Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/XLh078K0_kwJn0UcFoBb4nvy61Q.roa
File:                     XLh078K0_kwJn0UcFoBb4nvy61Q.roa (raw, json)
Hash identifier:          u7NNw7d/nKTLy385pDb4AGCHUKK7ugKyNmbnJv+2qNc=
Subject key identifier:   5C:B8:74:EF:C2:B4:FE:4C:09:9F:45:1C:16:80:5B:E2:7B:F2:EB:54
Certificate issuer:       /CN=0589ee303ff7d0d557599fa04b293dc2b16bb4d4
Certificate serial:       03BFEB83
Authority key identifier: 05:89:EE:30:3F:F7:D0:D5:57:59:9F:A0:4B:29:3D:C2:B1:6B:B4:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BYnuMD_30NVXWZ-gSyk9wrFrtNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/XLh078K0_kwJn0UcFoBb4nvy61Q.roa
Signing time:             Sat 01 Jan 2022 07:02:13 +0000
ROA not before:           Sat 01 Jan 2022 07:02:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212570
IP address blocks:        45.132.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62909315 (0x3bfeb83)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0589ee303ff7d0d557599fa04b293dc2b16bb4d4
        Validity
            Not Before: Jan  1 07:02:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5cb874efc2b4fe4c099f451c16805be27bf2eb54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:bb:96:2a:58:23:52:ec:44:ce:f0:36:15:de:
                    50:f8:3f:da:76:df:4b:1f:25:c4:8d:5d:05:ee:cb:
                    6c:06:e1:dc:87:e3:40:9b:3e:9b:88:d3:9b:76:b0:
                    16:ac:f7:8e:a1:4c:4e:07:81:3f:66:08:81:14:0d:
                    ae:48:87:15:0f:b2:6b:82:f5:7d:df:fc:0c:57:0b:
                    4a:98:a3:dc:31:9b:3a:2d:47:95:03:65:01:b1:1a:
                    61:90:1c:2a:a7:d8:4b:1e:bb:a4:b0:c3:49:82:0f:
                    eb:43:b5:f4:1c:e0:95:e5:f0:9b:8d:4e:fb:63:31:
                    d4:32:d7:cb:96:91:56:3d:77:31:b9:ba:97:90:da:
                    48:50:cd:d6:d4:3f:61:4d:87:1d:a0:eb:cf:95:3f:
                    4f:cf:be:4f:3e:10:e1:b8:ca:5b:14:cb:bd:e8:5c:
                    a9:d5:6f:0a:cd:70:1b:6b:88:79:09:96:f8:14:6a:
                    5e:d9:2d:fb:6b:1f:94:be:fa:00:23:53:6f:a7:ac:
                    df:f3:35:9e:43:2e:09:69:a0:17:8c:cd:c0:12:d3:
                    5a:9e:01:10:ae:f6:76:17:d8:34:80:42:ed:2b:3d:
                    f0:10:12:fd:54:e0:02:76:9d:1b:1a:8b:69:ed:87:
                    3f:49:7b:f4:fe:47:07:a2:23:f9:61:cc:0e:9d:3c:
                    33:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:B8:74:EF:C2:B4:FE:4C:09:9F:45:1C:16:80:5B:E2:7B:F2:EB:54
            X509v3 Authority Key Identifier:
                keyid:05:89:EE:30:3F:F7:D0:D5:57:59:9F:A0:4B:29:3D:C2:B1:6B:B4:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYnuMD_30NVXWZ-gSyk9wrFrtNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/XLh078K0_kwJn0UcFoBb4nvy61Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/BYnuMD_30NVXWZ-gSyk9wrFrtNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:71:f4:13:72:9e:84:61:b3:22:9d:b3:aa:30:33:f3:d0:b7:
