Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/5D-y_9JS4zo3053pHUQtHnng1Eo.roa
File:                     5D-y_9JS4zo3053pHUQtHnng1Eo.roa (raw, json)
Hash identifier:          RQBajhfZIQdtG3Z/hYAWfGhoFcl23RKtq85pAHDbPNI=
Subject key identifier:   E4:3F:B2:FF:D2:52:E3:3A:37:D3:9D:E9:1D:44:2D:1E:79:E0:D4:4A
Certificate issuer:       /CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
Certificate serial:       0182E96E252B875AD6FB019E5231900BD841
Authority key identifier: BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/5D-y_9JS4zo3053pHUQtHnng1Eo.roa
Signing time:             Mon 29 Aug 2022 11:48:05 +0000
ROA not before:           Mon 29 Aug 2022 11:48:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57112
IP address blocks:        45.91.56.0/22 maxlen: 22
                          45.84.40.0/22 maxlen: 24
                          2a0e:9680::/29 maxlen: 29
                          2a0e:c40::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:e9:6e:25:2b:87:5a:d6:fb:01:9e:52:31:90:0b:d8:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
        Validity
            Not Before: Aug 29 11:48:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e43fb2ffd252e33a37d39de91d442d1e79e0d44a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:9f:d8:7b:61:fe:b7:e6:c2:94:41:2e:66:6b:
                    23:fd:b5:5f:f5:8d:ee:7c:38:e3:e5:c1:7c:1c:3a:
                    f9:d9:77:7a:bc:65:8e:2d:fa:72:fc:3b:36:80:85:
                    39:ee:37:d2:4f:c3:d8:9f:0b:2b:3f:bd:89:b0:6c:
                    c2:98:d3:38:11:ee:a0:f4:08:0d:a9:e5:67:40:c7:
                    45:e9:74:61:f5:8a:be:80:a8:d3:f9:be:57:e5:47:
                    69:84:4c:26:55:81:4c:74:40:b1:bd:bb:a1:f3:10:
                    fa:25:a1:a9:91:5a:09:b9:d9:98:0b:1b:e8:9a:cd:
                    b9:fd:c8:6a:ba:db:45:6e:2d:76:49:32:5b:7d:be:
                    34:e1:e0:28:f2:34:dc:3d:d4:cf:cf:99:51:66:bb:
                    93:a1:4c:a2:c0:04:a7:84:bb:a5:51:26:7a:38:7f:
                    f7:df:8b:24:79:a9:82:d2:9d:5e:fd:d8:f0:a2:b0:
                    12:99:1b:8c:8d:d8:29:00:04:6b:7e:dd:ab:40:25:
                    94:13:27:f7:a2:0a:61:2e:9e:f9:83:a9:81:5e:04:
                    e4:ea:27:3c:60:a7:f1:11:4c:42:6b:24:58:48:85:
                    95:29:c4:6a:57:55:00:fc:9c:58:5c:2b:e8:12:98:
                    ad:3a:7c:14:e4:44:17:70:99:92:5b:29:f8:70:8f:
                    45:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:3F:B2:FF:D2:52:E3:3A:37:D3:9D:E9:1D:44:2D:1E:79:E0:D4:4A
            X509v3 Authority Key Identifier:
                keyid:BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/5D-y_9JS4zo3053pHUQtHnng1Eo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/v8Rw6bWOVX6owdvtrrnGpfxFUSU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.84.40.0/22
