Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/chXHHxL-kL15tVx8v-_fIfA9Hj8.roa
File:                     chXHHxL-kL15tVx8v-_fIfA9Hj8.roa (raw, json)
Hash identifier:          YBK759YDzMYhDzdYN5OCFYiQr4/KNiJjPGfzE9VqC0s=
Subject key identifier:   72:15:C7:1F:12:FE:90:BD:79:B5:5C:7C:BF:EF:DF:21:F0:3D:1E:3F
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       03241ADA
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/chXHHxL-kL15tVx8v-_fIfA9Hj8.roa
Signing time:             Sat 01 Jan 2022 16:04:20 +0000
ROA not before:           Sat 01 Jan 2022 16:04:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50340
IP address blocks:        45.8.208.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52697818 (0x3241ada)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  1 16:04:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7215c71f12fe90bd79b55c7cbfefdf21f03d1e3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:ff:ae:5f:1f:4b:43:91:43:57:e0:07:55:0f:
                    4b:3e:61:a1:fa:70:2a:52:fc:96:7a:47:fa:09:fb:
                    83:25:b9:b9:17:d1:83:9f:3e:b1:b7:94:94:5f:24:
                    ff:18:0d:7e:13:ec:d1:18:28:bc:c1:bb:de:04:f5:
                    e0:a2:84:db:89:65:b3:be:44:71:b9:64:3f:8f:9f:
                    b1:99:53:3d:d6:42:1b:75:8e:58:a7:09:02:8a:7a:
                    06:d3:c7:66:31:2c:4a:79:90:60:b9:40:03:d3:4d:
                    6f:02:31:69:3e:e6:94:e0:8b:a2:ee:93:7d:b3:88:
                    5c:5e:61:c1:fe:b1:7e:a4:e5:ea:4f:c6:3e:27:a4:
                    f9:ba:a4:af:b3:1a:5a:82:f5:05:66:38:e2:23:03:
                    97:49:a4:2f:75:d6:18:2b:40:c2:03:95:af:db:3b:
                    f0:65:7a:dd:5b:91:4b:ef:7a:52:84:e1:df:50:34:
                    f7:eb:8b:f6:1a:c9:ff:0e:a3:48:53:0a:56:78:a4:
                    35:17:1a:e8:7c:77:22:b3:dd:04:70:30:60:75:04:
                    29:a5:04:b9:c5:03:bc:40:16:42:40:b5:bf:86:3f:
                    2f:c5:20:70:41:1b:b1:93:3f:39:8f:a8:61:9f:37:
                    be:35:2e:1a:ec:94:4a:3e:b8:21:31:ed:26:c0:50:
                    71:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:15:C7:1F:12:FE:90:BD:79:B5:5C:7C:BF:EF:DF:21:F0:3D:1E:3F
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/chXHHxL-kL15tVx8v-_fIfA9Hj8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:eb:e8:ad:35:0b:b5:86:de:a1:0e:f4:87:50:ce:33:ce:25:
         a9:e8:fe:80:8c:9d:1e:56:15:4d:09:3a:a4:66:4a:a0:3e:cb:
         24:6c:0e:33:28:2e:6f:97:97:46:19:14:ec:3e:db:41:ec:ff:
         9c:00:79:ab:fb:a4:69:92:0d:b2:1b:27:fd:8b:69:d8:a7:3d:
         55:e2:04:d9:99:e0:a5:7c:fd:05:b1:e2:02:34:e7:5d:48:62:
         a7:f3:84:c7:fb:ef:6f:0c:5e:14:2d:19:f4:66:9e:52:49:8e:
         5e:e6:a2:9c:91:be:12:d9:2c:a4:25:68:66:3c:de:04:0d:1e:
         13:7d:9d:e7:c2:2f:b0:08:1c:f3:14:bc:9f:ea:bd:a6:21:d6:
         e2:2a:1a:a6:6f:5b:ab:a2:dc:4c:b6:a2:46:08:11:82:22:7c:
         0b:ec:1b:f6:e8:0e:b5:9e:bf:26:61:b9:cd:a3:fe:5c:10:1a:
         dd:8a:f3:77:aa:3e:97:52:3c:3c:12:b2:85:86:fd:9d:bc:46:
         05:7c:38:d2:16:54:7b:4d:f2:09:2c:2d:fd:6f:0c:8e:b3:26:
         02:e7:99:75:88:84:f7:e7:ac:19:25:95:53:2e:13:40:43:80:
         e9:6f:c5:75:cd:ed:68:64:43:36:fe:5c:00:4a:cc:be:e7:c6:
         64:11:a3:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyQa2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDEw
MTE2MDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzIxNWM3MWYxMmZl
OTBiZDc5YjU1YzdjYmZlZmRmMjFmMDNkMWUzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOX/rl8fS0ORQ1fgB1UPSz5hofpwKlL8lnpH+gn7gyW5uRfR
g58+sbeUlF8k/xgNfhPs0RgovMG73gT14KKE24lls75EcblkP4+fsZlTPdZCG3WO
WKcJAop6BtPHZjEsSnmQYLlAA9NNbwIxaT7mlOCLou6TfbOIXF5hwf6xfqTl6k/G
Piek+bqkr7MaWoL1BWY44iMDl0mkL3XWGCtAwgOVr9s78GV63VuRS+96UoTh31A0
9+uL9hrJ/w6jSFMKVnikNRca6Hx3IrPdBHAwYHUEKaUEucUDvEAWQkC1v4Y/L8Ug
cEEbsZM/OY+oYZ83vjUuGuyUSj64ITHtJsBQcasCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRyFccfEv6QvXm1XHy/798h8D0ePzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L2NoWEhIeEwta0wxNXRWeDh2LV9mSWZBOUhqOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I0DANBgkqhkiG9w0BAQsFAAOC
AQEAL+vorTULtYbeoQ70h1DOM84lqej+gIydHlYVTQk6pGZKoD7LJGwOMygub5eX
RhkU7D7bQez/nAB5q/ukaZINshsn/Ytp2Kc9VeIE2ZngpXz9BbHiAjTnXUhip/OE
x/vvbwxeFC0Z9GaeUkmOXuainJG+EtkspCVoZjzeBA0eE32d58IvsAgc8xS8n+q9
piHW4ioapm9bq6LcTLaiRggRgiJ8C+wb9ugOtZ6/JmG5zaP+XBAa3Yrzd6o+l1I8
PBKyhYb9nbxGBXw40hZUe03yCSwt/W8MjrMmAueZdYiE9+esGSWVUy4TQEOA6W/F
dc3taGRDNv5cAErMvufGZBGjBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org