Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/yINlIdCUPEr0gmdfShTwo7BvGWM.roa
File:                     yINlIdCUPEr0gmdfShTwo7BvGWM.roa (raw, json)
Hash identifier:          LhW9usidyDCuOy6plvV+y+1HCuBH+edAP4Owm4lqgO0=
Subject key identifier:   C8:83:65:21:D0:94:3C:4A:F4:82:67:5F:4A:14:F0:A3:B0:6F:19:63
Certificate issuer:       /CN=51ecf9babc9ca6bae9085ce292fb1c2cc18d344f
Certificate serial:       018437ED01C8AA6C6B7965FD10DB0C1B0CD0
Authority key identifier: 51:EC:F9:BA:BC:9C:A6:BA:E9:08:5C:E2:92:FB:1C:2C:C1:8D:34:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Uez5urycprrpCFzikvscLMGNNE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/yINlIdCUPEr0gmdfShTwo7BvGWM.roa
Signing time:             Wed 02 Nov 2022 10:39:49 +0000
ROA not before:           Wed 02 Nov 2022 10:39:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        45.158.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:37:ed:01:c8:aa:6c:6b:79:65:fd:10:db:0c:1b:0c:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51ecf9babc9ca6bae9085ce292fb1c2cc18d344f
        Validity
            Not Before: Nov  2 10:39:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c8836521d0943c4af482675f4a14f0a3b06f1963
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:85:ea:ae:1b:b8:c7:c3:fc:2d:b8:86:15:2c:
                    22:e1:c1:64:c0:9f:b0:95:49:e9:09:a3:a1:0e:76:
                    a7:46:d2:29:bc:2c:84:df:ad:71:88:72:44:ea:e8:
                    b8:d3:3c:63:3e:30:9f:8a:b6:8a:bd:c5:2d:75:4a:
                    68:17:18:d5:59:e8:f2:2a:4a:af:5a:0d:c7:ed:0a:
                    02:a5:68:83:74:2f:00:31:62:81:a9:02:26:0e:b6:
                    b3:6a:21:fc:b2:0d:a4:44:9c:1f:8e:db:67:b4:22:
                    fb:ce:5f:d2:8d:16:5f:01:9f:f5:1d:df:40:b1:8b:
                    fb:68:a2:84:09:55:9a:b6:d9:82:35:eb:0b:4f:da:
                    6f:33:4f:db:52:fc:92:d5:9e:ae:0e:59:3c:40:aa:
                    4b:e3:63:d6:5d:77:4c:e1:97:12:d0:64:80:3a:52:
                    7b:ce:27:a8:a6:a3:9b:40:64:18:e9:04:cb:42:43:
                    13:c5:ae:5d:69:5d:8b:60:52:05:d6:d9:68:0d:ca:
                    03:18:da:9d:f3:7e:2c:c1:28:41:9a:a5:80:e0:1b:
                    cd:b6:fd:b6:5e:5c:62:82:e3:43:d5:bf:05:f0:da:
                    0b:24:c8:6d:20:1b:d3:47:09:0c:09:b5:7a:1c:4b:
                    79:46:05:bb:20:89:7f:f9:8b:3c:5d:5f:89:01:66:
                    05:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:83:65:21:D0:94:3C:4A:F4:82:67:5F:4A:14:F0:A3:B0:6F:19:63
            X509v3 Authority Key Identifier:
                keyid:51:EC:F9:BA:BC:9C:A6:BA:E9:08:5C:E2:92:FB:1C:2C:C1:8D:34:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uez5urycprrpCFzikvscLMGNNE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/yINlIdCUPEr0gmdfShTwo7BvGWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/Uez5urycprrpCFzikvscLMGNNE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:55:ac:07:7e:8e:3d:be:14:8d:56:b7:29:2f:ad:c9:99:1b:
