Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/xw6l2SP_ncnqlDj42SeuF9JtC0U.roa
File:                     xw6l2SP_ncnqlDj42SeuF9JtC0U.roa (raw, json)
Hash identifier:          HCeFyWSr/1wa/KK6vcXKrV7YobWQ/eVnaZn4u9v+xpc=
Subject key identifier:   C7:0E:A5:D9:23:FF:9D:C9:EA:94:38:F8:D9:27:AE:17:D2:6D:0B:45
Certificate issuer:       /CN=cac9804e227eaac9ac09b0821fc07ee2817777b5
Certificate serial:       0120FA1C
Authority key identifier: CA:C9:80:4E:22:7E:AA:C9:AC:09:B0:82:1F:C0:7E:E2:81:77:77:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ysmATiJ-qsmsCbCCH8B-4oF3d7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/xw6l2SP_ncnqlDj42SeuF9JtC0U.roa
Signing time:             Wed 19 Jan 2022 13:53:33 +0000
ROA not before:           Wed 19 Jan 2022 13:53:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        45.91.255.0/24 maxlen: 24
                          193.57.172.0/24 maxlen: 24
                          2a11:5ec0::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18938396 (0x120fa1c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cac9804e227eaac9ac09b0821fc07ee2817777b5
        Validity
            Not Before: Jan 19 13:53:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c70ea5d923ff9dc9ea9438f8d927ae17d26d0b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:3a:26:94:32:39:65:44:d2:bb:75:f3:4e:d9:
                    ea:01:8c:6e:e7:ae:08:14:93:02:65:6c:0f:7c:0f:
                    ba:0b:61:86:ec:58:de:eb:a1:ee:e1:b6:d2:e8:6c:
                    02:41:f3:72:1a:db:cb:9f:13:e6:23:11:d2:2f:ba:
                    8a:3d:05:f2:01:99:ce:02:5f:ab:da:b6:ed:9a:15:
                    b1:6b:ec:bf:06:02:22:ce:d8:0e:34:ae:af:26:fe:
                    56:2a:55:3e:87:7b:d9:7b:65:fe:f5:ff:11:f7:7f:
                    b3:46:39:9a:a9:59:8b:71:dc:1e:d8:af:5f:49:a4:
                    a2:3a:d6:b8:bb:fc:9a:4e:a1:02:d6:22:0d:80:dd:
                    90:4c:fa:28:f9:24:fb:84:23:c1:c5:70:eb:0a:36:
                    e3:d9:72:83:52:26:b3:cb:05:e4:09:3a:6a:46:68:
                    e7:4f:75:eb:7d:a3:28:aa:0a:d5:e5:4f:56:76:b8:
                    a0:86:bc:65:b8:a9:f1:79:17:c5:3d:2c:c4:3b:bd:
                    c2:98:fa:ff:55:0a:5a:41:ad:9b:c1:d3:c1:c6:55:
                    9c:04:50:f2:2e:6c:53:9a:9c:ac:7f:03:fb:67:f0:
                    0c:f2:1d:b2:25:ed:dd:3f:dd:3a:5c:eb:f2:21:26:
                    64:91:5c:86:fb:b3:98:95:97:b3:21:fd:9c:bf:c8:
                    2e:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:0E:A5:D9:23:FF:9D:C9:EA:94:38:F8:D9:27:AE:17:D2:6D:0B:45
            X509v3 Authority Key Identifier:
                keyid:CA:C9:80:4E:22:7E:AA:C9:AC:09:B0:82:1F:C0:7E:E2:81:77:77:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysmATiJ-qsmsCbCCH8B-4oF3d7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/xw6l2SP_ncnqlDj42SeuF9JtC0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/ysmATiJ-qsmsCbCCH8B-4oF3d7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.255.0/24
