by rpki-client on console-fra.rpki-client.org