Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/b463a6-282f-45f0-b4ba-cdf92fbe8f0b/1/dYAodA46BJoMODRhCOibY2zKat0.roa
File:                     dYAodA46BJoMODRhCOibY2zKat0.roa (raw, json)
Hash identifier:          uxLGQzmRFSEqjJeohp004P9bh2goG0D5CAQgb/hdcGg=
Subject key identifier:   75:80:28:74:0E:3A:04:9A:0C:38:34:61:08:E8:9B:63:6C:CA:6A:DD
Certificate issuer:       /CN=ac91f230a0e2eeda3810522e74a698200713e620
Certificate serial:       9E63DD
Authority key identifier: AC:91:F2:30:A0:E2:EE:DA:38:10:52:2E:74:A6:98:20:07:13:E6:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rJHyMKDi7to4EFIudKaYIAcT5iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/b463a6-282f-45f0-b4ba-cdf92fbe8f0b/1/dYAodA46BJoMODRhCOibY2zKat0.roa
Signing time:             Sat 01 Jan 2022 03:51:14 +0000
ROA not before:           Sat 01 Jan 2022 03:51:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208403
IP address blocks:        45.131.23.0/24 maxlen: 24
                          45.131.20.0/24 maxlen: 24
                          45.131.21.0/24 maxlen: 24
                          45.131.22.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10380253 (0x9e63dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac91f230a0e2eeda3810522e74a698200713e620
        Validity
            Not Before: Jan  1 03:51:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=758028740e3a049a0c38346108e89b636cca6add
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:80:d2:49:af:83:eb:b6:f0:e5:21:17:0c:a3:
                    4a:b6:3e:37:33:42:63:eb:25:e2:5e:52:ce:91:25:
                    cc:71:22:8c:b7:33:40:d6:94:58:2b:c6:3f:32:37:
                    b4:a9:72:83:f1:09:57:08:40:ac:bd:f0:9d:ca:52:
                    31:96:21:a3:60:a4:8b:f2:cd:15:46:d8:58:bf:09:
                    26:f8:b0:97:92:a7:fc:b6:13:81:57:ca:cf:f5:d6:
                    51:f5:a3:1c:52:9d:af:27:09:5e:6f:33:9d:ae:b7:
                    bb:b3:2d:49:8d:60:7e:03:10:6b:39:10:a7:9d:7f:
                    ea:9b:aa:9b:2a:0c:3d:e9:d6:7d:5a:78:c8:18:3f:
                    b9:70:69:61:64:c3:28:bc:29:9c:89:34:d3:65:39:
                    6f:59:6a:cd:43:bf:33:fe:20:73:b8:ae:e0:2a:08:
                    77:83:98:12:71:b8:ec:03:11:b6:3a:cb:98:fa:10:
                    ab:be:25:05:15:0b:7b:51:d9:7c:e4:9b:b8:be:18:
                    1a:6c:e5:2f:8b:c2:f7:bc:49:d4:f0:fc:5a:1e:ca:
                    33:2c:4f:de:9f:89:69:aa:57:5f:93:c3:08:0e:9f:
                    aa:bf:84:d7:31:0e:c3:89:15:cd:51:f9:48:36:af:
                    57:7d:14:cd:4d:6b:fb:ff:e2:eb:a5:69:07:b4:b4:
                    75:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:80:28:74:0E:3A:04:9A:0C:38:34:61:08:E8:9B:63:6C:CA:6A:DD
            X509v3 Authority Key Identifier:
