Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/F9z8xl5v38QtKnSVTmDrCIY797g.roa
File:                     F9z8xl5v38QtKnSVTmDrCIY797g.roa (raw, json)
Hash identifier:          jXGdLuPubhmrfVZtwj+67S/fYIfxOt95scisjxqIfaI=
Subject key identifier:   17:DC:FC:C6:5E:6F:DF:C4:2D:2A:74:95:4E:60:EB:08:86:3B:F7:B8
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       07A8A4FC
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/F9z8xl5v38QtKnSVTmDrCIY797g.roa
Signing time:             Sat 01 Jan 2022 08:01:48 +0000
ROA not before:           Sat 01 Jan 2022 08:01:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56382
IP address blocks:        45.14.69.0/24 maxlen: 24
                          185.255.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128492796 (0x7a8a4fc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  1 08:01:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=17dcfcc65e6fdfc42d2a74954e60eb08863bf7b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:bc:71:d2:6f:af:02:b8:c0:25:fb:ea:b8:d3:
                    06:00:89:95:20:28:9a:a2:57:7a:24:d1:49:96:43:
                    2b:9b:d3:c8:65:e9:79:45:d4:89:b1:dc:aa:45:82:
                    c0:c9:42:41:8f:a7:85:2b:8f:fc:2d:06:ee:d8:f2:
                    24:5c:ed:56:86:a5:4a:64:c3:1b:3f:0b:0c:f8:3d:
                    97:34:5b:ba:99:e9:e7:af:79:7c:12:28:c9:2d:0d:
                    ea:d1:df:a8:b3:fe:9a:f0:be:00:27:36:38:ca:d0:
                    e8:6a:a5:69:66:51:17:91:37:b1:d2:d3:b7:e3:08:
                    04:57:45:d1:ff:0f:fa:17:7f:dd:1d:19:d0:ad:4a:
                    d0:ea:d2:fa:a0:4c:aa:7b:a4:17:50:ce:87:4d:9b:
                    a7:5c:1f:8a:48:68:db:c3:2c:ba:68:e5:ea:68:b3:
                    13:cc:65:5c:0a:1c:ae:21:f3:b6:3d:d2:7d:22:7b:
                    93:52:b3:7f:ed:2f:c5:a4:85:78:78:b7:30:82:a8:
                    61:ab:63:43:fe:2e:13:6e:70:d3:69:ea:eb:8c:75:
                    40:bc:b1:61:9c:c6:98:7f:e7:6d:9c:03:d3:9c:c4:
                    75:6d:54:85:b3:bb:f9:64:88:c3:65:e9:5c:1f:d7:
                    ed:74:b3:7b:cb:5b:1a:f2:ec:03:51:a6:2a:bc:34:
                    b0:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:DC:FC:C6:5E:6F:DF:C4:2D:2A:74:95:4E:60:EB:08:86:3B:F7:B8
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/F9z8xl5v38QtKnSVTmDrCIY797g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.14.69.0/24
                  185.255.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:bd:6f:a3:c5:57:fc:c7:f7:16:e2:b1:77:21:dd:a8:f8:6b:
         32:bb:e7:34:da:10:f0:76:f2:52:fb:82:11:88:1d:3d:0d:e6:
         5d:15:2e:12:b9:75:a6:1a:f2:63:1b:1a:76:1c:d5:39:5b:4b:
         22:04:8d:f4:12:08:52:11:fd:b3:ff:0c:c2:73:30:59:ad:32:
         99:29:a0:45:78:4f:37:e6:7d:14:29:72:0b:05:85:55:99:88:
         16:ab:4b:9d:31:d9:49:cb:ed:7f:cc:0a:e5:5c:6e:45:42:64:
         2d:96:78:a0:16:ca:0c:dd:55:4e:13:61:80:8c:f3:d4:04:cf:
         fc:75:14:c6:7b:ef:41:3b:aa:6d:2d:39:66:12:d3:91:74:cd:
         30:21:2f:4a:04:61:e1:c5:45:4f:df:28:37:d7:1b:ed:99:08:
         0d:07:e5:41:0a:19:5a:13:80:9a:95:0c:44:7b:41:bc:29:35:
         63:5d:23:7f:b1:ab:9b:b6:c7:c1:e7:8b:f4:67:e4:08:71:1d:
         a7:de:4b:1f:27:04:27:0c:35:54:d7:e4:ab:cb:2f:bf:28:cb:
         cb:da:93:87:90:0a:f3:b5:5f:eb:c3:70:dc:d0:6c:a1:d4:7a:
         a6:54:e4:37:2a:de:64:5a:22:b8:7f:54:a8:75:ff:8d:72:e7:
         ab:2e:d4:74
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB6ik/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
MTA4MDE0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTdkY2ZjYzY1ZTZm
ZGZjNDJkMmE3NDk1NGU2MGViMDg4NjNiZjdiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALG8cdJvrwK4wCX76rjTBgCJlSAomqJXeiTRSZZDK5vTyGXp
eUXUibHcqkWCwMlCQY+nhSuP/C0G7tjyJFztVoalSmTDGz8LDPg9lzRbupnp5695
fBIoyS0N6tHfqLP+mvC+ACc2OMrQ6GqlaWZRF5E3sdLTt+MIBFdF0f8P+hd/3R0Z
0K1K0OrS+qBMqnukF1DOh02bp1wfikho28Msumjl6mizE8xlXAocriHztj3SfSJ7
k1Kzf+0vxaSFeHi3MIKoYatjQ/4uE25w02nq64x1QLyxYZzGmH/nbZwD05zEdW1U
hbO7+WSIw2XpXB/X7XSze8tbGvLsA1GmKrw0sMcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQX3PzGXm/fxC0qdJVOYOsIhjv3uDAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
L0Y5ejh4bDV2MzhRdEtuU1ZUbURyQ0lZNzk3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC0ORQMEALn/NDANBgkqhkiG9w0B
AQsFAAOCAQEAh71vo8VX/Mf3FuKxdyHdqPhrMrvnNNoQ8HbyUvuCEYgdPQ3mXRUu
Erl1phryYxsadhzVOVtLIgSN9BIIUhH9s/8MwnMwWa0ymSmgRXhPN+Z9FClyCwWF
VZmIFqtLnTHZScvtf8wK5VxuRUJkLZZ4oBbKDN1VThNhgIzz1ATP/HUUxnvvQTuq
bS05ZhLTkXTNMCEvSgRh4cVFT98oN9cb7ZkIDQflQQoZWhOAmpUMRHtBvCk1Y10j
f7Grm7bHweeL9GfkCHEdp95LHycEJww1VNfkq8svvyjLy9qTh5AK87Vf68Nw3NBs
odR6plTkNyreZFoiuH9UqHX/jXLnqy7UdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org