Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pvYZhvuh-HoLKcD2Yd-znR75_6Q.roa
File:                     pvYZhvuh-HoLKcD2Yd-znR75_6Q.roa (raw, json)
Hash identifier:          YPhzgPlE9Sldfpp/UHXhRAZrTktl4TDtpBrWD+x3N6w=
Subject key identifier:   A6:F6:19:86:FB:A1:F8:7A:0B:29:C0:F6:61:DF:B3:9D:1E:F9:FF:A4
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       0183F95AF97C439B15BEED60AC24E471D4B0
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pvYZhvuh-HoLKcD2Yd-znR75_6Q.roa
Signing time:             Fri 21 Oct 2022 07:03:52 +0000
ROA not before:           Fri 21 Oct 2022 07:03:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42831
IP address blocks:        45.86.203.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f9:5a:f9:7c:43:9b:15:be:ed:60:ac:24:e4:71:d4:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Oct 21 07:03:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a6f61986fba1f87a0b29c0f661dfb39d1ef9ffa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:59:ec:0e:64:26:30:32:52:4e:53:aa:c9:b7:
                    68:ab:ec:02:c2:f6:43:43:62:15:b8:52:3d:72:45:
                    78:90:b5:a8:c6:c8:4d:05:04:2f:58:cf:d1:db:97:
                    95:97:b2:73:da:22:96:b6:aa:d9:ce:87:c9:62:23:
                    4c:9c:3a:94:cc:f0:cf:7b:c1:85:ca:b2:2c:9c:7f:
                    7b:bb:fc:9e:dd:a3:f0:50:9b:c2:46:23:be:41:62:
                    af:6e:8c:24:07:7a:78:93:a7:47:bf:8d:8d:82:63:
                    36:21:e9:2d:f6:f0:13:5a:d8:c7:be:96:7c:bf:5b:
                    d2:a4:85:05:97:c0:4f:61:78:72:88:0a:fb:6e:4a:
                    2f:d0:02:69:86:0a:fe:f1:f0:49:c7:2d:3c:bf:0b:
                    70:fa:f8:6e:19:02:60:0e:5d:2e:b4:16:aa:88:95:
                    fb:6c:ac:e9:ce:22:29:3a:38:9b:fc:2d:76:04:95:
                    b4:4e:44:aa:f0:75:b9:cb:4a:c0:3b:71:2c:a8:c5:
                    1d:3d:04:4b:35:92:6d:44:e2:8c:b8:98:09:df:0b:
                    89:25:f6:34:00:ab:b4:18:e4:82:12:be:c6:80:26:
                    48:a5:6b:ad:f0:d9:8b:77:9c:56:31:3b:db:fe:7a:
                    9d:63:19:ca:c4:c0:81:77:b3:05:c6:a8:d5:b6:7d:
                    64:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:F6:19:86:FB:A1:F8:7A:0B:29:C0:F6:61:DF:B3:9D:1E:F9:FF:A4
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pvYZhvuh-HoLKcD2Yd-znR75_6Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:53:45:5d:65:5f:aa:bd:d4:10:17:39:b5:3d:98:26:2f:aa:
         c4:d9:43:fb:a5:7d:4c:29:ea:7c:a1:f6:6d:29:ea:4f:40:50:
         5b:bc:ea:c0:68:e4:8c:b3:5d:ef:9c:f9:25:3c:aa:b5:94:e1:
         81:c5:87:3e:2c:9f:7b:70:7e:55:04:04:65:da:8b:6a:b8:3a:
         99:37:c0:9e:ac:85:86:33:1e:6e:52:70:f1:da:00:55:37:e2:
         33:ba:89:44:fd:13:4e:4f:c3:57:ce:13:77:0c:73:46:81:59:
         78:ba:60:c1:9a:fa:9f:2d:3c:76:c5:de:0f:2f:a6:93:d0:03:
         7f:0a:7d:fe:95:26:d1:47:6a:d6:8e:d1:0c:96:00:56:aa:0f:
         96:d7:83:00:4e:8d:8d:f8:6e:e5:e4:16:1b:7e:0d:77:9f:78:
         7a:d5:c0:6f:1b:cc:bf:83:14:0a:0b:35:e2:44:39:41:c3:df:
         b0:c0:89:d8:ca:df:f7:95:c8:78:8d:25:c8:63:c9:61:a3:41:
         0a:eb:c5:1c:d7:ce:c5:69:c4:9f:dc:03:55:c8:26:6d:f7:95:
         d1:c7:7c:d7:f3:af:3c:e7:0e:47:e2:0b:af:36:61:49:83:56:
         ee:3c:64:de:6b:a6:80:f6:cd:92:41:67:ca:a7:0a:82:12:01:
         cb:0b:06:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP5Wvl8Q5sVvu1grCTkcdSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIxMDIxMDcwMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY2MTk4NmZiYTFmODdhMGIyOWMwZjY2MWRmYjM5ZDFlZjlmZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91nsDmQmMDJSTlOqybdoq+wCwvZD
Q2IVuFI9ckV4kLWoxshNBQQvWM/R25eVl7Jz2iKWtqrZzofJYiNMnDqUzPDPe8GF
yrIsnH97u/ye3aPwUJvCRiO+QWKvbowkB3p4k6dHv42NgmM2Iekt9vATWtjHvpZ8
v1vSpIUFl8BPYXhyiAr7bkov0AJphgr+8fBJxy08vwtw+vhuGQJgDl0utBaqiJX7
bKzpziIpOjib/C12BJW0TkSq8HW5y0rAO3EsqMUdPQRLNZJtROKMuJgJ3wuJJfY0
AKu0GOSCEr7GgCZIpWut8NmLd5xWMTvb/nqdYxnKxMCBd7MFxqjVtn1k1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKb2GYb7ofh6CynA9mHfs50e+f+kMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcHZZWmh2dWgtSG9MS2NEMllkLXpuUjc1XzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVbLMA0G
CSqGSIb3DQEBCwUAA4IBAQCpU0VdZV+qvdQQFzm1PZgmL6rE2UP7pX1MKep8ofZt
KepPQFBbvOrAaOSMs13vnPklPKq1lOGBxYc+LJ97cH5VBARl2otquDqZN8CerIWG
Mx5uUnDx2gBVN+IzuolE/RNOT8NXzhN3DHNGgVl4umDBmvqfLTx2xd4PL6aT0AN/
Cn3+lSbRR2rWjtEMlgBWqg+W14MATo2N+G7l5BYbfg13n3h61cBvG8y/gxQKCzXi
RDlBw9+wwInYyt/3lch4jSXIY8lho0EK68Uc187FacSf3ANVyCZt95XRx3zX8688
5w5H4guvNmFJg1buPGTea6aA9s2SQWfKpwqCEgHLCwYS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org