                  193.57.172.0/24
                IPv6:
                  2a11:5ec0::/40

    Signature Algorithm: sha256WithRSAEncryption
         14:d2:60:48:30:b7:93:c5:66:0b:7a:4b:f0:a4:4e:2f:53:52:
         2b:1c:19:32:f5:6c:62:15:92:0e:8a:47:fd:cf:d1:62:72:d8:
         1b:55:41:99:d0:09:14:b5:31:97:3d:67:96:85:9b:be:79:ac:
         2b:34:8d:3f:be:1c:55:82:39:86:94:46:35:dd:c0:61:dc:18:
         e9:dc:fa:62:66:df:50:1b:d4:aa:9a:18:74:aa:f7:13:6c:cd:
         7e:cf:d4:ac:2f:49:e5:84:6b:a7:35:fd:e2:30:6e:9d:96:b2:
         8b:42:22:d4:11:5f:69:6d:65:42:ca:ce:fe:7e:7d:57:ff:1a:
         c1:08:30:6b:f2:3f:89:c3:97:17:56:f2:ba:b8:54:84:0a:9e:
         ce:20:32:6b:63:fe:d1:5d:e8:0a:c2:5b:db:e7:03:b6:73:4c:
         2b:6e:14:34:cf:8a:67:23:11:36:67:12:a8:d4:f0:10:66:cd:
         7e:da:10:79:08:e6:d3:86:da:50:e0:06:2c:01:65:97:ce:a8:
         4d:9d:6f:33:bc:8f:8b:1b:0a:a5:65:45:43:09:03:60:3c:29:
         45:a9:6a:c4:d6:f9:78:d6:75:c1:10:23:0d:59:78:d3:fc:ec:
         4f:df:66:34:3b:48:bc:31:c0:59:00:a8:3f:ba:a1:ee:2a:3a:
         8b:1d:be:0a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEASD6HDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YWM5ODA0ZTIyN2VhYWM5YWMwOWIwODIxZmMwN2VlMjgxNzc3N2I1MB4XDTIyMDEx
OTEzNTMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzcwZWE1ZDkyM2Zm
OWRjOWVhOTQzOGY4ZDkyN2FlMTdkMjZkMGI0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL46JpQyOWVE0rt1807Z6gGMbueuCBSTAmVsD3wPugthhuxY
3uuh7uG20uhsAkHzchrby58T5iMR0i+6ij0F8gGZzgJfq9q27ZoVsWvsvwYCIs7Y
DjSuryb+VipVPod72Xtl/vX/Efd/s0Y5mqlZi3HcHtivX0mkojrWuLv8mk6hAtYi
DYDdkEz6KPkk+4QjwcVw6wo249lyg1Ims8sF5Ak6akZo5091632jKKoK1eVPVna4
oIa8Zbip8XkXxT0sxDu9wpj6/1UKWkGtm8HTwcZVnARQ8i5sU5qcrH8D+2fwDPId
siXt3T/dOlzr8iEmZJFchvuzmJWXsyH9nL/ILmkCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBTHDqXZI/+dyeqUOPjZJ64X0m0LRTAfBgNVHSMEGDAWgBTKyYBOIn6qyawJ
sIIfwH7igXd3tTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lzbUFUaUotcXNtc0NiQ0NIOEItNG9GM2Q3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvYmNlYTVkLTUxNGUtNGY1Mi1iNDlhLTkwZmI1N2Q0MGNhNy8x
L3h3NmwyU1BfbmNucWxEajQyU2V1RjlKdEMwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
YmNlYTVkLTUxNGUtNGY1Mi1iNDlhLTkwZmI1N2Q0MGNhNy8xL3lzbUFUaUotcXNt
c0NiQ0NIOEItNG9GM2Q3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwEgQCAAEwDAMEAC1b/wMEAME5rDAOBAIAAjAIAwYA
KhFewAAwDQYJKoZIhvcNAQELBQADggEBABTSYEgwt5PFZgt6S/CkTi9TUiscGTL1
bGIVkg6KR/3P0WJy2BtVQZnQCRS1MZc9Z5aFm755rCs0jT++HFWCOYaURjXdwGHc
GOnc+mJm31Ab1KqaGHSq9xNszX7P1KwvSeWEa6c1/eIwbp2WsotCItQRX2ltZULK
zv5+fVf/GsEIMGvyP4nDlxdW8rq4VIQKns4gMmtj/tFd6ArCW9vnA7ZzTCtuFDTP
imcjETZnEqjU8BBmzX7aEHkI5tOG2lDgBiwBZZfOqE2dbzO8j4sbCqVlRUMJA2A8
KUWpasTW+XjWdcEQIw1ZeNP87E/fZjQ7SLwxwFkAqD+6oe4qOosdvgo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:26 2023 by rpki-client on console-fra.rpki-client.org