Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_P0yEL_XDo2DF0LXRKc38Bj3Wn0.roa
File:                     _P0yEL_XDo2DF0LXRKc38Bj3Wn0.roa (raw, json)
Hash identifier:          tkWwRuKyoazjX+xBRggXFa3F9EssFXF3rME3H1SD5lM=
Subject key identifier:   FC:FD:32:10:BF:D7:0E:8D:83:17:42:D7:44:A7:37:F0:18:F7:5A:7D
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0D8331C5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_P0yEL_XDo2DF0LXRKc38Bj3Wn0.roa
Signing time:             Thu 10 Mar 2022 07:48:06 +0000
ROA not before:           Thu 10 Mar 2022 07:48:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     262287
IP address blocks:        45.91.49.0/24 maxlen: 24
                          45.91.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 226701765 (0xd8331c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Mar 10 07:48:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fcfd3210bfd70e8d831742d744a737f018f75a7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:1d:d2:35:47:9d:85:db:49:3b:79:32:7f:af:
                    0b:20:20:b0:74:a0:27:fe:4b:4b:c8:ce:b1:7f:0d:
                    0c:6d:9f:cb:b0:7d:16:6d:97:90:7f:d3:73:99:c5:
                    d1:d3:17:90:78:2d:2a:66:cc:fe:6b:00:1e:31:c6:
                    77:e1:65:3b:29:2b:cf:a8:a5:79:72:e2:d9:ac:58:
                    80:28:29:d4:65:6f:d1:3f:88:41:0b:6c:44:17:08:
                    61:af:ed:14:10:d5:5d:19:83:00:8c:41:26:f4:22:
                    8a:52:6e:89:e2:5b:88:4b:e6:b6:5a:3a:78:d6:d5:
                    e4:da:15:b5:0f:b0:58:03:a4:82:69:af:b1:00:24:
                    71:ed:6e:af:dd:d9:71:62:49:87:3b:f7:fa:af:a0:
                    bb:df:07:b4:b8:c2:41:5f:a6:48:3c:be:56:70:d6:
                    ed:f1:dc:20:14:53:7f:9f:88:83:68:08:d9:2c:b8:
                    f8:76:d2:fd:7f:d8:66:74:2a:d5:26:21:52:cd:c4:
                    d0:2e:a8:5d:b8:e1:3e:49:36:75:8f:73:54:b6:a4:
                    7a:4b:b3:18:f6:44:54:b1:64:30:38:ca:50:1d:04:
                    88:4a:dd:01:f8:64:ce:be:f3:36:0f:23:d8:10:45:
                    92:73:e4:ea:5a:9f:30:d5:17:73:f4:98:d2:c1:11:
                    e6:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:FD:32:10:BF:D7:0E:8D:83:17:42:D7:44:A7:37:F0:18:F7:5A:7D
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_P0yEL_XDo2DF0LXRKc38Bj3Wn0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.48.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3e:7c:39:15:5d:16:83:68:bb:06:f3:9d:e4:b3:73:6e:71:89:
         23:76:89:35:48:e7:1d:3c:7f:ba:c1:fb:a3:b8:5e:40:b9:18:
         31:59:37:74:b6:6d:e8:2b:9f:95:b6:40:9f:cd:07:a6:f7:c9:
         61:1f:ca:9b:f4:69:66:d0:f1:93:10:b7:13:3b:96:94:3a:a6:
         2c:8b:be:91:5c:41:bd:9c:3d:2f:e2:ef:97:a4:51:4e:c5:04:
         c3:e2:c3:a9:e5:37:0f:f3:16:60:db:9d:6b:06:f3:8c:ba:c9:
         1c:17:44:b5:aa:ab:83:11:1a:35:80:dc:3c:4a:e3:8e:32:f6:
         2c:e7:f8:9d:be:84:31:b0:ce:f4:db:db:e8:db:99:60:19:17:
         ba:c6:2d:b8:eb:71:e2:ea:b9:00:cd:16:04:c8:bf:d5:16:8e:
         75:50:62:57:d6:d7:1a:a0:52:e3:df:23:74:8e:de:a3:07:7a:
         e5:69:14:1e:cf:51:d2:79:0a:08:ad:b6:19:19:78:c7:f5:77:
         6a:eb:73:28:c0:cd:80:bc:94:23:26:45:62:a5:61:ce:c0:0b:
         29:5a:15:c2:e6:27:49:9a:bd:92:5a:86:dd:cf:97:fe:be:2f:
         a9:9e:4d:aa:62:c7:d8:04:3a:df:5b:3b:97:e3:93:01:bd:1e:
         71:50:4f:6f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDYMxxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDMx
MDA3NDgwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmNmZDMyMTBiZmQ3
MGU4ZDgzMTc0MmQ3NDRhNzM3ZjAxOGY3NWE3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALod0jVHnYXbSTt5Mn+vCyAgsHSgJ/5LS8jOsX8NDG2fy7B9
Fm2XkH/Tc5nF0dMXkHgtKmbM/msAHjHGd+FlOykrz6ileXLi2axYgCgp1GVv0T+I
QQtsRBcIYa/tFBDVXRmDAIxBJvQiilJuieJbiEvmtlo6eNbV5NoVtQ+wWAOkgmmv
sQAkce1ur93ZcWJJhzv3+q+gu98HtLjCQV+mSDy+VnDW7fHcIBRTf5+Ig2gI2Sy4
+HbS/X/YZnQq1SYhUs3E0C6oXbjhPkk2dY9zVLakekuzGPZEVLFkMDjKUB0EiErd
Afhkzr7zNg8j2BBFknPk6lqfMNUXc/SY0sER5pMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT8/TIQv9cOjYMXQtdEpzfwGPdafTAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L19QMHlFTF9YRG8yREYwTFhSS2MzOEJqM1duMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1bMDANBgkqhkiG9w0BAQsFAAOC
AQEAPnw5FV0Wg2i7BvOd5LNzbnGJI3aJNUjnHTx/usH7o7heQLkYMVk3dLZt6Cuf
lbZAn80HpvfJYR/Km/RpZtDxkxC3EzuWlDqmLIu+kVxBvZw9L+Lvl6RRTsUEw+LD
qeU3D/MWYNudawbzjLrJHBdEtaqrgxEaNYDcPErjjjL2LOf4nb6EMbDO9Nvb6NuZ
YBkXusYtuOtx4uq5AM0WBMi/1RaOdVBiV9bXGqBS498jdI7eowd65WkUHs9R0nkK
CK22GRl4x/V3autzKMDNgLyUIyZFYqVhzsALKVoVwuYnSZq9klqG3c+X/r4vqZ5N
qmLH2AQ631s7l+OTAb0ecVBPbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org