Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/8b554c-0cef-41b3-ba3b-2d5d6884173f/1/p652E_lfqg6SWvzANqrPXJYup6c.roa
File:                     p652E_lfqg6SWvzANqrPXJYup6c.roa (raw, json)
Hash identifier:          g+H3K/Ltg7ZHlQYqUawl+NwWM0Q0iPo0iNNs0x9YJcI=
Subject key identifier:   A7:AE:76:13:F9:5F:AA:0E:92:5A:FC:C0:36:AA:CF:5C:96:2E:A7:A7
Certificate issuer:       /CN=935f53f5e407e55a2330d9d523a804c0722ca565
Certificate serial:       0182AB56F06A90D51DD4A87E8F500968E148
Authority key identifier: 93:5F:53:F5:E4:07:E5:5A:23:30:D9:D5:23:A8:04:C0:72:2C:A5:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k19T9eQH5VojMNnVI6gEwHIspWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/8b554c-0cef-41b3-ba3b-2d5d6884173f/1/p652E_lfqg6SWvzANqrPXJYup6c.roa
Signing time:             Wed 17 Aug 2022 10:26:17 +0000
ROA not before:           Wed 17 Aug 2022 10:26:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208550
IP address blocks:        45.158.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ab:56:f0:6a:90:d5:1d:d4:a8:7e:8f:50:09:68:e1:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=935f53f5e407e55a2330d9d523a804c0722ca565
        Validity
            Not Before: Aug 17 10:26:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a7ae7613f95faa0e925afcc036aacf5c962ea7a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:76:1b:9a:89:39:23:1a:f1:e7:d7:ef:c9:9a:
                    75:6b:70:7b:c7:20:ea:6f:5a:1e:79:11:2d:fe:6a:
                    c6:2e:2f:6f:35:06:2a:1f:5d:f9:ed:af:fa:f5:66:
                    f7:11:23:74:4a:95:46:90:2f:ae:df:c7:dc:9c:de:
                    f9:df:5e:8e:76:90:2f:99:fd:a9:89:ad:16:b8:32:
                    71:89:f6:a8:a5:a3:02:2b:1b:b0:0a:a5:cb:05:a9:
                    bf:a4:e1:74:3b:32:30:91:dd:b0:5c:f7:61:69:e3:
                    4e:32:4b:99:cd:27:f0:c8:70:c8:8c:25:0f:da:b7:
                    16:a6:dd:39:20:58:f0:47:11:27:d2:a4:6e:58:32:
                    6f:dd:a6:0d:f8:16:a0:50:d9:8a:ca:4d:96:04:4d:
                    3e:09:54:bc:66:46:25:ec:85:64:21:5a:1b:30:bf:
                    2f:d1:bc:cc:93:42:e4:d9:50:4e:06:82:7c:b3:a1:
                    be:27:ce:95:13:d2:7c:4a:e4:eb:f1:95:1c:46:49:
                    30:32:ea:5e:c2:1b:15:ab:85:5a:ac:47:3a:c8:4a:
                    d7:a2:cc:b9:43:a5:a0:75:fd:31:68:df:6a:35:94:
                    72:3d:1b:aa:28:20:67:70:d8:cc:75:2c:a0:fe:7c:
                    a5:42:98:eb:40:11:3b:ef:ef:25:66:a0:8a:c3:4e:
                    a8:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:AE:76:13:F9:5F:AA:0E:92:5A:FC:C0:36:AA:CF:5C:96:2E:A7:A7
            X509v3 Authority Key Identifier:
