Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/XLnmPpSW7nqQJSeGCAzqGRqx1mw.roa
File:                     XLnmPpSW7nqQJSeGCAzqGRqx1mw.roa (raw, json)
Hash identifier:          TxTidqiHYT3hsK7Qq9FOqIhFn3OuGapnOGUPN97FXWA=
Subject key identifier:   5C:B9:E6:3E:94:96:EE:7A:90:25:27:86:08:0C:EA:19:1A:B1:D6:6C
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17E989E5
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/XLnmPpSW7nqQJSeGCAzqGRqx1mw.roa
Signing time:             Sat 01 Jan 2022 04:54:44 +0000
ROA not before:           Sat 01 Jan 2022 04:54:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209537
IP address blocks:        45.67.18.0/24 maxlen: 32
                          2a06:82c5::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 401181157 (0x17e989e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:54:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5cb9e63e9496ee7a90252786080cea191ab1d66c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:06:7a:63:9a:5a:a2:d5:6e:52:12:d5:15:bb:
                    b1:d7:c8:a3:ab:10:be:4a:19:dc:13:72:5c:44:91:
                    23:dd:7c:db:ee:e3:0f:52:34:f8:0b:63:a8:8c:64:
                    0d:15:7c:ea:31:58:22:90:e3:76:d8:70:74:cd:ac:
                    80:b5:7d:13:26:98:bf:89:a6:6c:ec:c4:de:2e:0e:
                    40:45:d4:aa:5a:2d:7d:7d:51:df:1d:d6:3b:8c:e4:
                    49:b2:22:bf:cb:72:b9:e9:7c:01:a5:95:bc:59:50:
                    9c:20:b7:ba:2b:a2:40:9b:65:8c:1f:63:58:38:b6:
                    0b:0b:39:d2:aa:e3:ab:b4:e8:bf:48:1f:83:62:79:
                    a7:98:a0:21:86:11:90:c0:26:c7:65:c8:b3:91:ba:
                    94:e7:6f:2b:14:ec:0c:d0:bb:79:84:41:bf:7c:94:
                    c9:01:95:93:34:d5:29:f9:cc:53:4f:51:8d:e5:85:
                    68:d0:cb:f1:ec:72:15:e9:d8:33:9c:94:1a:7e:ca:
                    7b:8f:99:6d:9c:24:94:2c:b8:5d:a7:bd:07:98:e2:
                    4d:da:39:46:da:ee:10:60:b6:e0:02:52:1d:66:6d:
                    99:57:46:d5:fa:a2:24:b1:6c:86:53:7d:7a:1b:4a:
                    26:59:dc:9d:df:f3:44:78:10:4a:15:37:d4:58:99:
                    16:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:B9:E6:3E:94:96:EE:7A:90:25:27:86:08:0C:EA:19:1A:B1:D6:6C
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/XLnmPpSW7nqQJSeGCAzqGRqx1mw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.18.0/24
                IPv6:
                  2a06:82c5::/48

    Signature Algorithm: sha256WithRSAEncryption
         c1:d2:fe:64:f4:52:7f:d7:5c:63:07:9e:62:50:4d:63:c3:2c:
         6e:88:f1:62:1f:a3:c3:9e:77:ea:7b:ac:6d:ae:12:b5:39:31:
         25:83:30:74:8e:a1:97:10:cf:cd:19:b0:d9:a8:17:a5:06:55:
         79:60:c5:67:43:c9:80:c5:51:c4:c0:68:7a:f1:37:14:ac:59:
         fa:63:3e:5e:ef:3b:af:32:35:a1:84:8e:ae:08:a6:e4:f2:c6:
         ee:e7:18:53:6e:69:b4:fc:70:b3:3c:3d:d6:e2:4e:51:bb:36:
         42:85:b1:64:1e:69:39:8e:6d:c6:95:27:3f:9f:a5:28:ec:1f:
         27:a0:85:90:20:73:8c:9d:6f:f2:eb:f5:1d:29:c5:96:90:bd:
         f9:b6:99:dc:dd:95:39:4c:b9:99:8c:7d:99:32:40:50:a2:0b:
         e1:e0:8a:60:86:99:3d:4b:ae:84:0b:91:a8:1a:e3:72:82:94:
         3e:2b:35:cc:11:66:8b:88:78:99:b7:36:f4:61:43:aa:96:0c:
         22:44:a2:8e:6f:66:ab:2f:a0:79:47:27:0a:f6:4e:38:e6:fd:
         83:97:95:02:4f:66:2b:7b:d8:76:a5:b2:fe:79:1d:ed:80:20:
         0b:d7:9f:ef:5d:04:65:d4:aa:7a:d5:9c:85:99:3e:d7:c1:85:
         3f:32:0f:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEF+mJ5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNiOWU2M2U5NDk2
ZWU3YTkwMjUyNzg2MDgwY2VhMTkxYWIxZDY2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0GemOaWqLVblIS1RW7sdfIo6sQvkoZ3BNyXESRI9182+7j
D1I0+AtjqIxkDRV86jFYIpDjdthwdM2sgLV9EyaYv4mmbOzE3i4OQEXUqlotfX1R
3x3WO4zkSbIiv8tyuel8AaWVvFlQnCC3uiuiQJtljB9jWDi2Cws50qrjq7Tov0gf
g2J5p5igIYYRkMAmx2XIs5G6lOdvKxTsDNC7eYRBv3yUyQGVkzTVKfnMU09RjeWF
aNDL8exyFenYM5yUGn7Ke4+ZbZwklCy4Xae9B5jiTdo5RtruEGC24AJSHWZtmVdG
1fqiJLFshlN9ehtKJlncnd/zRHgQShU31FiZFk0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRcueY+lJbuepAlJ4YIDOoZGrHWbDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1hMbm1QcFNXN25xUUpTZUdDQXpxR1JxeDFtdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAC1DEjAPBAIAAjAJAwcAKgaCxQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQDB0v5k9FJ/11xjB55iUE1jwyxuiPFiH6PDnnfq
e6xtrhK1OTElgzB0jqGXEM/NGbDZqBelBlV5YMVnQ8mAxVHEwGh68TcUrFn6Yz5e
7zuvMjWhhI6uCKbk8sbu5xhTbmm0/HCzPD3W4k5RuzZChbFkHmk5jm3GlSc/n6Uo
7B8noIWQIHOMnW/y6/UdKcWWkL35tpnc3ZU5TLmZjH2ZMkBQogvh4Ipghpk9S66E
C5GoGuNygpQ+KzXMEWaLiHiZtzb0YUOqlgwiRKKOb2arL6B5RycK9k445v2Dl5UC
T2Yre9h2pbL+eR3tgCAL15/vXQRl1Kp61ZyFmT7XwYU/Mg+l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org