         21:40:d4:ff:e5:d3:af:dd:1f:7d:81:bc:11:7f:c8:f4:22:7f:
         1f:7c:4e:c1:cb:dd:d6:c1:7f:0c:02:1d:df:05:77:a3:f6:bb:
         98:19:65:17:c1:e4:5c:a3:82:d1:d2:a2:f9:62:0b:fd:99:64:
         d5:14:1a:57:dc:92:b3:f3:78:f2:ad:61:04:8e:c2:b9:11:d1:
         16:1c:09:77:41:3d:d0:d8:ac:18:31:1b:c0:e5:0f:5a:3d:74:
         de:c5:06:19:9a:f6:10:e5:aa:31:e7:ba:74:33:50:84:25:14:
         da:a2:80:39:9d:e2:80:9d:86:0e:5b:c4:4e:18:8d:69:7e:a1:
         1c:83:f8:4b:36:d9:75:4f:78:2d:89:26:1e:1e:a6:0b:1a:ca:
         20:92:58:fb:b5:e5:ac:47:34:5b:2f:10:24:ab:be:59:cc:5d:
         19:24:0b:15:24:8a:62:39:ed:2e:a8:13:7e:60:bd:7d:94:71:
         da:19:3a:5f:6d:b5:91:0e:20:03:05:05:c8:d5:49:72:60:13:
         61:3e:02:ca:c3:af:95:4b:f7:67:31:7e:9e:64:61:1e:be:e2:
         68:3a:39:bb:c8:15:86:32:5a:31:7b:6d:7f:e1:85:15:37:ac:
         83:48:13:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ37QHIqmxreWX9ENsMGwzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZWNmOWJhYmM5Y2E2YmFlOTA4NWNlMjkyZmIxYzJjYzE4
ZDM0NGYwHhcNMjIxMTAyMTAzOTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODgzNjUyMWQwOTQzYzRhZjQ4MjY3NWY0YTE0ZjBhM2IwNmYxOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIXqrhu4x8P8LbiGFSwi4cFkwJ+w
lUnpCaOhDnanRtIpvCyE361xiHJE6ui40zxjPjCfiraKvcUtdUpoFxjVWejyKkqv
Wg3H7QoCpWiDdC8AMWKBqQImDrazaiH8sg2kRJwfjttntCL7zl/SjRZfAZ/1Hd9A
sYv7aKKECVWattmCNesLT9pvM0/bUvyS1Z6uDlk8QKpL42PWXXdM4ZcS0GSAOlJ7
zieopqObQGQY6QTLQkMTxa5daV2LYFIF1tloDcoDGNqd834swShBmqWA4BvNtv22
XlxiguND1b8F8NoLJMhtIBvTRwkMCbV6HEt5RgW7IIl/+Ys8XV+JAWYFZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMiDZSHQlDxK9IJnX0oU8KOwbxljMB8GA1UdIwQY
MBaAFFHs+bq8nKa66Qhc4pL7HCzBjTRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWV6NXVyeWNwcnJwQ0Z6aWt2c2NMTUdOTkU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mYjA0YzgtNzA1Ny00NWI3LWEzNGMt
ZGNmYzZhOWUwZGM3LzEveUlObElkQ1VQRXIwZ21kZlNoVHdvN0J2R1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mYjA0YzgtNzA1Ny00NWI3LWEzNGMtZGNmYzZhOWUwZGM3
LzEvVWV6NXVyeWNwcnJwQ0Z6aWt2c2NMTUdOTkU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ48MA0G
CSqGSIb3DQEBCwUAA4IBAQBSVawHfo49vhSNVrcpL63JmRshQNT/5dOv3R99gbwR
f8j0In8ffE7By93WwX8MAh3fBXej9ruYGWUXweRco4LR0qL5Ygv9mWTVFBpX3JKz
83jyrWEEjsK5EdEWHAl3QT3Q2KwYMRvA5Q9aPXTexQYZmvYQ5aox57p0M1CEJRTa
ooA5neKAnYYOW8ROGI1pfqEcg/hLNtl1T3gtiSYeHqYLGsogklj7teWsRzRbLxAk
q75ZzF0ZJAsVJIpiOe0uqBN+YL19lHHaGTpfbbWRDiADBQXI1UlyYBNhPgLKw6+V
S/dnMX6eZGEevuJoOjm7yBWGMloxe21/4YUVN6yDSBNx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:56 2024 by rpki-client on console-ams.rpki-client.org