Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/YvpjDSn_eGfXFWMUk06m3yEcQvE.roa
File:                     YvpjDSn_eGfXFWMUk06m3yEcQvE.roa (raw, json)
Hash identifier:          ESPJh2omIPiMQxOVOrMxmZi4mfEJ/GkeMLZdob6Iy4U=
Subject key identifier:   62:FA:63:0D:29:FF:78:67:D7:15:63:14:93:4E:A6:DF:21:1C:42:F1
Certificate issuer:       /CN=a4a37beb7fd65caa9afc46d9f24273cd27c0f960
Certificate serial:       076A254E
Authority key identifier: A4:A3:7B:EB:7F:D6:5C:AA:9A:FC:46:D9:F2:42:73:CD:27:C0:F9:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pKN763_WXKqa_EbZ8kJzzSfA-WA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/YvpjDSn_eGfXFWMUk06m3yEcQvE.roa
Signing time:             Sat 01 Jan 2022 16:05:38 +0000
ROA not before:           Sat 01 Jan 2022 16:05:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20810
IP address blocks:        45.138.56.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124396878 (0x76a254e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4a37beb7fd65caa9afc46d9f24273cd27c0f960
        Validity
            Not Before: Jan  1 16:05:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62fa630d29ff7867d7156314934ea6df211c42f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:bf:91:0c:f4:f7:d4:f6:32:b5:39:38:27:6c:
                    60:5b:9c:9c:77:95:ec:79:04:b4:3b:33:59:55:4b:
                    f6:23:88:df:47:d4:57:b2:fe:03:8e:ae:5a:80:d1:
                    71:a2:01:c2:ca:4c:03:62:22:87:ce:38:cb:46:2a:
                    1a:a5:a3:9f:e3:8e:f3:b5:47:bf:67:e2:44:c2:34:
                    b7:7d:c7:c6:51:e5:bd:ac:4d:c1:07:be:b0:44:3e:
                    7b:a2:3a:65:2f:62:b9:d3:b0:c7:80:74:f7:c8:f2:
                    a0:24:08:8f:c4:a2:fc:ff:91:91:b8:13:f0:a8:30:
                    ee:21:78:b0:dd:71:d9:7b:e7:8e:35:10:93:3c:e1:
                    e9:86:df:4a:a8:39:6b:79:ee:b0:c2:43:c3:d0:64:
                    5a:f7:62:cc:cb:73:6c:d1:d2:41:0b:24:21:5f:c1:
                    82:fa:1d:f0:ca:28:e4:31:ce:c6:49:a9:24:9b:bf:
                    53:8b:14:60:c3:de:be:12:0d:c1:17:53:b7:32:6d:
                    89:70:ae:24:6a:e3:c8:2a:13:34:e7:14:33:2c:4f:
                    36:2b:5a:19:0d:d1:e4:f3:ea:8f:48:92:b1:64:53:
                    ff:7d:7d:66:23:99:45:48:c6:74:b3:25:84:18:da:
                    c2:8e:85:79:78:42:3b:a7:6d:28:ce:bd:41:7b:a6:
                    eb:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:FA:63:0D:29:FF:78:67:D7:15:63:14:93:4E:A6:DF:21:1C:42:F1
            X509v3 Authority Key Identifier:
                keyid:A4:A3:7B:EB:7F:D6:5C:AA:9A:FC:46:D9:F2:42:73:CD:27:C0:F9:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKN763_WXKqa_EbZ8kJzzSfA-WA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/YvpjDSn_eGfXFWMUk06m3yEcQvE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/pKN763_WXKqa_EbZ8kJzzSfA-WA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         bb:8e:a7:0e:6a:e6:98:c6:b4:fa:cc:96:c5:0d:d4:22:57:0c:
