Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/BtXFQmc9RcV4JuwRkGW38AOpEJY.roa
File:                     BtXFQmc9RcV4JuwRkGW38AOpEJY.roa (raw, json)
Hash identifier:          VBc3Ps2ltINYyRwkn23lOj9ywjZwMHTL1n+QMjIPH74=
Subject key identifier:   06:D5:C5:42:67:3D:45:C5:78:26:EC:11:90:65:B7:F0:03:A9:10:96
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17E8244A
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/BtXFQmc9RcV4JuwRkGW38AOpEJY.roa
Signing time:             Sat 01 Jan 2022 04:54:43 +0000
ROA not before:           Sat 01 Jan 2022 04:54:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209484
IP address blocks:        45.142.60.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 401089610 (0x17e8244a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=06d5c542673d45c57826ec119065b7f003a91096
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:94:a7:04:1f:e7:ab:8a:df:00:80:12:36:e9:
                    60:1e:16:da:99:bb:58:2b:86:6c:d0:f0:42:4d:51:
                    82:6b:06:74:6d:c4:a5:f9:72:1e:fb:81:91:97:f6:
                    cc:fa:03:fe:d6:63:30:14:d3:6a:b6:5c:6a:f9:42:
                    36:8f:7f:c1:50:48:01:65:3b:91:47:e1:3d:fc:bd:
                    02:98:30:c0:0c:ae:dc:f7:85:2f:b5:e6:7a:16:bb:
                    18:80:6c:6a:2c:32:76:a9:c4:34:fb:f1:b5:ab:df:
                    b8:fa:d2:81:06:11:27:df:19:03:3a:e7:4c:4e:cb:
                    f6:51:14:83:9f:31:2f:16:c3:50:bc:16:f3:60:d0:
                    60:27:92:7c:8e:63:f2:98:d7:aa:37:51:93:2c:99:
                    8e:41:df:c2:83:c6:2a:50:38:a6:54:a8:ff:cf:fa:
                    58:79:15:f7:52:2d:a3:16:ac:5b:99:95:ea:29:16:
                    ff:2e:51:b8:7e:64:fa:8c:f3:9c:db:74:35:ed:26:
                    66:d9:1b:9a:53:84:50:bd:7b:c8:f4:21:78:4d:3c:
                    f8:43:9c:7c:a9:2f:1c:2d:79:0e:f8:d3:ee:22:52:
                    5d:23:dc:e7:b2:f3:ad:83:3a:22:99:ce:9b:a2:50:
                    3b:53:e9:ed:67:cb:09:fb:48:b7:2c:27:7b:7e:50:
                    c1:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:D5:C5:42:67:3D:45:C5:78:26:EC:11:90:65:B7:F0:03:A9:10:96
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/BtXFQmc9RcV4JuwRkGW38AOpEJY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:03:88:b8:b4:3c:d3:23:58:ee:1a:b9:9c:dc:8d:42:74:22:
         74:05:9f:bd:01:75:0c:65:f5:83:02:4c:d2:7a:d7:c2:da:95:
         44:e5:5a:a5:31:85:b2:06:e4:cc:f0:12:a0:07:af:5f:94:ed:
         e3:13:6f:35:e7:a0:3d:9d:76:eb:be:2c:67:ba:c1:c7:b7:9c:
         3c:1e:86:77:08:2a:11:d4:c2:9a:80:11:d3:c7:8a:e3:24:3c:
         31:d8:d8:97:54:b6:ed:bb:18:05:fc:3b:6e:45:c4:de:f8:aa:
         53:dc:ce:11:6c:86:83:0d:bf:91:cd:de:75:20:84:50:14:3a:
         e0:c9:0b:8a:8c:04:1d:3d:51:9f:e3:db:3c:fb:a8:10:93:7f:
         e7:8c:82:0e:ec:ad:f6:9e:81:fd:78:1e:31:99:56:cc:a7:1a:
         aa:16:42:e5:25:1b:17:10:9e:77:96:00:b3:80:11:36:ab:3b:
         97:80:ce:7a:d1:52:e0:99:6f:97:a2:7c:a9:a4:bc:14:e6:aa:
         58:6d:58:a4:b6:76:bc:db:c1:9f:0e:0a:1e:3d:a0:ec:20:40:
         0c:9e:32:b2:a6:fe:20:78:b0:24:ed:a3:9b:8d:f7:fe:fa:76:
         bd:e5:90:f6:c3:ee:56:5c:2c:6d:0b:bc:03:48:36:ca:04:f3:
         38:7e:0f:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF+gkSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZkNWM1NDI2NzNk
NDVjNTc4MjZlYzExOTA2NWI3ZjAwM2E5MTA5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+UpwQf56uK3wCAEjbpYB4W2pm7WCuGbNDwQk1RgmsGdG3E
pflyHvuBkZf2zPoD/tZjMBTTarZcavlCNo9/wVBIAWU7kUfhPfy9ApgwwAyu3PeF
L7Xmeha7GIBsaiwydqnENPvxtavfuPrSgQYRJ98ZAzrnTE7L9lEUg58xLxbDULwW
82DQYCeSfI5j8pjXqjdRkyyZjkHfwoPGKlA4plSo/8/6WHkV91ItoxasW5mV6ikW
/y5RuH5k+ozznNt0Ne0mZtkbmlOEUL17yPQheE08+EOcfKkvHC15DvjT7iJSXSPc
57LzrYM6IpnOm6JQO1Pp7WfLCftItywne35QwRcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQG1cVCZz1FxXgm7BGQZbfwA6kQljAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0J0WEZRbWM5UmNWNEp1d1JrR1czOEFPcEVKWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2OPDANBgkqhkiG9w0BAQsFAAOC
AQEAogOIuLQ80yNY7hq5nNyNQnQidAWfvQF1DGX1gwJM0nrXwtqVROVapTGFsgbk
zPASoAevX5Tt4xNvNeegPZ12674sZ7rBx7ecPB6GdwgqEdTCmoAR08eK4yQ8MdjY
l1S27bsYBfw7bkXE3viqU9zOEWyGgw2/kc3edSCEUBQ64MkLiowEHT1Rn+PbPPuo
EJN/54yCDuyt9p6B/XgeMZlWzKcaqhZC5SUbFxCed5YAs4ARNqs7l4DOetFS4Jlv
l6J8qaS8FOaqWG1YpLZ2vNvBnw4KHj2g7CBADJ4ysqb+IHiwJO2jm433/vp2veWQ
9sPuVlwsbQu8A0g2ygTzOH4PeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org