Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/JYYEp82RQsXimNYyN2O8l4Clb4E.roa
File:                     JYYEp82RQsXimNYyN2O8l4Clb4E.roa (raw, json)
Hash identifier:          hfc2bDNbjOjWqk1UPRVb7ictZofOis0Z/N7wNrlIxUo=
Subject key identifier:   25:86:04:A7:CD:91:42:C5:E2:98:D6:32:37:63:BC:97:80:A5:6F:81
Certificate issuer:       /CN=1d5af3ae21f97ec4ec75d51a85a3e162ed7a9ed7
Certificate serial:       066B1D29
Authority key identifier: 1D:5A:F3:AE:21:F9:7E:C4:EC:75:D5:1A:85:A3:E1:62:ED:7A:9E:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HVrzriH5fsTsddUahaPhYu16ntc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/JYYEp82RQsXimNYyN2O8l4Clb4E.roa
Signing time:             Fri 25 Mar 2022 08:18:40 +0000
ROA not before:           Fri 25 Mar 2022 08:18:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        45.146.162.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107683113 (0x66b1d29)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d5af3ae21f97ec4ec75d51a85a3e162ed7a9ed7
        Validity
            Not Before: Mar 25 08:18:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=258604a7cd9142c5e298d6323763bc9780a56f81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a2:a7:96:cd:47:15:b6:f9:75:13:69:cb:50:
                    1a:bb:92:c0:b7:ec:dc:17:c3:79:28:c1:21:27:88:
                    af:e4:f3:83:ea:d0:b1:48:32:ec:d8:d3:f6:94:6d:
                    06:03:cf:c4:f9:dd:b2:a9:6b:66:55:7c:de:8b:8f:
                    47:5b:d6:85:16:e9:15:02:eb:59:ad:85:fa:21:bc:
                    1d:74:d8:44:03:a1:f5:8d:7d:59:d3:9c:54:9d:59:
                    57:c8:c7:f4:18:b5:33:9e:58:8e:14:fb:c5:21:c5:
                    cf:14:3b:f3:d3:62:9d:08:d6:ab:fa:47:2d:db:18:
                    d0:c2:3c:68:63:2d:87:9a:59:de:22:4d:c7:2b:59:
                    f3:eb:a8:ab:23:7c:ca:16:e5:5e:c8:8b:4d:52:63:
                    92:12:25:00:3e:0e:1c:13:1f:9d:8e:d1:48:2e:91:
                    e5:a7:21:dc:35:1a:51:16:46:5b:fd:2c:40:af:72:
                    bc:cb:df:ad:57:d3:59:7c:dd:ae:d9:35:5d:9f:a8:
                    f7:07:ab:c8:7e:95:bf:0e:fa:c7:cf:3c:9a:6c:73:
                    07:39:fa:f8:1b:79:e1:ea:e7:16:84:05:ad:3c:93:
                    e9:11:e7:37:f3:02:69:d6:b4:20:0a:ba:c6:20:e6:
                    04:bd:25:71:4f:9a:9b:a2:81:d5:9b:fa:3a:ba:c9:
                    a2:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:86:04:A7:CD:91:42:C5:E2:98:D6:32:37:63:BC:97:80:A5:6F:81
            X509v3 Authority Key Identifier:
                keyid:1D:5A:F3:AE:21:F9:7E:C4:EC:75:D5:1A:85:A3:E1:62:ED:7A:9E:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVrzriH5fsTsddUahaPhYu16ntc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/JYYEp82RQsXimNYyN2O8l4Clb4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/HVrzriH5fsTsddUahaPhYu16ntc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:ab:91:f5:4e:ad:56:43:7f:f4:ee:30:87:f7:ee:e8:85:5c:
