Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/hAysrlgKVVqMYFUNy-bEDeWSZ84.roa
File:                     hAysrlgKVVqMYFUNy-bEDeWSZ84.roa (raw, json)
Hash identifier:          PIy3LEmR9AZGufNulR9zmfqM9rniFhCki5PFUs15Y8M=
Subject key identifier:   84:0C:AC:AE:58:0A:55:5A:8C:60:55:0D:CB:E6:C4:0D:E5:92:67:CE
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       19D853AC
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/hAysrlgKVVqMYFUNy-bEDeWSZ84.roa
Signing time:             Sat 01 Jan 2022 15:56:42 +0000
ROA not before:           Sat 01 Jan 2022 15:56:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     36351
IP address blocks:        45.85.91.0/24 maxlen: 24
                          45.128.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 433607596 (0x19d853ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 15:56:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=840cacae580a555a8c60550dcbe6c40de59267ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:60:21:42:7a:09:77:41:81:4a:98:75:be:b1:
                    08:6e:13:72:25:39:c2:91:9c:8b:f6:73:84:68:39:
                    32:e0:6b:bc:db:d6:b3:a5:ec:f5:c5:60:78:24:6e:
                    a0:b0:e6:9e:18:8d:0c:f6:5c:7a:04:59:fb:a5:c4:
                    21:ac:d2:33:bc:c7:ed:1b:f3:c6:d3:62:30:63:0d:
                    4f:88:cb:6a:31:bb:54:b2:79:cf:29:d1:29:d4:f4:
                    ab:6d:f3:03:26:56:fe:61:57:b4:ef:37:d3:9b:03:
                    69:d1:fe:09:0e:38:f1:e0:00:87:83:bb:f5:48:55:
                    9f:5a:be:81:98:85:6c:5f:70:71:60:ee:56:70:ad:
                    a0:cd:ab:8d:0f:21:34:25:bf:8f:e5:c3:e4:76:34:
                    bb:b9:ae:56:2f:d0:1e:23:d6:a7:99:e0:d4:dc:d7:
                    95:4a:25:84:94:61:58:0c:73:cf:99:d8:fd:ff:09:
                    ef:b4:84:60:91:60:10:8c:e6:84:b0:fc:ec:75:23:
                    ba:23:f9:a8:fa:5b:b8:03:92:ce:6d:61:89:c3:3d:
                    24:e6:91:cc:46:11:46:7c:43:32:55:0f:32:54:4f:
                    06:57:6a:e1:d9:66:5c:d5:86:aa:60:dd:18:15:7c:
                    b7:a8:db:7c:7e:86:64:c4:a8:2e:9b:3c:a9:12:45:
                    ee:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:0C:AC:AE:58:0A:55:5A:8C:60:55:0D:CB:E6:C4:0D:E5:92:67:CE
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/hAysrlgKVVqMYFUNy-bEDeWSZ84.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.91.0/24
                  45.128.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:f4:0d:61:1f:7c:c6:fa:f6:b6:b3:84:22:b0:83:83:dd:1a:
         a5:be:b3:66:39:85:6b:3c:2c:dc:fc:ab:44:7d:79:93:6d:29:
         f0:aa:18:b7:0d:25:72:df:83:f5:27:6d:24:a2:da:99:28:6a:
         b3:16:e8:8e:27:8a:9d:32:35:22:a9:15:10:15:b2:4c:54:fc:
         97:05:54:0f:92:f4:4b:1b:f5:2f:2a:27:6a:d7:cc:a0:85:f7:
         01:d2:c5:ba:ca:47:83:47:d3:7b:94:ca:61:31:fd:db:81:87:
         87:e8:88:e8:1c:22:3f:42:60:f0:e5:62:4d:dd:6b:56:e5:21:
         21:9e:2b:30:d6:eb:e5:08:3c:42:24:21:ea:28:8f:37:f0:61:
         7a:28:bf:f9:5c:c8:cb:7b:55:60:53:d5:69:95:20:2b:19:ea:
         e5:ab:76:d7:04:87:2d:da:1f:93:38:4d:98:23:4f:e1:d8:5c:
         5b:92:d6:cf:43:c8:0f:5b:d4:48:ee:4d:a9:69:4c:37:9a:ad:
         82:a8:9f:e8:87:28:c2:42:89:c9:d4:38:99:1e:b7:25:00:a2:
         40:d2:b9:a5:10:87:7f:e7:b7:f4:8c:67:40:72:d1:4e:54:b0:
         7a:7d:b4:11:b3:9f:03:17:5e:57:af:36:72:f0:c3:f3:9f:a2:
         3a:08:c0:82
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGdhTrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
MTE1NTY0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQwY2FjYWU1ODBh
NTU1YThjNjA1NTBkY2JlNmM0MGRlNTkyNjdjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJlgIUJ6CXdBgUqYdb6xCG4TciU5wpGci/ZzhGg5MuBrvNvW
s6Xs9cVgeCRuoLDmnhiNDPZcegRZ+6XEIazSM7zH7RvzxtNiMGMNT4jLajG7VLJ5
zynRKdT0q23zAyZW/mFXtO8305sDadH+CQ448eAAh4O79UhVn1q+gZiFbF9wcWDu
VnCtoM2rjQ8hNCW/j+XD5HY0u7muVi/QHiPWp5ng1NzXlUolhJRhWAxzz5nY/f8J
77SEYJFgEIzmhLD87HUjuiP5qPpbuAOSzm1hicM9JOaRzEYRRnxDMlUPMlRPBldq
4dlmXNWGqmDdGBV8t6jbfH6GZMSoLps8qRJF7qMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSEDKyuWApVWoxgVQ3L5sQN5ZJnzjAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L2hBeXNybGdLVlZxTVlGVU55LWJFRGVXU1o4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC1VWwMEAC2AxjANBgkqhkiG9w0B
AQsFAAOCAQEAjPQNYR98xvr2trOEIrCDg90apb6zZjmFazws3PyrRH15k20p8KoY
tw0lct+D9SdtJKLamShqsxbojieKnTI1IqkVEBWyTFT8lwVUD5L0Sxv1LyonatfM
oIX3AdLFuspHg0fTe5TKYTH924GHh+iI6BwiP0Jg8OViTd1rVuUhIZ4rMNbr5Qg8
QiQh6iiPN/Bheii/+VzIy3tVYFPVaZUgKxnq5at21wSHLdofkzhNmCNP4dhcW5LW
z0PID1vUSO5NqWlMN5qtgqif6IcowkKJydQ4mR63JQCiQNK5pRCHf+e39IxnQHLR
TlSwen20EbOfAxdeV682cvDD85+iOgjAgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org