Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lYdZ3YKDzCcpWjnLxwWKCTMhL-c.roa
File:                     lYdZ3YKDzCcpWjnLxwWKCTMhL-c.roa (raw, json)
Hash identifier:          HfqGfMWjMcTov+GS+KyUiu8JNxQWRpOiFRbifuCZCp8=
Subject key identifier:   95:87:59:DD:82:83:CC:27:29:5A:39:CB:C7:05:8A:09:33:21:2F:E7
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       19EF7BE2
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lYdZ3YKDzCcpWjnLxwWKCTMhL-c.roa
Signing time:             Sat 01 Jan 2022 15:56:55 +0000
ROA not before:           Sat 01 Jan 2022 15:56:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210979
IP address blocks:        45.94.28.0/23 maxlen: 23
                          45.148.26.0/24 maxlen: 24
                          45.132.192.0/24 maxlen: 24
                          45.88.247.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 435125218 (0x19ef7be2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 15:56:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=958759dd8283cc27295a39cbc7058a0933212fe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:7b:f1:8d:96:d9:49:49:6e:03:2a:ca:fd:83:
                    d1:2d:58:40:eb:d9:11:a7:37:aa:62:6d:51:9c:ae:
                    5a:46:ce:96:e0:41:b8:74:51:df:a5:79:6e:0d:c6:
                    55:97:96:3b:ba:1e:a7:de:1d:86:00:6b:2b:5d:03:
                    a9:c9:5b:3c:3c:c0:e5:b4:68:83:92:c5:b5:31:31:
                    85:e7:46:25:82:d2:57:c7:e1:91:3a:ca:ea:b5:2e:
                    f5:dd:d1:51:bf:e9:66:db:a3:b7:e9:a1:12:4d:33:
                    17:f8:ca:9a:da:c6:b8:13:b4:53:14:e8:75:5e:35:
                    8e:89:93:c1:6b:bc:d9:32:81:fa:9f:84:35:d9:13:
                    30:9a:98:06:46:aa:a6:d9:e4:41:d7:42:58:42:cd:
                    64:c5:dc:9c:c3:cd:14:3d:d7:f5:d6:a4:41:fc:95:
                    99:f5:e6:d1:15:d7:56:9b:28:e6:82:25:18:34:bc:
                    94:eb:bc:74:fd:4f:c4:2f:81:34:4c:76:8e:a6:20:
                    d7:13:98:20:ae:f6:d0:6e:2f:48:45:a9:6d:e9:b5:
                    c1:04:13:ef:0f:3b:89:67:b9:ac:c1:e0:27:39:a8:
                    46:26:1c:dd:b5:40:ad:45:25:8c:b4:e0:89:7f:79:
                    ae:61:53:a5:e5:ed:5b:be:02:37:36:10:c2:b1:13:
                    5a:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:87:59:DD:82:83:CC:27:29:5A:39:CB:C7:05:8A:09:33:21:2F:E7
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lYdZ3YKDzCcpWjnLxwWKCTMhL-c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.247.0/24
                  45.94.28.0/23
                  45.132.192.0/24
                  45.148.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:31:9b:eb:bf:55:a9:b0:61:96:97:37:0a:c8:1d:c0:39:ee:
         58:93:20:0d:51:81:4f:af:70:49:c5:36:f9:63:27:79:b6:a1:
         b6:0a:fc:ed:fd:d6:62:cc:64:95:4c:31:4a:d9:8b:52:06:08:
         7f:06:a7:ba:3c:32:90:8e:e1:89:22:0f:31:63:3a:48:5e:c4:
         6a:e4:33:15:e9:4d:48:c2:38:04:47:96:c0:b9:31:da:5e:8e:
         0d:f6:91:c3:64:36:43:4f:30:2b:04:6f:d8:ab:32:cb:8f:af:
         37:51:e1:c9:33:bf:f2:8a:a0:5f:ba:af:8d:7c:86:b5:14:33:
         9e:9d:de:a9:7b:9f:6c:22:b0:dd:71:c5:6b:c9:98:be:63:bf:
         66:ac:35:e7:b8:f1:9b:0f:79:bc:e2:f0:f1:81:44:4d:d6:97:
         fd:4a:05:33:32:86:94:08:82:72:8c:14:7d:e7:55:b6:5d:57:
         56:6e:4e:3a:9b:48:38:e5:44:be:e4:f3:07:b2:68:b1:75:f1:
         1d:c6:12:d6:8c:8c:73:47:4b:22:89:57:7a:3d:a3:54:39:53:
         b8:64:28:1c:d3:48:06:f7:55:95:56:16:5e:3c:b0:1c:84:86:
         43:21:0b:8c:2e:45:9f:c0:ad:71:d0:58:27:37:a8:5b:3b:64:
         72:6b:ff:c5
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEGe974jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
MTE1NTY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU4NzU5ZGQ4Mjgz
Y2MyNzI5NWEzOWNiYzcwNThhMDkzMzIxMmZlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANd78Y2W2UlJbgMqyv2D0S1YQOvZEac3qmJtUZyuWkbOluBB
uHRR36V5bg3GVZeWO7oep94dhgBrK10DqclbPDzA5bRog5LFtTExhedGJYLSV8fh
kTrK6rUu9d3RUb/pZtujt+mhEk0zF/jKmtrGuBO0UxTodV41jomTwWu82TKB+p+E
NdkTMJqYBkaqptnkQddCWELNZMXcnMPNFD3X9dakQfyVmfXm0RXXVpso5oIlGDS8
lOu8dP1PxC+BNEx2jqYg1xOYIK720G4vSEWpbem1wQQT7w87iWe5rMHgJzmoRiYc
3bVArUUljLTgiX95rmFTpeXtW74CNzYQwrETWvECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSVh1ndgoPMJylaOcvHBYoJMyEv5zAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L2xZZFozWUtEekNjcFdqbkx4d1dLQ1RNaEwtYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC1Y9wMEAS1eHAMEAC2EwAMEAC2U
GjANBgkqhkiG9w0BAQsFAAOCAQEAmjGb679VqbBhlpc3CsgdwDnuWJMgDVGBT69w
ScU2+WMnebahtgr87f3WYsxklUwxStmLUgYIfwanujwykI7hiSIPMWM6SF7EauQz
FelNSMI4BEeWwLkx2l6ODfaRw2Q2Q08wKwRv2Ksyy4+vN1HhyTO/8oqgX7qvjXyG
tRQznp3eqXufbCKw3XHFa8mYvmO/Zqw157jxmw95vOLw8YFETdaX/UoFMzKGlAiC
cowUfedVtl1XVm5OOptIOOVEvuTzB7JosXXxHcYS1oyMc0dLIolXej2jVDlTuGQo
HNNIBvdVlVYWXjywHISGQyELjC5Fn8CtcdBYJzeoWztkcmv/xQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org