Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/PTG8LU0PNtvwx6nEn9cR87BePJI.roa
File:                     PTG8LU0PNtvwx6nEn9cR87BePJI.roa (raw, json)
Hash identifier:          PZUrKT0R61Rf+aYEN989n6O0NPHDTtM1cp3+tMu0hUg=
Subject key identifier:   3D:31:BC:2D:4D:0F:36:DB:F0:C7:A9:C4:9F:D7:11:F3:B0:5E:3C:92
Certificate issuer:       /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial:       084A7659
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/PTG8LU0PNtvwx6nEn9cR87BePJI.roa
Signing time:             Sat 01 Jan 2022 13:56:51 +0000
ROA not before:           Sat 01 Jan 2022 13:56:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61157
IP address blocks:        45.84.74.0/23 maxlen: 23
                          2a0e:a680:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 139097689 (0x84a7659)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
        Validity
            Not Before: Jan  1 13:56:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d31bc2d4d0f36dbf0c7a9c49fd711f3b05e3c92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:4c:8e:d5:57:ba:01:c2:18:3a:24:4f:af:34:
                    f3:af:78:b2:83:09:1c:1e:f3:43:64:1c:32:2e:57:
                    05:bb:34:0e:bd:51:b6:b5:07:15:4c:56:07:c1:16:
                    69:52:30:3e:fb:93:ba:99:7c:02:9d:06:50:f0:4b:
                    31:ba:48:66:09:a7:b9:d0:30:f0:7b:5d:0c:f7:c3:
                    19:bb:48:d7:00:93:bf:48:98:56:55:de:bf:70:84:
                    9b:01:a7:70:c6:71:d4:70:8a:3b:1f:d4:b1:78:c7:
                    6a:99:d6:02:ff:63:6e:d0:93:65:3b:7f:14:44:c8:
                    04:f4:51:b1:b4:14:5f:d7:22:68:01:bd:11:ab:6c:
                    f1:25:59:62:fa:85:10:5c:60:27:d4:c7:7a:ec:3a:
                    99:ea:29:fd:f9:9a:9b:e5:cf:ca:fc:12:f4:92:20:
                    4e:fa:c0:8e:7d:29:6a:1b:79:aa:ed:b3:70:0c:f9:
                    78:c3:e9:ff:88:da:b5:a1:67:ae:cd:e4:95:52:80:
                    b7:fa:53:0c:01:63:d6:f9:7c:a1:b0:ac:5f:92:61:
                    17:a9:86:42:14:00:f7:38:9e:32:40:23:5b:9a:31:
                    55:51:39:79:39:43:5c:67:3d:d9:90:56:2f:d8:fc:
                    68:be:93:19:57:13:4d:ea:3f:60:92:3f:2e:aa:78:
                    ef:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:31:BC:2D:4D:0F:36:DB:F0:C7:A9:C4:9F:D7:11:F3:B0:5E:3C:92
            X509v3 Authority Key Identifier:
                keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/PTG8LU0PNtvwx6nEn9cR87BePJI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.84.74.0/23
                IPv6:
                  2a0e:a680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         25:eb:55:09:a3:14:12:e1:75:af:62:23:b4:96:74:fc:a8:9d:
         87:ae:7f:2b:de:00:f5:d8:8b:08:f8:7c:bd:68:43:82:68:d9:
         17:01:80:dc:6d:80:ce:68:79:3e:30:78:e3:56:2d:8f:10:70:
         c7:0b:1e:1c:e2:4f:ce:a5:a2:20:6e:cb:ea:7a:31:dc:3c:41:
         27:ba:ac:cc:35:73:02:ab:a1:a0:56:c0:23:e2:02:42:a1:3a:
         51:0d:fb:fc:44:68:03:39:48:1a:a9:2f:f4:7e:e0:2e:48:2f:
         5f:74:f5:22:a0:d2:c8:cd:17:84:5c:4c:99:f2:f2:9c:c6:67:
         ef:53:c8:69:21:b5:75:35:33:4e:3d:33:80:3d:cb:e6:cd:42:
         1e:88:43:f9:a2:79:d3:27:c9:1a:5f:cd:b6:3f:f0:a2:d9:fe:
         bc:45:9c:17:d0:1a:3f:0d:31:a3:55:28:64:ad:be:ac:95:0e:
         be:fd:4d:b5:63:9a:32:54:35:32:ae:0f:a2:df:5f:3e:98:e5:
         5d:07:8e:2d:96:6d:8f:fe:1c:18:3f:b0:f7:14:98:c5:e2:15:
         02:c1:87:1b:d5:14:19:f3:16:9f:8a:a9:6f:f9:1b:6b:29:1b:
         9e:33:5b:e1:4f:b0:67:f1:1d:13:d2:1b:3b:d2:53:5b:8f:9c:
         42:17:98:6e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECEp2WTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MWQ3ZWNmMTcxNDJiM2IwOTM1ZjhlMzdiOGY3ZDljMjUzZjBlZTE5MB4XDTIyMDEw
MTEzNTY1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QzMWJjMmQ0ZDBm
MzZkYmYwYzdhOWM0OWZkNzExZjNiMDVlM2M5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNMjtVXugHCGDokT6808694soMJHB7zQ2QcMi5XBbs0Dr1R
trUHFUxWB8EWaVIwPvuTupl8Ap0GUPBLMbpIZgmnudAw8HtdDPfDGbtI1wCTv0iY
VlXev3CEmwGncMZx1HCKOx/UsXjHapnWAv9jbtCTZTt/FETIBPRRsbQUX9ciaAG9
Eats8SVZYvqFEFxgJ9THeuw6meop/fmam+XPyvwS9JIgTvrAjn0paht5qu2zcAz5
eMPp/4jataFnrs3klVKAt/pTDAFj1vl8obCsX5JhF6mGQhQA9zieMkAjW5oxVVE5
eTlDXGc92ZBWL9j8aL6TGVcTTeo/YJI/Lqp477cCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQ9MbwtTQ822/DHqcSf1xHzsF48kjAfBgNVHSMEGDAWgBSR1+zxcUKzsJNf
jje499nCU/DuGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tkZnM4WEZDczdDVFg0NDN1UGZad2xQdzdoay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvYjA4ZTZlLTA4MjItNDIyNC05NTRiLWE2YjFhZDM0ZTA4Yy8x
L1BURzhMVTBQTnR2d3g2bkVuOWNSODdCZVBKSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
YjA4ZTZlLTA4MjItNDIyNC05NTRiLWE2YjFhZDM0ZTA4Yy8xL2tkZnM4WEZDczdD
VFg0NDN1UGZad2xQdzdoay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAS1USjAPBAIAAjAJAwcAKg6mgAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAl61UJoxQS4XWvYiO0lnT8qJ2Hrn8r3gD12IsI
+Hy9aEOCaNkXAYDcbYDOaHk+MHjjVi2PEHDHCx4c4k/OpaIgbsvqejHcPEEnuqzM
NXMCq6GgVsAj4gJCoTpRDfv8RGgDOUgaqS/0fuAuSC9fdPUioNLIzReEXEyZ8vKc
xmfvU8hpIbV1NTNOPTOAPcvmzUIeiEP5onnTJ8kaX822P/Ci2f68RZwX0Bo/DTGj
VShkrb6slQ6+/U21Y5oyVDUyrg+i318+mOVdB44tlm2P/hwYP7D3FJjF4hUCwYcb
1RQZ8xafiqlv+RtrKRueM1vhT7Bn8R0T0hs70lNbj5xCF5hu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:03 2024 by rpki-client on console-ams.rpki-client.org