Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/ZbvanFAjAzsFkqviRpDb2276JUY.roa
File:                     ZbvanFAjAzsFkqviRpDb2276JUY.roa (raw, json)
Hash identifier:          9T3qOFxy4EsEY4eLB/ObhVWQuasxt94AMbTcvssa7FQ=
Subject key identifier:   65:BB:DA:9C:50:23:03:3B:05:92:AB:E2:46:90:DB:DB:6E:FA:25:46
Certificate issuer:       /CN=51ecf9babc9ca6bae9085ce292fb1c2cc18d344f
Certificate serial:       0183C9857FD4043DF2D93E34D4FDE1075598
Authority key identifier: 51:EC:F9:BA:BC:9C:A6:BA:E9:08:5C:E2:92:FB:1C:2C:C1:8D:34:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Uez5urycprrpCFzikvscLMGNNE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/ZbvanFAjAzsFkqviRpDb2276JUY.roa
Signing time:             Wed 12 Oct 2022 00:08:32 +0000
ROA not before:           Wed 12 Oct 2022 00:08:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61138
IP address blocks:        45.158.61.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c9:85:7f:d4:04:3d:f2:d9:3e:34:d4:fd:e1:07:55:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51ecf9babc9ca6bae9085ce292fb1c2cc18d344f
        Validity
            Not Before: Oct 12 00:08:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=65bbda9c5023033b0592abe24690dbdb6efa2546
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3d:f0:b0:de:e3:52:90:6e:79:8a:a8:c4:1a:
                    df:b8:d7:76:2d:38:25:c5:76:ed:7a:4c:5b:f8:ca:
                    84:50:2b:59:cf:17:bb:65:e5:de:10:fa:6e:d4:cb:
                    e5:bc:38:0d:b1:5a:89:8b:b0:15:26:ea:4e:4f:81:
                    85:fd:9f:bb:ee:64:90:4f:c0:84:e8:0d:cd:64:80:
                    c5:4c:17:8c:10:0b:04:ac:22:eb:b8:c5:74:eb:48:
                    75:93:cf:f8:f8:5a:00:2c:31:d9:9b:83:0e:25:0f:
                    9c:5a:92:b3:90:ce:e3:93:5a:1f:b4:29:6d:46:ed:
                    e2:d8:c4:a0:6a:f2:a9:3e:00:1d:29:85:64:95:ff:
                    9b:9f:74:64:e9:64:01:c5:ac:af:b5:89:fa:40:3c:
                    cb:89:79:6e:de:4c:15:57:84:88:db:d1:79:ff:c2:
                    5b:86:74:e1:68:6f:0b:a5:5c:f9:4c:06:fa:a7:ef:
                    6c:44:9c:4d:2d:10:38:d1:fc:a8:4d:fa:cb:fe:e4:
                    43:a9:6e:7d:44:c8:2c:d2:d9:31:b9:37:14:ce:6b:
                    e6:28:30:41:0a:76:c6:3f:12:b8:f4:cb:80:57:e1:
                    8e:9d:de:0e:b3:1a:b1:60:13:cd:58:09:7e:a4:c9:
                    60:e4:cb:3e:4f:18:3d:6b:97:13:9e:aa:af:f1:26:
                    71:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:BB:DA:9C:50:23:03:3B:05:92:AB:E2:46:90:DB:DB:6E:FA:25:46
            X509v3 Authority Key Identifier:
                keyid:51:EC:F9:BA:BC:9C:A6:BA:E9:08:5C:E2:92:FB:1C:2C:C1:8D:34:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uez5urycprrpCFzikvscLMGNNE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/ZbvanFAjAzsFkqviRpDb2276JUY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/Uez5urycprrpCFzikvscLMGNNE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:e4:32:af:ed:6c:3b:86:52:a9:be:86:82:17:18:0a:1f:2b:
