Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/nYnRxIHqSscqIbhfPqkcq-lMGo0.roa
File:                     nYnRxIHqSscqIbhfPqkcq-lMGo0.roa (raw, json)
Hash identifier:          y+Fy6G66Yc42/qtxlKWC7KpHe7GIV2oVKZSURj4Ws8E=
Subject key identifier:   9D:89:D1:C4:81:EA:4A:C7:2A:21:B8:5F:3E:A9:1C:AB:E9:4C:1A:8D
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01841E088252294AC8C343794C32B7D0D2FF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/nYnRxIHqSscqIbhfPqkcq-lMGo0.roa
Signing time:             Fri 28 Oct 2022 09:59:44 +0000
ROA not before:           Fri 28 Oct 2022 09:59:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56309
IP address blocks:        45.144.164.0/22 maxlen: 24
                          45.136.252.0/22 maxlen: 22
                          45.91.133.0/24 maxlen: 24
                          45.91.134.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:1e:08:82:52:29:4a:c8:c3:43:79:4c:32:b7:d0:d2:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Oct 28 09:59:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9d89d1c481ea4ac72a21b85f3ea91cabe94c1a8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:26:dd:ee:eb:8a:f4:1e:ef:90:8f:5c:31:e0:
                    bb:72:ff:10:ca:ad:e4:16:b3:85:15:71:56:9e:51:
                    8c:10:0c:52:d5:1b:2f:8f:3b:80:37:9d:a0:ea:09:
                    1f:d4:13:9f:c6:a2:2f:2b:4b:1a:63:b5:67:be:9d:
                    58:50:97:e6:64:49:80:a5:92:34:c3:8c:ec:97:d7:
                    26:fa:26:99:5e:a2:54:40:6b:cb:05:3c:0c:d4:7e:
                    87:0c:51:ef:2c:a8:09:db:81:fe:b3:77:93:32:93:
                    c5:98:bc:ef:3c:4b:4f:a3:f9:79:a9:4e:74:a7:88:
                    62:fb:b6:44:73:3e:5e:08:9f:9f:66:2b:ff:c3:14:
                    bc:9d:ad:fe:e1:08:7b:87:be:1f:6e:94:1b:73:ba:
                    fb:b6:36:01:22:cd:88:98:b5:11:d4:a8:b7:d2:ae:
                    66:43:80:c5:4f:9f:9c:a4:cc:37:23:b7:6b:d4:74:
                    b0:c0:74:5b:1a:47:0b:a7:df:25:2b:bf:26:d2:76:
                    bf:94:c6:c5:c2:d8:af:a1:49:fb:70:94:bc:d8:48:
                    b9:90:21:32:ab:d3:7d:61:78:f5:b7:6f:b4:98:1a:
                    37:3e:b7:8b:bf:f5:b4:7f:7f:ce:22:ae:80:b7:27:
                    85:6f:a6:44:bd:c6:a1:54:f9:ec:0d:c5:67:cd:86:
                    8a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:89:D1:C4:81:EA:4A:C7:2A:21:B8:5F:3E:A9:1C:AB:E9:4C:1A:8D
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/nYnRxIHqSscqIbhfPqkcq-lMGo0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.133.0-45.91.135.255
                  45.136.252.0/22
                  45.144.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:bc:93:dd:8a:8a:db:18:48:d1:40:b2:d0:7a:99:ab:33:3f:
         13:74:5c:c4:54:ea:00:6b:6d:40:a3:1f:4f:93:3e:3c:96:a0:
         73:f9:3c:d6:78:d6:70:aa:99:9d:1f:d3:ac:aa:89:49:8c:88:
         6e:35:15:ca:51:f8:26:c9:df:0c:78:83:5c:e9:bc:a6:77:d0:
         e0:42:2d:c2:f4:30:6f:1d:6b:18:1b:86:0a:87:31:7e:33:c7:
         b5:88:73:e5:8d:49:63:e1:de:ff:5b:e1:36:da:da:da:e8:7a:
         86:7f:05:4a:ec:81:04:43:ab:4f:5e:d7:1b:54:12:e6:9b:40:
         6f:9c:ee:da:4e:c7:65:ab:5d:4e:02:c5:ed:5c:88:f0:eb:bb:
         ec:68:9b:62:81:74:d6:3d:01:a3:b8:13:d4:12:fc:e5:d4:92:
         4e:18:95:59:47:0d:76:76:ea:cd:05:ee:21:a4:c4:86:4d:a4:
         07:38:82:99:07:03:c9:6f:7a:b4:fb:5b:83:f5:cb:23:6d:32:
         e3:0c:07:b0:78:83:e4:7d:85:14:40:5d:0b:02:6b:b4:e3:c1:
         26:96:14:78:73:c8:96:4d:16:bd:a5:72:f1:75:b6:76:49:96:
         7f:ff:f7:1c:8d:9e:a2:0e:c5:63:29:dc:d7:da:d0:d0:b1:f9:
         0d:e2:08:fc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYQeCIJSKUrIw0N5TDK30NL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIxMDI4MDk1OTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg5ZDFjNDgxZWE0YWM3MmEyMWI4NWYzZWE5MWNhYmU5NGMxYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwibd7uuK9B7vkI9cMeC7cv8Qyq3k
FrOFFXFWnlGMEAxS1RsvjzuAN52g6gkf1BOfxqIvK0saY7Vnvp1YUJfmZEmApZI0
w4zsl9cm+iaZXqJUQGvLBTwM1H6HDFHvLKgJ24H+s3eTMpPFmLzvPEtPo/l5qU50
p4hi+7ZEcz5eCJ+fZiv/wxS8na3+4Qh7h74fbpQbc7r7tjYBIs2ImLUR1Ki30q5m
Q4DFT5+cpMw3I7dr1HSwwHRbGkcLp98lK78m0na/lMbFwtivoUn7cJS82Ei5kCEy
q9N9YXj1t2+0mBo3PreLv/W0f3/OIq6AtyeFb6ZEvcahVPnsDcVnzYaK/QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJ2J0cSB6krHKiG4Xz6pHKvpTBqNMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvblluUnhJSHFTc2NxSWJoZlBxa2NxLWxNR28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtW4UD
BAMtW4ADBAItiPwDBAItkKQwDQYJKoZIhvcNAQELBQADggEBABu8k92KitsYSNFA
stB6maszPxN0XMRU6gBrbUCjH0+TPjyWoHP5PNZ41nCqmZ0f06yqiUmMiG41FcpR
+CbJ3wx4g1zpvKZ30OBCLcL0MG8daxgbhgqHMX4zx7WIc+WNSWPh3v9b4Tba2tro
eoZ/BUrsgQRDq09e1xtUEuabQG+c7tpOx2WrXU4Cxe1ciPDru+xom2KBdNY9AaO4
E9QS/OXUkk4YlVlHDXZ26s0F7iGkxIZNpAc4gpkHA8lverT7W4P1yyNtMuMMB7B4
g+R9hRRAXQsCa7TjwSaWFHhzyJZNFr2lcvF1tnZJln//9xyNnqIOxWMp3Nfa0NCx
+Q3iCPw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org