Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YeqEE2wShH65ug8-hdioDJANgr0.roa
File:                     YeqEE2wShH65ug8-hdioDJANgr0.roa (raw, json)
Hash identifier:          N5umZQyPh5aqepNVbfhyQR9jGeVTg1LFVMhlRAa2728=
Subject key identifier:   61:EA:84:13:6C:12:84:7E:B9:BA:0F:3E:85:D8:A8:0C:90:0D:82:BD
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       07B06973
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YeqEE2wShH65ug8-hdioDJANgr0.roa
Signing time:             Sat 01 Jan 2022 16:06:04 +0000
ROA not before:           Sat 01 Jan 2022 16:06:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     395003
IP address blocks:        45.82.245.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129001843 (0x7b06973)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  1 16:06:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=61ea84136c12847eb9ba0f3e85d8a80c900d82bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:87:75:fa:5a:c7:f0:dc:19:c9:39:8c:49:3b:
                    31:3c:77:b7:d5:ff:ac:79:f6:a7:2f:ff:0c:b0:01:
                    bf:62:d3:15:0d:c3:72:64:9f:46:53:6f:50:5f:63:
                    19:22:ab:41:ab:81:79:8d:4b:b5:04:f2:1d:c7:d0:
                    57:43:e5:71:09:1d:fd:7f:41:87:56:57:1b:cc:79:
                    38:c7:a3:c4:72:1a:d0:b0:48:bc:36:fd:87:66:f3:
                    f2:ff:d1:f9:16:d6:f3:12:d0:93:e5:5d:6c:85:ef:
                    fd:e2:90:63:21:22:8e:c7:43:c7:68:0a:2c:a0:08:
                    cf:a8:02:9d:76:4a:8a:16:2d:73:2e:96:d5:ea:c7:
                    bb:27:7c:e7:e2:5a:2c:3e:47:26:e5:a8:6a:d1:93:
                    d5:b0:e1:96:76:31:7c:28:cc:ee:74:1b:a4:8d:e0:
                    33:79:93:d2:07:c3:6f:fe:fa:07:90:0a:3c:96:f7:
                    2c:e8:0c:bc:6e:ea:c8:37:ce:bd:64:dc:0b:8c:b1:
                    b1:f3:42:12:4a:62:b3:0d:b2:7e:7c:e2:97:44:7b:
                    43:07:e8:33:92:86:d8:da:a8:b9:ff:54:cb:7d:91:
                    2c:1c:7f:64:5e:17:bf:08:ee:43:a9:d4:05:7a:e4:
                    61:75:ba:dd:69:1a:b5:3b:6c:1b:fa:a3:bf:d6:9d:
                    96:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:EA:84:13:6C:12:84:7E:B9:BA:0F:3E:85:D8:A8:0C:90:0D:82:BD
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YeqEE2wShH65ug8-hdioDJANgr0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d0:bf:12:6a:1e:5b:16:4c:a9:eb:80:92:73:15:24:f0:20:d3:
         32:0c:15:5b:4d:f1:26:26:a5:ec:8a:5c:24:1b:b0:2f:c4:70:
         c6:02:96:a4:07:10:f7:e7:9f:dd:7b:2e:e6:9c:cf:83:63:df:
         3d:09:14:6c:e3:1f:92:7f:3d:7b:91:77:de:bf:24:51:f8:91:
         c3:1c:f5:3a:bf:1a:fd:2f:4c:9a:21:20:a5:0d:ee:20:4d:1a:
         59:c3:d9:ee:1f:a4:8e:b0:7f:89:4b:a9:fa:33:58:b3:dd:90:
         d7:9a:e6:22:13:78:72:03:b5:e8:44:c4:ea:47:0a:10:66:a6:
         3f:75:47:05:7c:4f:3b:b6:77:6d:c9:df:ed:56:12:0f:99:cf:
         36:b9:bc:35:39:14:47:f7:1c:1f:91:bf:5a:f4:51:19:d7:95:
         f5:18:16:ee:8d:14:e7:b1:ec:88:c6:f6:cc:4e:31:8f:af:e3:
         2c:4d:bf:fb:f9:f7:58:d6:fa:50:0d:da:c5:5e:74:9f:dd:ca:
         a9:67:5e:8e:24:3b:54:51:da:72:71:76:ef:45:af:01:02:f4:
         88:19:d6:0a:d1:1d:2c:d0:ca:80:e7:ab:7b:8b:e4:ec:90:11:
         25:10:b1:b9:fc:07:79:b1:1c:e6:4a:30:11:0f:ad:45:af:b3:
         ab:da:f9:c4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB7BpczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmZkYjY3NjU0ZGY2MTg0ZTdkNjBjNDE1MGVhOTUzM2MyY2Y5NzA0MB4XDTIyMDEw
MTE2MDYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFlYTg0MTM2YzEy
ODQ3ZWI5YmEwZjNlODVkOGE4MGM5MDBkODJiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeHdfpax/DcGck5jEk7MTx3t9X/rHn2py//DLABv2LTFQ3D
cmSfRlNvUF9jGSKrQauBeY1LtQTyHcfQV0PlcQkd/X9Bh1ZXG8x5OMejxHIa0LBI
vDb9h2bz8v/R+RbW8xLQk+VdbIXv/eKQYyEijsdDx2gKLKAIz6gCnXZKihYtcy6W
1erHuyd85+JaLD5HJuWoatGT1bDhlnYxfCjM7nQbpI3gM3mT0gfDb/76B5AKPJb3
LOgMvG7qyDfOvWTcC4yxsfNCEkpisw2yfnzil0R7QwfoM5KG2Nqouf9Uy32RLBx/
ZF4XvwjuQ6nUBXrkYXW63WkatTtsG/qjv9adlh0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRh6oQTbBKEfrm6Dz6F2KgMkA2CvTAfBgNVHSMEGDAWgBRi/bZ2VN9hhOfW
DEFQ6pUzws+XBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l2MjJkbFRmWVlUbjFneEJVT3FWTThMUGx3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNzA0MDcxLThkYzAtNGVkNi05NDU3LWU4NjEyMWM1OTRkZi8x
L1llcUVFMndTaEg2NXVnOC1oZGlvREpBTmdyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NzA0MDcxLThkYzAtNGVkNi05NDU3LWU4NjEyMWM1OTRkZi8xL1l2MjJkbFRmWVlU
bjFneEJVT3FWTThMUGx3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1S9TANBgkqhkiG9w0BAQsFAAOC
AQEA0L8Sah5bFkyp64CScxUk8CDTMgwVW03xJial7IpcJBuwL8RwxgKWpAcQ9+ef
3Xsu5pzPg2PfPQkUbOMfkn89e5F33r8kUfiRwxz1Or8a/S9MmiEgpQ3uIE0aWcPZ
7h+kjrB/iUup+jNYs92Q15rmIhN4cgO16ETE6kcKEGamP3VHBXxPO7Z3bcnf7VYS
D5nPNrm8NTkUR/ccH5G/WvRRGdeV9RgW7o0U57HsiMb2zE4xj6/jLE2/+/n3WNb6
UA3axV50n93KqWdejiQ7VFHacnF270WvAQL0iBnWCtEdLNDKgOere4vk7JARJRCx
ufwHebEc5kowEQ+tRa+zq9r5xA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:22 2023 by rpki-client on console-ams.rpki-client.org