Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VWgFW-y36-M_Ay-NuBjKne_bCQs.roa
File:                     VWgFW-y36-M_Ay-NuBjKne_bCQs.roa (raw, json)
Hash identifier:          ygiPfTiPLy2KpLNkaEzu4ju7CQMQEJxiVFH4X1AAn+Y=
Subject key identifier:   55:68:05:5B:EC:B7:EB:E3:3F:03:2F:8D:B8:18:CA:9D:EF:DB:09:0B
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0CB21312
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VWgFW-y36-M_Ay-NuBjKne_bCQs.roa
Signing time:             Sat 01 Jan 2022 05:04:55 +0000
ROA not before:           Sat 01 Jan 2022 05:04:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     36351
IP address blocks:        45.85.107.0/24 maxlen: 24
                          45.83.28.0/24 maxlen: 24
                          45.80.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 212996882 (0xcb21312)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  1 05:04:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5568055becb7ebe33f032f8db818ca9defdb090b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8f:a3:ce:e0:72:8b:78:33:14:b4:67:de:ae:
                    ff:4a:e0:f0:c5:25:7a:2a:2e:98:61:2b:d3:d9:27:
                    96:6a:9e:c0:99:99:94:2d:5e:9a:74:c2:7d:1c:07:
                    d1:0b:44:11:61:81:3a:cd:d3:17:5d:5f:03:72:6e:
                    04:a2:8d:1c:57:24:b7:57:0c:be:4c:45:4b:c9:60:
                    bd:f7:9b:f1:06:c0:35:9f:f5:e1:a3:ff:81:58:e4:
                    34:05:53:86:00:8f:04:30:16:44:2d:bd:d5:b5:d2:
                    69:a3:43:8b:f8:ab:66:07:47:5f:5e:fc:4e:79:87:
                    bc:98:04:55:86:fb:03:58:22:74:56:a6:d0:1b:1f:
                    52:1a:77:da:51:78:90:67:35:d1:86:a5:93:a2:af:
                    72:d6:0a:02:0b:37:5b:1c:7e:e1:0f:ed:05:96:a3:
                    33:38:41:97:f2:49:5d:75:58:79:76:6d:cd:71:e4:
                    1b:bc:cb:52:2c:9e:bc:5a:35:b1:38:47:44:a0:62:
                    16:e2:eb:b9:37:a0:80:34:68:9d:69:7f:b0:de:e2:
                    7b:3e:db:a7:38:64:5e:f2:01:25:23:40:80:2d:1b:
                    de:d3:93:0c:38:a8:49:7c:3b:d8:25:9d:70:c4:ac:
                    80:0d:d5:ea:ae:79:42:02:0e:44:dc:87:7a:cb:d5:
                    9b:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:68:05:5B:EC:B7:EB:E3:3F:03:2F:8D:B8:18:CA:9D:EF:DB:09:0B
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VWgFW-y36-M_Ay-NuBjKne_bCQs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.156.0/24
                  45.83.28.0/24
                  45.85.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:ba:96:42:06:f7:99:94:bf:ed:da:68:db:99:ce:e2:bd:48:
         c3:a9:99:88:fb:f3:7b:7a:80:69:2a:f5:c0:78:13:f1:d1:0b:
         3e:a3:99:21:af:98:a1:ef:0f:82:a0:3e:65:68:c7:56:3f:ca:
         18:42:82:1c:37:20:dc:cd:32:9d:b7:4c:02:4e:1a:75:db:29:
         75:db:07:dc:59:73:4d:75:73:5c:5d:db:32:c1:2e:a3:b0:e6:
         15:40:7f:04:22:3c:3a:a9:ab:53:f4:5f:56:ce:aa:66:39:df:
         c0:97:82:18:81:01:19:96:9b:b1:61:83:b1:a9:c1:5a:c1:57:
         67:ec:c3:04:d9:0a:06:e7:39:2f:10:4d:30:ce:38:c2:5a:de:
         10:22:15:c9:df:8d:fa:43:57:0f:d6:59:6e:78:da:52:e8:2e:
         6a:e6:3f:49:d6:ca:50:7a:78:33:30:a3:25:c6:0e:ee:ec:d7:
         00:e2:83:03:25:ba:b6:cd:ef:50:08:82:ac:9e:28:dd:77:5b:
         b3:35:de:14:a6:20:da:f4:f9:a2:09:10:7b:03:c8:b3:b8:3d:
         4e:0e:ec:eb:71:a6:43:6c:a7:45:a0:ff:7b:53:9c:db:f1:a4:
         ef:07:47:b7:fc:ca:91:08:c2:ab:b7:13:4c:8e:c6:f5:73:18:
         40:5e:1a:71
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDLITEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTU2ODA1NWJlY2I3
ZWJlMzNmMDMyZjhkYjgxOGNhOWRlZmRiMDkwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaPo87gcot4MxS0Z96u/0rg8MUleioumGEr09knlmqewJmZ
lC1emnTCfRwH0QtEEWGBOs3TF11fA3JuBKKNHFckt1cMvkxFS8lgvfeb8QbANZ/1
4aP/gVjkNAVThgCPBDAWRC291bXSaaNDi/irZgdHX178TnmHvJgEVYb7A1gidFam
0BsfUhp32lF4kGc10Yalk6KvctYKAgs3Wxx+4Q/tBZajMzhBl/JJXXVYeXZtzXHk
G7zLUiyevFo1sThHRKBiFuLruTeggDRonWl/sN7iez7bpzhkXvIBJSNAgC0b3tOT
DDioSXw72CWdcMSsgA3V6q55QgIORNyHesvVmxECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRVaAVb7Lfr4z8DL424GMqd79sJCzAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L1ZXZ0ZXLXkzNi1NX0F5LU51QmpLbmVfYkNRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC1QnAMEAC1THAMEAC1VazANBgkq
hkiG9w0BAQsFAAOCAQEAGrqWQgb3mZS/7dpo25nO4r1Iw6mZiPvze3qAaSr1wHgT
8dELPqOZIa+Yoe8PgqA+ZWjHVj/KGEKCHDcg3M0ynbdMAk4addspddsH3FlzTXVz
XF3bMsEuo7DmFUB/BCI8OqmrU/RfVs6qZjnfwJeCGIEBGZabsWGDsanBWsFXZ+zD
BNkKBuc5LxBNMM44wlreECIVyd+N+kNXD9ZZbnjaUuguauY/SdbKUHp4MzCjJcYO
7uzXAOKDAyW6ts3vUAiCrJ4o3XdbszXeFKYg2vT5ogkQewPIs7g9Tg7s63GmQ2yn
RaD/e1Oc2/Gk7wdHt/zKkQjCq7cTTI7G9XMYQF4acQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org