         f5:45:8c:c9:09:2e:c2:1b:e7:06:17:94:d3:7a:42:cf:cc:85:
         b9:9c:b6:e0:ec:14:ab:b1:a7:b6:cb:99:5e:5e:bf:ef:db:86:
         a3:c0:47:1c:15:b8:01:56:5b:33:d4:dd:07:26:6c:e0:14:a5:
         54:61:0c:df:45:fe:57:42:36:4e:1c:b5:3e:a7:ec:ac:59:c3:
         9e:32:85:35:23:bd:df:1e:e8:3c:49:5f:72:39:49:c8:36:44:
         f4:8f:5a:1a:d7:4e:cc:7b:5c:c7:4a:3f:66:e9:4b:10:5e:a3:
         b5:4e:1b:53:13:97:b7:bf:8f:7c:2f:4a:db:01:8e:84:f1:65:
         70:a2:4f:e4:8b:f9:66:e9:26:67:84:e0:bc:25:7b:54:3e:96:
         8a:53:3f:6a:77:97:d9:6a:e5:e7:da:fa:f4:1e:67:33:2d:66:
         ba:dc:cc:cc:44:7c:51:64:05:60:94:4d:1f:7b:8b:ff:e1:ac:
         30:d9:99:b5:14:37:bb:61:55:c4:79:c8:b3:ab:22:3c:23:5d:
         45:03:a9:64:8a:19:ff:5b:33:19:36:de:fe:3f:47:ce:f8:d0:
         e3:20:ce:24:8b:5c:1c:43:f3:7c:48:27:12:b6:81:db:08:26:
         d8:7b:57:61
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7/rgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTg5ZWUzMDNmZjdkMGQ1NTc1OTlmYTA0YjI5M2RjMmIxNmJiNGQ0MB4XDTIyMDEw
MTA3MDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNiODc0ZWZjMmI0
ZmU0YzA5OWY0NTFjMTY4MDViZTI3YmYyZWI1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+7lipYI1LsRM7wNhXeUPg/2nbfSx8lxI1dBe7LbAbh3Ifj
QJs+m4jTm3awFqz3jqFMTgeBP2YIgRQNrkiHFQ+ya4L1fd/8DFcLSpij3DGbOi1H
lQNlAbEaYZAcKqfYSx67pLDDSYIP60O19BzgleXwm41O+2Mx1DLXy5aRVj13Mbm6
l5DaSFDN1tQ/YU2HHaDrz5U/T8++Tz4Q4bjKWxTLvehcqdVvCs1wG2uIeQmW+BRq
Xtkt+2sflL76ACNTb6es3/M1nkMuCWmgF4zNwBLTWp4BEK72dhfYNIBC7Ss98BAS
/VTgAnadGxqLae2HP0l79P5HB6Ij+WHMDp08M98CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRcuHTvwrT+TAmfRRwWgFvie/LrVDAfBgNVHSMEGDAWgBQFie4wP/fQ1VdZ
n6BLKT3CsWu01DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JZbnVNRF8zME5WWFdaLWdTeWs5d3JGcnROUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvNGUxOThlLTJmNjEtNDZmMy1iNWY2LTA2ZDZlOTQ3ZTM4Zi8x
L1hMaDA3OEswX2t3Sm4wVWNGb0JiNG52eTYxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
NGUxOThlLTJmNjEtNDZmMy1iNWY2LTA2ZDZlOTQ3ZTM4Zi8xL0JZbnVNRF8zME5W
WFdaLWdTeWs5d3JGcnROUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2EkzANBgkqhkiG9w0BAQsFAAOC
AQEANHH0E3KehGGzIp2zqjAz89C39UWMyQkuwhvnBheU03pCz8yFuZy24OwUq7Gn
tsuZXl6/79uGo8BHHBW4AVZbM9TdByZs4BSlVGEM30X+V0I2Thy1PqfsrFnDnjKF
NSO93x7oPElfcjlJyDZE9I9aGtdOzHtcx0o/ZulLEF6jtU4bUxOXt7+PfC9K2wGO
hPFlcKJP5Iv5ZukmZ4TgvCV7VD6WilM/aneX2Wrl59r69B5nMy1mutzMzER8UWQF
YJRNH3uL/+GsMNmZtRQ3u2FVxHnIs6siPCNdRQOpZIoZ/1szGTbe/j9HzvjQ4yDO
JItcHEPzfEgnEraB2wgm2HtXYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:34 2024 by rpki-client on console-fra.rpki-client.org