                  45.91.56.0/22
                IPv6:
                  2a0e:c40::/29
                  2a0e:9680::/29

    Signature Algorithm: sha256WithRSAEncryption
         95:af:84:c4:cc:48:97:3c:03:77:5e:47:55:a1:cc:68:aa:b5:
         5e:71:ba:50:27:1e:03:4c:9f:6d:7e:fe:f7:f6:1d:08:28:7f:
         50:b3:49:30:ad:60:ba:b7:c6:71:3b:b3:ba:d9:7c:51:2a:f5:
         11:e3:29:16:4b:ff:b3:ae:d0:f8:05:21:56:b0:b0:08:f9:df:
         cc:38:17:0e:92:09:9d:f5:49:0d:8c:9a:8b:eb:7b:2d:ab:6e:
         52:67:2d:3e:f0:8b:48:51:bc:f9:ca:a2:60:92:68:e8:0a:2e:
         a2:d1:7d:5b:12:e8:60:5d:a7:b4:08:48:df:df:01:48:a8:a3:
         e5:aa:26:2e:73:e0:06:d5:ee:2d:78:82:15:57:30:25:c0:be:
         be:83:ea:51:0e:eb:fb:97:e9:94:bf:b8:0c:e4:e3:95:b9:30:
         f6:86:d8:b9:6b:d2:4b:5a:e3:c6:ae:19:09:c0:7d:20:c7:5a:
         1d:8c:fd:e1:f7:52:ca:86:6f:72:66:bd:f5:98:12:0f:5d:3e:
         dd:c5:05:6e:8b:f0:b2:7a:66:be:6e:f3:fe:1a:23:ec:cb:f5:
         08:a9:c8:2c:2b:91:29:25:d2:fd:a3:52:77:a8:26:20:76:4c:
         62:0d:fa:d2:8e:53:4b:df:eb:da:1c:bf:0d:5c:6b:ca:b2:5e:
         de:f1:90:8c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYLpbiUrh1rW+wGeUjGQC9hBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYzQ3MGU5YjU4ZTU1N2VhOGMxZGJlZGFlYjljNmE1ZmM0
NTUxMjUwHhcNMjIwODI5MTE0ODA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDNmYjJmZmQyNTJlMzNhMzdkMzlkZTkxZDQ0MmQxZTc5ZTBkNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ/Ye2H+t+bClEEuZmsj/bVf9Y3u
fDjj5cF8HDr52Xd6vGWOLfpy/Ds2gIU57jfST8PYnwsrP72JsGzCmNM4Ee6g9AgN
qeVnQMdF6XRh9Yq+gKjT+b5X5UdphEwmVYFMdECxvbuh8xD6JaGpkVoJudmYCxvo
ms25/chquttFbi12STJbfb404eAo8jTcPdTPz5lRZruToUyiwASnhLulUSZ6OH/3
34skeamC0p1e/djworASmRuMjdgpAARrft2rQCWUEyf3ogphLp75g6mBXgTk6ic8
YKfxEUxCayRYSIWVKcRqV1UA/JxYXCvoEpitOnwU5EQXcJmSWyn4cI9FXwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOQ/sv/SUuM6N9Od6R1ELR554NRKMB8GA1UdIwQY
MBaAFL/EcOm1jlV+qMHb7a65xqX8RVElMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzkt
YTJhYTY1NDBmODc1LzEvNUQteV85SlM0em8zMDUzcEhVUXRIbm5nMUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzktYTJhYTY1NDBmODc1
LzEvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVQoAwQC
LVs4MBQEAgACMA4DBQMqDgxAAwUDKg6WgDANBgkqhkiG9w0BAQsFAAOCAQEAla+E
xMxIlzwDd15HVaHMaKq1XnG6UCceA0yfbX7+9/YdCCh/ULNJMK1gurfGcTuzutl8
USr1EeMpFkv/s67Q+AUhVrCwCPnfzDgXDpIJnfVJDYyai+t7LatuUmctPvCLSFG8
+cqiYJJo6AouotF9WxLoYF2ntAhI398BSKij5aomLnPgBtXuLXiCFVcwJcC+voPq
UQ7r+5fplL+4DOTjlbkw9obYuWvSS1rjxq4ZCcB9IMdaHYz94fdSyoZvcma99ZgS
D10+3cUFbovwsnpmvm7z/hoj7Mv1CKnILCuRKSXS/aNSd6gmIHZMYg360o5TS9/r
2hy/DVxryrJe3vGQjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:05 2024 by rpki-client on console-ams.rpki-client.org