Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_XYTBbj0ZQyXwOSj_EyXbhTRkZg.roa
File:                     _XYTBbj0ZQyXwOSj_EyXbhTRkZg.roa (raw, json)
Hash identifier:          msXT46DUSD1XIdagRldHaZDWnYiEX8tY13sEI7/ZaXk=
Subject key identifier:   FD:76:13:05:B8:F4:65:0C:97:C0:E4:A3:FC:4C:97:6E:14:D1:91:98
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       1B08520C
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_XYTBbj0ZQyXwOSj_EyXbhTRkZg.roa
Signing time:             Thu 14 Apr 2022 08:23:40 +0000
ROA not before:           Thu 14 Apr 2022 08:23:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     36351
IP address blocks:        45.128.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 453530124 (0x1b08520c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Apr 14 08:23:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fd761305b8f4650c97c0e4a3fc4c976e14d19198
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:70:9a:10:66:ca:84:0d:83:82:a2:f2:cc:10:
                    5e:06:4d:48:a5:91:18:c1:e9:80:08:b3:04:81:22:
                    b5:4d:c1:95:14:19:68:43:0b:6a:cd:98:ff:92:51:
                    09:11:3c:97:3e:63:5a:b6:bb:d1:09:f3:ed:d9:69:
                    73:1b:b4:8f:71:c7:4b:e0:42:17:0d:4e:9a:63:14:
                    98:d8:46:ff:d2:61:b8:24:4e:7d:b6:10:2b:5b:25:
                    7c:4d:0b:41:0d:e5:b8:b5:9f:4d:f7:5c:b5:ff:0a:
                    57:66:2c:f4:a6:a7:a7:f1:e7:f1:50:9a:7f:0b:e8:
                    03:b6:33:89:d6:10:34:ac:6b:ee:63:e2:91:a9:7e:
                    e9:61:4d:57:dd:55:21:f7:16:56:39:eb:d4:b6:f4:
                    2f:f1:32:84:d1:6c:ad:03:bc:c8:ae:4f:a7:5b:fd:
                    25:aa:cd:bb:32:ef:ba:4d:3c:b9:99:ce:77:c7:b8:
                    5f:07:37:45:34:45:d7:84:6d:09:75:2b:2b:5f:db:
                    4e:4d:49:05:aa:0b:d6:11:dc:08:c6:6f:1c:91:68:
                    97:67:26:ef:74:f3:f2:8b:ef:93:1b:3d:10:f8:28:
                    0b:66:26:17:ae:47:32:fa:d2:0a:a0:60:0d:42:ce:
                    79:10:1a:55:2c:c1:2b:3f:e6:ad:fb:8a:d9:4a:27:
                    56:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:76:13:05:B8:F4:65:0C:97:C0:E4:A3:FC:4C:97:6E:14:D1:91:98
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_XYTBbj0ZQyXwOSj_EyXbhTRkZg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:07:6c:c0:51:2a:0b:0d:0d:75:8d:b1:fd:64:c5:84:c1:3f:
         97:04:9e:29:39:9a:8c:51:a5:d5:68:4f:ec:e8:12:34:c3:5b:
         1f:ee:9d:6a:2a:23:0e:db:12:b9:23:65:04:a1:c5:4a:93:3b:
         d1:2f:30:38:2c:48:ec:68:d2:e3:5d:40:2f:e2:7c:c1:e8:18:
         01:76:5e:8c:75:df:1c:be:ae:46:f9:53:2f:50:8a:89:ef:c5:
         11:f4:77:ac:c8:61:ff:84:8a:88:0f:3c:17:d3:41:2d:41:c9:
         b6:45:ce:3c:b1:60:37:0b:25:dd:a9:dc:03:55:f5:79:3f:3a:
         f4:c8:0b:89:06:a1:ea:0c:ee:0e:f6:9b:76:41:60:73:e2:c3:
         e0:f9:be:d2:b8:d5:37:cb:2f:b4:a8:85:14:54:41:52:4a:61:
         0f:50:79:5e:be:a0:f3:8f:3e:2a:53:a8:83:e2:89:81:5a:ec:
         54:8f:e9:9b:7f:ac:34:6e:71:9f:8c:c2:c1:b7:74:da:88:96:
         68:c4:fe:41:1c:d2:05:34:db:26:9b:26:79:f6:2f:eb:65:40:
         27:ea:91:f7:53:bc:8b:f9:74:2b:e0:f2:f6:80:08:16:c5:39:
         f1:fa:ae:18:f4:37:8d:6d:4c:45:97:11:4c:50:a5:0a:eb:86:
         6c:89:b3:14
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGwhSDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDQx
NDA4MjM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQ3NjEzMDViOGY0
NjUwYzk3YzBlNGEzZmM0Yzk3NmUxNGQxOTE5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5wmhBmyoQNg4Ki8swQXgZNSKWRGMHpgAizBIEitU3BlRQZ
aEMLas2Y/5JRCRE8lz5jWra70Qnz7dlpcxu0j3HHS+BCFw1OmmMUmNhG/9JhuCRO
fbYQK1slfE0LQQ3luLWfTfdctf8KV2Ys9Kanp/Hn8VCafwvoA7YzidYQNKxr7mPi
kal+6WFNV91VIfcWVjnr1Lb0L/EyhNFsrQO8yK5Pp1v9JarNuzLvuk08uZnOd8e4
Xwc3RTRF14RtCXUrK1/bTk1JBaoL1hHcCMZvHJFol2cm73Tz8ovvkxs9EPgoC2Ym
F65HMvrSCqBgDULOeRAaVSzBKz/mrfuK2UonVjsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT9dhMFuPRlDJfA5KP8TJduFNGRmDAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L19YWVRCYmowWlF5WHdPU2pfRXlYYmhUUmtaZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2AxjANBgkqhkiG9w0BAQsFAAOC
AQEAIgdswFEqCw0NdY2x/WTFhME/lwSeKTmajFGl1WhP7OgSNMNbH+6daiojDtsS
uSNlBKHFSpM70S8wOCxI7GjS411AL+J8wegYAXZejHXfHL6uRvlTL1CKie/FEfR3
rMhh/4SKiA88F9NBLUHJtkXOPLFgNwsl3ancA1X1eT869MgLiQah6gzuDvabdkFg
c+LD4Pm+0rjVN8svtKiFFFRBUkphD1B5Xr6g848+KlOog+KJgVrsVI/pm3+sNG5x
n4zCwbd02oiWaMT+QRzSBTTbJpsmefYv62VAJ+qR91O8i/l0K+Dy9oAIFsU58fqu
GPQ3jW1MRZcRTFClCuuGbImzFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org