         61:e0:8e:75:ec:e6:30:02:62:a9:fc:06:bb:12:aa:5a:41:04:
         3f:21:93:5d:6f:c6:0a:ac:c3:c6:bd:3d:bf:98:54:ae:4e:23:
         cc:79:4d:e5:5b:2e:05:c9:50:11:16:73:3f:e0:c2:24:08:e7:
         5e:0f:61:d3:a0:05:d5:ea:b9:0d:0c:cd:a1:d1:2a:6c:03:19:
         97:a2:b6:45:4d:79:07:30:59:47:d0:f2:4d:2b:e7:03:d7:86:
         2d:7b:09:da:c9:ef:0d:09:14:5c:25:26:76:ab:6b:9b:70:4e:
         f1:79:a9:63:d8:89:c5:92:07:52:46:19:38:e8:bf:32:f2:cd:
         10:db:f6:d5:9f:db:0a:7c:18:30:63:74:bf:58:d3:d6:1d:27:
         18:39:03:34:83:ca:43:dd:ec:a7:00:fe:53:e8:78:a0:51:15:
         2b:14:c0:91:80:d6:5a:55:69:19:57:92:fa:29:d4:a2:2c:a9:
         bb:e4:01:8b:e4:2b:8d:a8:44:f5:a4:65:d8:5b:de:a8:f7:ab:
         7f:01:8c:95:5c:10:d3:8f:34:0f:96:a6:be:6f:ce:51:1b:c9:
         03:f1:21:df:03:02:b3:19:3c:ba:cd:42:ca:3f:5d:9f:b9:7c:
         3a:cf:6c:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPJhX/UBD3y2T401P3hB1WYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZWNmOWJhYmM5Y2E2YmFlOTA4NWNlMjkyZmIxYzJjYzE4
ZDM0NGYwHhcNMjIxMDEyMDAwODMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWJiZGE5YzUwMjMwMzNiMDU5MmFiZTI0NjkwZGJkYjZlZmEyNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj3wsN7jUpBueYqoxBrfuNd2LTgl
xXbtekxb+MqEUCtZzxe7ZeXeEPpu1MvlvDgNsVqJi7AVJupOT4GF/Z+77mSQT8CE
6A3NZIDFTBeMEAsErCLruMV060h1k8/4+FoALDHZm4MOJQ+cWpKzkM7jk1oftClt
Ru3i2MSgavKpPgAdKYVklf+bn3Rk6WQBxayvtYn6QDzLiXlu3kwVV4SI29F5/8Jb
hnThaG8LpVz5TAb6p+9sRJxNLRA40fyoTfrL/uRDqW59RMgs0tkxuTcUzmvmKDBB
CnbGPxK49MuAV+GOnd4OsxqxYBPNWAl+pMlg5Ms+Txg9a5cTnqqv8SZxfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGW72pxQIwM7BZKr4kaQ29tu+iVGMB8GA1UdIwQY
MBaAFFHs+bq8nKa66Qhc4pL7HCzBjTRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWV6NXVyeWNwcnJwQ0Z6aWt2c2NMTUdOTkU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mYjA0YzgtNzA1Ny00NWI3LWEzNGMt
ZGNmYzZhOWUwZGM3LzEvWmJ2YW5GQWpBenNGa3F2aVJwRGIyMjc2SlVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mYjA0YzgtNzA1Ny00NWI3LWEzNGMtZGNmYzZhOWUwZGM3
LzEvVWV6NXVyeWNwcnJwQ0Z6aWt2c2NMTUdOTkU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ49MA0G
CSqGSIb3DQEBCwUAA4IBAQB25DKv7Ww7hlKpvoaCFxgKHyth4I517OYwAmKp/Aa7
EqpaQQQ/IZNdb8YKrMPGvT2/mFSuTiPMeU3lWy4FyVARFnM/4MIkCOdeD2HToAXV
6rkNDM2h0SpsAxmXorZFTXkHMFlH0PJNK+cD14Ytewnaye8NCRRcJSZ2q2ubcE7x
ealj2InFkgdSRhk46L8y8s0Q2/bVn9sKfBgwY3S/WNPWHScYOQM0g8pD3eynAP5T
6HigURUrFMCRgNZaVWkZV5L6KdSiLKm75AGL5CuNqET1pGXYW96o96t/AYyVXBDT
jzQPlqa+b85RG8kD8SHfAwKzGTy6zULKP12fuXw6z2wX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:56 2024 by rpki-client on console-ams.rpki-client.org