Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XGLo2KVQEqk3BHKStf_-EG0RzVw.roa
File:                     XGLo2KVQEqk3BHKStf_-EG0RzVw.roa (raw, json)
Hash identifier:          nXXksTeAJa/67UpWjltkV0Zc5yAfjEU4CjHYV/AUk70=
Subject key identifier:   5C:62:E8:D8:A5:50:12:A9:37:04:72:92:B5:FF:FE:10:6D:11:CD:5C
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       1AA765F8
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XGLo2KVQEqk3BHKStf_-EG0RzVw.roa
Signing time:             Wed 09 Mar 2022 13:20:59 +0000
ROA not before:           Wed 09 Mar 2022 13:20:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209242
IP address blocks:        45.95.241.0/24 maxlen: 24
                          45.131.208.0/22 maxlen: 22
                          45.131.4.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 447178232 (0x1aa765f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Mar  9 13:20:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5c62e8d8a55012a937047292b5fffe106d11cd5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:af:a0:9a:db:7f:ee:e8:25:58:34:12:b5:fc:
                    4d:30:af:fc:80:35:a4:a0:41:18:9a:db:46:04:3b:
                    65:ee:c9:5d:26:0f:03:6e:7d:2f:1a:6e:ba:1f:53:
                    59:32:ac:88:0d:a4:c7:25:1c:5d:87:35:bb:69:f8:
                    3d:e4:d3:76:93:b8:f3:5e:71:1b:15:cd:d4:1c:76:
                    7a:be:5d:87:a8:5a:e8:67:50:8b:0a:77:61:2d:0c:
                    33:51:4e:db:58:0e:b3:c9:aa:50:ab:04:c8:04:51:
                    b9:1b:4a:d8:48:22:7f:8d:40:cb:eb:33:d8:17:08:
                    7f:bb:15:4d:56:e0:ae:ce:c7:51:59:c6:dd:c3:a8:
                    4b:07:43:1a:f8:09:11:fb:0a:16:7d:99:5d:b6:9b:
                    f3:dd:c1:91:4d:3b:52:71:2f:3e:ed:14:1c:a3:b4:
                    19:c9:ca:44:a5:d6:3a:92:13:10:05:27:97:84:a1:
                    7c:d5:52:dd:b9:f3:e4:fd:41:41:36:c2:cb:b5:40:
                    ae:b3:69:f1:42:2c:6b:43:11:a9:5f:9b:67:fd:8b:
                    84:53:64:75:d7:01:25:34:05:e7:68:a4:0d:ad:ce:
                    a7:5a:7a:18:e9:88:9a:37:24:89:02:ed:94:82:9f:
                    f9:1a:c0:ac:35:08:06:5d:9f:b3:27:e0:91:55:29:
                    4e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:62:E8:D8:A5:50:12:A9:37:04:72:92:B5:FF:FE:10:6D:11:CD:5C
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XGLo2KVQEqk3BHKStf_-EG0RzVw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.241.0/24
                  45.131.4.0/22
                  45.131.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:30:be:21:9f:97:ca:13:f9:3e:36:26:f0:d7:c4:52:e6:61:
         2f:76:3d:bc:4a:42:5d:1c:6f:d9:c8:15:6c:37:e2:0d:d6:9d:
         c6:f0:f0:a9:f9:db:6c:64:fe:9c:59:db:b2:38:87:7a:7b:c4:
         4d:1c:35:28:36:e2:9e:f3:ac:c8:14:9b:89:e1:3a:9f:0d:05:
         09:80:0b:fb:88:80:60:b1:0f:85:d0:8a:a0:4b:be:18:73:45:
         80:4a:1e:be:0a:50:02:a8:3c:f6:ea:4d:89:6d:94:92:4c:cc:
         8b:ab:b6:7c:8d:50:a2:f3:39:6a:34:02:ec:86:0a:b3:d9:a6:
         99:77:21:3b:0f:3e:43:11:ea:43:f6:5f:43:85:98:9b:62:7e:
         bd:28:6b:10:7c:14:57:b4:a3:d0:6f:df:8d:71:5c:19:f9:da:
         8b:3f:38:c8:dd:13:c1:cf:c9:f8:2e:db:0e:2f:fa:ec:fa:3c:
         32:9a:ca:a8:ec:99:97:57:c3:e4:77:21:c0:5a:90:1c:53:2a:
         46:50:76:29:4a:db:8a:1f:71:3e:f4:e8:02:cd:ba:9c:5a:14:
         92:96:bf:dd:1a:e3:60:d1:67:bf:7c:fb:89:9a:fd:c7:84:1c:
         a1:1c:9e:c6:46:5d:3c:03:a9:84:06:60:dd:d8:e7:55:77:6f:
         44:50:44:7c
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEGqdl+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDMw
OTEzMjA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM2MmU4ZDhhNTUw
MTJhOTM3MDQ3MjkyYjVmZmZlMTA2ZDExY2Q1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOSvoJrbf+7oJVg0ErX8TTCv/IA1pKBBGJrbRgQ7Ze7JXSYP
A259Lxpuuh9TWTKsiA2kxyUcXYc1u2n4PeTTdpO4815xGxXN1Bx2er5dh6ha6GdQ
iwp3YS0MM1FO21gOs8mqUKsEyARRuRtK2Egif41Ay+sz2BcIf7sVTVbgrs7HUVnG
3cOoSwdDGvgJEfsKFn2ZXbab893BkU07UnEvPu0UHKO0GcnKRKXWOpITEAUnl4Sh
fNVS3bnz5P1BQTbCy7VArrNp8UIsa0MRqV+bZ/2LhFNkddcBJTQF52ikDa3Op1p6
GOmImjckiQLtlIKf+RrArDUIBl2fsyfgkVUpTjECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRcYujYpVASqTcEcpK1//4QbRHNXDAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L1hHTG8yS1ZRRXFrM0JIS1N0Zl8tRUcwUnpWdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC1f8QMEAi2DBAMEAi2D0DANBgkq
hkiG9w0BAQsFAAOCAQEAHTC+IZ+XyhP5PjYm8NfEUuZhL3Y9vEpCXRxv2cgVbDfi
DdadxvDwqfnbbGT+nFnbsjiHenvETRw1KDbinvOsyBSbieE6nw0FCYAL+4iAYLEP
hdCKoEu+GHNFgEoevgpQAqg89upNiW2UkkzMi6u2fI1QovM5ajQC7IYKs9mmmXch
Ow8+QxHqQ/ZfQ4WYm2J+vShrEHwUV7Sj0G/fjXFcGfnaiz84yN0Twc/J+C7bDi/6
7Po8MprKqOyZl1fD5HchwFqQHFMqRlB2KUrbih9xPvToAs26nFoUkpa/3RrjYNFn
v3z7iZr9x4QcoRyexkZdPAOphAZg3djnVXdvRFBEfA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org