         bc:2a:ff:1a:11:4f:1b:d6:73:57:98:c4:c7:fa:ab:b7:94:34:
         9b:66:07:38:56:07:2f:d5:c6:e5:f1:57:83:9d:5d:b9:1b:73:
         36:e0:0d:58:66:7f:a9:ed:45:aa:13:57:26:0e:91:a2:08:2f:
         39:4f:4f:02:d1:79:20:2b:ca:cc:ac:0b:c0:a3:8b:f4:e3:9f:
         4e:7f:46:7f:f4:32:2d:fe:37:5e:a7:3a:69:70:a2:71:89:ac:
         95:01:52:5b:2b:96:8b:e5:6b:a9:9d:71:6c:79:e3:d6:51:54:
         c3:43:cd:de:35:88:72:4a:e7:a2:4c:9b:f8:75:56:65:db:35:
         d0:b4:d1:a4:86:87:66:bb:21:d7:0c:c2:75:29:ba:41:49:54:
         b1:5a:21:8a:88:37:e8:73:16:3e:36:c6:62:87:c8:ef:be:9b:
         3f:11:a3:cb:bb:9f:fe:b9:a1:7a:55:a5:e8:4e:e6:87:4c:ee:
         a4:e6:ce:0d:f8:23:c7:cf:f1:d1:8d:c0:98:79:61:37:79:a3:
         f8:33:fe:da:c4:48:50:df:b6:a8:96:4f:b4:0a:17:51:f8:9e:
         83:75:c7:f6:41:0e:d5:e4:0d:7b:06:28:c7:67:7d:80:7a:bf:
         62:ee:f5:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBmsdKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDVhZjNhZTIxZjk3ZWM0ZWM3NWQ1MWE4NWEzZTE2MmVkN2E5ZWQ3MB4XDTIyMDMy
NTA4MTg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjU4NjA0YTdjZDkx
NDJjNWUyOThkNjMyMzc2M2JjOTc4MGE1NmY4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOip5bNRxW2+XUTactQGruSwLfs3BfDeSjBISeIr+Tzg+rQ
sUgy7NjT9pRtBgPPxPndsqlrZlV83ouPR1vWhRbpFQLrWa2F+iG8HXTYRAOh9Y19
WdOcVJ1ZV8jH9Bi1M55YjhT7xSHFzxQ789NinQjWq/pHLdsY0MI8aGMth5pZ3iJN
xytZ8+uoqyN8yhblXsiLTVJjkhIlAD4OHBMfnY7RSC6R5ach3DUaURZGW/0sQK9y
vMvfrVfTWXzdrtk1XZ+o9weryH6Vvw76x888mmxzBzn6+Bt54ernFoQFrTyT6RHn
N/MCada0IAq6xiDmBL0lcU+am6KB1Zv6OrrJojcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQlhgSnzZFCxeKY1jI3Y7yXgKVvgTAfBgNVHSMEGDAWgBQdWvOuIfl+xOx1
1RqFo+Fi7Xqe1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hWcnpyaUg1ZnNUc2RkVWFoYVBoWXUxNm50Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvZDM0YWNmLTNhNWYtNDY0Zi05NWVlLTkwOGJiYTEyYjIxYS8x
L0pZWUVwODJSUXNYaW1OWXlOMk84bDRDbGI0RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
ZDM0YWNmLTNhNWYtNDY0Zi05NWVlLTkwOGJiYTEyYjIxYS8xL0hWcnpyaUg1ZnNU
c2RkVWFoYVBoWXUxNm50Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2SojANBgkqhkiG9w0BAQsFAAOC
AQEAHquR9U6tVkN/9O4wh/fu6IVcvCr/GhFPG9ZzV5jEx/qrt5Q0m2YHOFYHL9XG
5fFXg51duRtzNuANWGZ/qe1FqhNXJg6RoggvOU9PAtF5ICvKzKwLwKOL9OOfTn9G
f/QyLf43Xqc6aXCicYmslQFSWyuWi+VrqZ1xbHnj1lFUw0PN3jWIckrnokyb+HVW
Zds10LTRpIaHZrsh1wzCdSm6QUlUsVohiog36HMWPjbGYofI776bPxGjy7uf/rmh
elWl6E7mh0zupObODfgjx8/x0Y3AmHlhN3mj+DP+2sRIUN+2qJZPtAoXUfieg3XH
9kEO1eQNewYox2d9gHq/Yu71Bw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:02 2023 by rpki-client on console-fra.rpki-client.org