                keyid:93:5F:53:F5:E4:07:E5:5A:23:30:D9:D5:23:A8:04:C0:72:2C:A5:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k19T9eQH5VojMNnVI6gEwHIspWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8b554c-0cef-41b3-ba3b-2d5d6884173f/1/p652E_lfqg6SWvzANqrPXJYup6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/8b554c-0cef-41b3-ba3b-2d5d6884173f/1/k19T9eQH5VojMNnVI6gEwHIspWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:a3:7c:f0:6d:de:2a:a3:a8:b7:b6:23:20:87:b9:dd:09:9f:
         70:ef:1c:d3:18:eb:d4:3b:1d:a5:61:50:84:62:d5:26:8f:45:
         bb:34:6e:41:52:42:0a:75:30:9a:cf:e3:9a:a8:1e:d9:59:2b:
         99:30:e4:b3:14:05:c8:70:73:6e:63:76:ba:ce:a7:52:99:c9:
         9a:1b:6b:0f:2a:44:fe:a3:10:2e:47:47:fa:fe:f6:cb:8b:8e:
         3b:d8:20:c6:69:11:8e:b0:9d:ed:2b:02:26:53:02:2c:af:74:
         68:1f:03:16:52:01:6e:7b:a2:ad:16:c5:f3:44:a1:da:28:43:
         f5:3b:9a:35:d8:67:f6:f7:d6:4b:3c:f8:f3:be:57:d0:9f:33:
         5f:63:70:79:8c:85:95:c5:98:f2:b9:91:a3:00:26:c2:59:5b:
         d4:ec:11:28:b4:cf:15:b8:3e:6b:3d:58:7e:c8:5e:5b:57:8d:
         48:57:16:2c:87:e6:40:03:87:c2:39:64:7d:15:44:22:53:22:
         6b:c2:93:5d:ae:3e:d7:7c:07:cc:12:2a:a7:a1:42:66:94:d8:
         9e:3b:79:1a:40:65:46:e5:16:ad:b3:37:6e:73:b6:c9:6e:ae:
         e2:92:04:71:45:25:d0:05:07:d6:c1:24:c1:a4:c4:b7:1a:58:
         41:1f:26:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKrVvBqkNUd1Kh+j1AJaOFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNWY1M2Y1ZTQwN2U1NWEyMzMwZDlkNTIzYTgwNGMwNzIy
Y2E1NjUwHhcNMjIwODE3MTAyNjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2FlNzYxM2Y5NWZhYTBlOTI1YWZjYzAzNmFhY2Y1Yzk2MmVhN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHYbmok5Ixrx59fvyZp1a3B7xyDq
b1oeeREt/mrGLi9vNQYqH1357a/69Wb3ESN0SpVGkC+u38fcnN75316OdpAvmf2p
ia0WuDJxifaopaMCKxuwCqXLBam/pOF0OzIwkd2wXPdhaeNOMkuZzSfwyHDIjCUP
2rcWpt05IFjwRxEn0qRuWDJv3aYN+BagUNmKyk2WBE0+CVS8ZkYl7IVkIVobML8v
0bzMk0Lk2VBOBoJ8s6G+J86VE9J8SuTr8ZUcRkkwMupewhsVq4VarEc6yErXosy5
Q6Wgdf0xaN9qNZRyPRuqKCBncNjMdSyg/nylQpjrQBE77+8lZqCKw06oiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeudhP5X6oOklr8wDaqz1yWLqenMB8GA1UdIwQY
MBaAFJNfU/XkB+VaIzDZ1SOoBMByLKVlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazE5VDllUUg1Vm9qTU5uVkk2Z0V3SElzcFdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84YjU1NGMtMGNlZi00MWIzLWJhM2It
MmQ1ZDY4ODQxNzNmLzEvcDY1MkVfbGZxZzZTV3Z6QU5xclBYSll1cDZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84YjU1NGMtMGNlZi00MWIzLWJhM2ItMmQ1ZDY4ODQxNzNm
LzEvazE5VDllUUg1Vm9qTU5uVkk2Z0V3SElzcFdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ40MA0G
CSqGSIb3DQEBCwUAA4IBAQA2o3zwbd4qo6i3tiMgh7ndCZ9w7xzTGOvUOx2lYVCE
YtUmj0W7NG5BUkIKdTCaz+OaqB7ZWSuZMOSzFAXIcHNuY3a6zqdSmcmaG2sPKkT+
oxAuR0f6/vbLi4472CDGaRGOsJ3tKwImUwIsr3RoHwMWUgFue6KtFsXzRKHaKEP1
O5o12Gf299ZLPPjzvlfQnzNfY3B5jIWVxZjyuZGjACbCWVvU7BEotM8VuD5rPVh+
yF5bV41IVxYsh+ZAA4fCOWR9FUQiUyJrwpNdrj7XfAfMEiqnoUJmlNieO3kaQGVG
5Ratszduc7bJbq7ikgRxRSXQBQfWwSTBpMS3GlhBHybc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:28 2024 by rpki-client on console-fra.rpki-client.org