         48:b5:d9:c3:00:2d:04:4b:06:4e:d7:dc:20:ba:d1:32:39:8f:
         73:e5:ac:55:92:e5:41:b2:4a:05:a2:c7:ab:59:f4:f4:d7:f6:
         6a:a6:ad:e6:9b:92:13:54:1c:83:a7:76:3c:52:ae:31:31:15:
         d1:f4:5a:63:bd:30:4f:4b:ea:1d:ab:8f:02:1b:d9:af:5f:f5:
         be:a6:9c:2b:77:65:db:21:52:82:f2:3c:3a:df:ff:62:b3:58:
         f8:7c:f8:dc:39:3d:df:f9:86:be:74:6f:b4:25:48:ab:0b:37:
         4e:78:53:7a:3e:5a:4e:87:fc:d0:8c:63:d0:3d:e2:90:23:99:
         a1:ec:da:d6:a9:29:40:bb:4a:02:09:e9:58:11:a9:73:3f:4e:
         4d:1e:e0:99:eb:be:fb:dd:a4:b0:ba:b5:df:23:da:13:ef:43:
         cf:db:13:94:b6:33:ce:ba:4a:d5:ce:27:89:4c:3f:07:79:62:
         15:3d:9f:e2:f5:5e:dd:8c:1c:6a:de:68:b9:26:48:55:d8:a6:
         f4:a9:a2:41:72:1e:17:39:6f:27:2b:29:33:1e:5f:6b:76:ae:
         41:96:c6:4a:02:64:33:48:68:c0:60:5d:fc:52:af:af:25:5e:
         59:3c:e8:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB2olTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGEzN2JlYjdmZDY1Y2FhOWFmYzQ2ZDlmMjQyNzNjZDI3YzBmOTYwMB4XDTIyMDEw
MTE2MDUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJmYTYzMGQyOWZm
Nzg2N2Q3MTU2MzE0OTM0ZWE2ZGYyMTFjNDJmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALW/kQz099T2MrU5OCdsYFucnHeV7HkEtDszWVVL9iOI30fU
V7L+A46uWoDRcaIBwspMA2Iih844y0YqGqWjn+OO87VHv2fiRMI0t33HxlHlvaxN
wQe+sEQ+e6I6ZS9iudOwx4B098jyoCQIj8Si/P+RkbgT8Kgw7iF4sN1x2XvnjjUQ
kzzh6YbfSqg5a3nusMJDw9BkWvdizMtzbNHSQQskIV/Bgvod8Moo5DHOxkmpJJu/
U4sUYMPevhINwRdTtzJtiXCuJGrjyCoTNOcUMyxPNitaGQ3R5PPqj0iSsWRT/319
ZiOZRUjGdLMlhBjawo6FeXhCO6dtKM69QXum668CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRi+mMNKf94Z9cVYxSTTqbfIRxC8TAfBgNVHSMEGDAWgBSko3vrf9Zcqpr8
RtnyQnPNJ8D5YDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BLTjc2M19XWEtxYV9FYlo4a0p6elNmQS1XQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvZjQ0MGRlLTE1OTItNDU4Yy1hYWEzLTdjNDcyNDFjMGE4NC8x
L1l2cGpEU25fZUdmWEZXTVVrMDZtM3lFY1F2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
ZjQ0MGRlLTE1OTItNDU4Yy1hYWEzLTdjNDcyNDFjMGE4NC8xL3BLTjc2M19XWEtx
YV9FYlo4a0p6elNmQS1XQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2KODANBgkqhkiG9w0BAQsFAAOC
AQEAu46nDmrmmMa0+syWxQ3UIlcMSLXZwwAtBEsGTtfcILrRMjmPc+WsVZLlQbJK
BaLHq1n09Nf2aqat5puSE1Qcg6d2PFKuMTEV0fRaY70wT0vqHauPAhvZr1/1vqac
K3dl2yFSgvI8Ot//YrNY+Hz43Dk93/mGvnRvtCVIqws3TnhTej5aTof80Ixj0D3i
kCOZoeza1qkpQLtKAgnpWBGpcz9OTR7gmeu++92ksLq13yPaE+9Dz9sTlLYzzrpK
1c4niUw/B3liFT2f4vVe3Ywcat5ouSZIVdim9KmiQXIeFzlvJyspMx5fa3auQZbG
SgJkM0howGBd/FKvryVeWTzo5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:27 2024 by rpki-client on console-ams.rpki-client.org