                keyid:AC:91:F2:30:A0:E2:EE:DA:38:10:52:2E:74:A6:98:20:07:13:E6:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJHyMKDi7to4EFIudKaYIAcT5iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/b463a6-282f-45f0-b4ba-cdf92fbe8f0b/1/dYAodA46BJoMODRhCOibY2zKat0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/b463a6-282f-45f0-b4ba-cdf92fbe8f0b/1/rJHyMKDi7to4EFIudKaYIAcT5iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5e:3b:c0:7a:b2:4e:27:61:d8:0a:ac:81:83:29:f9:ff:b4:16:
         05:08:49:df:cf:57:bc:16:25:3a:98:07:8b:f7:2f:83:53:d3:
         2c:fe:46:aa:14:4c:33:9c:f3:87:f2:4e:be:1b:41:5e:f0:8d:
         0c:10:62:cf:ad:88:6d:6a:31:49:28:57:fe:88:c5:c0:f4:cd:
         af:b8:9f:67:58:86:a4:63:35:3e:49:70:58:5b:93:16:23:6b:
         9e:fc:bf:48:5d:83:33:4d:5e:20:b9:a8:66:d8:3e:5f:3b:65:
         19:54:78:d5:a5:ba:40:19:16:24:45:38:06:41:86:49:a1:44:
         84:c4:e2:f9:9f:c0:b2:ef:68:10:5f:e8:9d:a6:9c:70:cc:4c:
         8c:b5:72:c1:92:92:f6:9a:8e:8d:37:c0:73:47:b5:2e:0d:16:
         37:84:5a:fa:9e:cc:e9:36:8b:0c:d7:2b:76:58:73:e1:0c:d0:
         b6:67:5a:4a:b7:e0:b7:47:34:89:d0:c2:41:f5:7b:8b:39:e6:
         a0:f6:b4:91:87:5b:d5:a4:51:56:72:56:d8:5f:9f:0e:8f:fe:
         41:72:f4:f3:99:96:dd:26:8c:3b:92:ae:c1:db:d4:ea:bc:37:
         cf:3d:1f:f3:26:79:81:b1:03:86:ab:55:91:bc:80:cc:02:b6:
         26:77:07:52
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJ5j3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzkxZjIzMGEwZTJlZWRhMzgxMDUyMmU3NGE2OTgyMDA3MTNlNjIwMB4XDTIyMDEw
MTAzNTExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU4MDI4NzQwZTNh
MDQ5YTBjMzgzNDYxMDhlODliNjM2Y2NhNmFkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeA0kmvg+u28OUhFwyjSrY+NzNCY+sl4l5SzpElzHEijLcz
QNaUWCvGPzI3tKlyg/EJVwhArL3wncpSMZYho2Cki/LNFUbYWL8JJviwl5Kn/LYT
gVfKz/XWUfWjHFKdrycJXm8zna63u7MtSY1gfgMQazkQp51/6puqmyoMPenWfVp4
yBg/uXBpYWTDKLwpnIk002U5b1lqzUO/M/4gc7iu4CoId4OYEnG47AMRtjrLmPoQ
q74lBRULe1HZfOSbuL4YGmzlL4vC97xJ1PD8Wh7KMyxP3p+JaapXX5PDCA6fqr+E
1zEOw4kVzVH5SDavV30UzU1r+//i66VpB7S0dVcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR1gCh0DjoEmgw4NGEI6JtjbMpq3TAfBgNVHSMEGDAWgBSskfIwoOLu2jgQ
Ui50ppggBxPmIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JKSHlNS0RpN3RvNEVGSXVkS2FZSUFjVDVpQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvYjQ2M2E2LTI4MmYtNDVmMC1iNGJhLWNkZjkyZmJlOGYwYi8x
L2RZQW9kQTQ2QkpvTU9EUmhDT2liWTJ6S2F0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
YjQ2M2E2LTI4MmYtNDVmMC1iNGJhLWNkZjkyZmJlOGYwYi8xL3JKSHlNS0RpN3Rv
NEVGSXVkS2FZSUFjVDVpQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2DFDANBgkqhkiG9w0BAQsFAAOC
AQEAXjvAerJOJ2HYCqyBgyn5/7QWBQhJ389XvBYlOpgHi/cvg1PTLP5GqhRMM5zz
h/JOvhtBXvCNDBBiz62IbWoxSShX/ojFwPTNr7ifZ1iGpGM1PklwWFuTFiNrnvy/
SF2DM01eILmoZtg+XztlGVR41aW6QBkWJEU4BkGGSaFEhMTi+Z/Asu9oEF/onaac
cMxMjLVywZKS9pqOjTfAc0e1Lg0WN4Ra+p7M6TaLDNcrdlhz4QzQtmdaSrfgt0c0
idDCQfV7iznmoPa0kYdb1aRRVnJW2F+fDo/+QXL085mW3SaMO5KuwdvU6rw3zz0f
8yZ5gbEDhqtVkbyAzAK2JncHUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:29 2024 by rpki-client on console-fra.rpki-client.org