Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/mEd1h0LJpeH0P0N9RKalzWVWfEc.roa
File:                     mEd1h0LJpeH0P0N9RKalzWVWfEc.roa (raw, json)
Hash identifier:          2McmZMyHarGZgNwygNMWNo2y9unewURx8R3B5ecpMqs=
Subject key identifier:   98:47:75:87:42:C9:A5:E1:F4:3F:43:7D:44:A6:A5:CD:65:56:7C:47
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       179C8D56
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/mEd1h0LJpeH0P0N9RKalzWVWfEc.roa
Signing time:             Sat 01 Jan 2022 04:53:59 +0000
ROA not before:           Sat 01 Jan 2022 04:53:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30058
IP address blocks:        45.138.210.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 396135766 (0x179c8d56)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:53:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9847758742c9a5e1f43f437d44a6a5cd65567c47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:1a:95:b0:ff:64:49:53:c5:e8:15:d3:a4:f3:
                    60:7a:fd:f8:0c:5d:12:38:34:a8:05:5c:3d:84:59:
                    36:ec:b0:ee:35:29:0e:0d:8d:46:ea:80:71:14:70:
                    0d:32:39:a4:28:f8:99:dc:15:56:25:5e:be:1f:b6:
                    ab:a7:a8:39:a2:a9:7c:f5:ee:40:b1:1f:1a:f3:53:
                    a2:b6:34:81:c4:ca:51:8c:54:af:d4:66:ce:d1:b8:
                    48:a2:ca:c0:bc:38:5c:ea:92:b6:38:19:62:ed:53:
                    3f:f4:88:e5:fa:c8:85:bc:f2:e5:ee:27:4d:a0:a1:
                    94:c7:ac:e6:55:51:02:16:fb:f2:58:af:27:f7:8a:
                    72:1e:c4:4f:1f:5c:b4:fc:8a:eb:57:1d:8a:69:4c:
                    11:f0:ee:e0:43:11:46:d4:7d:cb:b5:13:92:b9:36:
                    ab:f7:38:11:4a:d1:ea:78:f4:c3:da:83:ed:10:78:
                    5f:1c:cf:fd:bb:12:e1:8d:89:28:41:f4:ed:c0:d7:
                    fd:4d:1f:e6:96:4e:2e:3d:5f:51:cf:47:ea:7c:b0:
                    92:ab:a9:d3:37:c0:a8:84:02:09:8c:8c:a4:84:0f:
                    e7:a5:10:14:66:6e:a9:3b:56:74:f4:5f:19:3a:a8:
                    98:89:a1:c4:3d:7c:c8:fe:25:fb:30:57:55:01:56:
                    8b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:47:75:87:42:C9:A5:E1:F4:3F:43:7D:44:A6:A5:CD:65:56:7C:47
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/mEd1h0LJpeH0P0N9RKalzWVWfEc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:14:ce:a9:e1:36:98:2d:4c:d4:e6:7a:cc:ff:cd:08:ee:eb:
         87:dc:50:e1:5c:d6:7d:6e:58:51:ef:7e:a4:94:e4:f3:d8:9b:
         4a:c8:4f:c1:8e:fa:44:dc:60:81:54:69:b8:b2:76:88:75:70:
         0a:98:71:71:50:55:03:fd:b8:26:37:ef:0a:c6:a4:0b:0d:4c:
         a1:2a:12:8a:7b:05:22:2b:58:a3:7c:d5:fc:5e:93:22:22:1f:
         3d:9a:e4:f2:d1:c7:7a:b7:13:63:4c:85:0c:d9:91:d8:d9:33:
         0d:60:b7:8b:2a:26:8a:84:11:6f:d1:97:b8:82:58:fd:96:c7:
         53:27:ac:1a:21:66:ea:2d:0a:9a:b4:6a:51:8b:06:76:c1:52:
         71:77:83:05:28:b9:07:40:8e:12:b1:48:50:08:96:6c:4c:09:
         28:24:45:e2:1f:16:c2:e8:16:29:60:4f:24:ba:54:cb:cf:a2:
         5f:64:50:f0:15:0c:56:e8:7c:85:72:4f:fa:28:39:10:88:98:
         be:2e:67:68:8b:00:0d:80:70:6d:5f:ee:f8:93:77:c9:e7:d0:
         fa:ca:a3:f7:5f:b1:b1:b5:87:b6:e0:91:1c:ed:ce:69:84:a6:
         59:1e:d7:e2:7b:48:cb:b9:4a:0f:90:99:6c:c3:a6:02:5a:58:
         14:ad:2c:60
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF5yNVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTg0Nzc1ODc0MmM5
YTVlMWY0M2Y0MzdkNDRhNmE1Y2Q2NTU2N2M0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkalbD/ZElTxegV06TzYHr9+AxdEjg0qAVcPYRZNuyw7jUp
Dg2NRuqAcRRwDTI5pCj4mdwVViVevh+2q6eoOaKpfPXuQLEfGvNTorY0gcTKUYxU
r9RmztG4SKLKwLw4XOqStjgZYu1TP/SI5frIhbzy5e4nTaChlMes5lVRAhb78liv
J/eKch7ETx9ctPyK61cdimlMEfDu4EMRRtR9y7UTkrk2q/c4EUrR6nj0w9qD7RB4
XxzP/bsS4Y2JKEH07cDX/U0f5pZOLj1fUc9H6nywkqup0zfAqIQCCYyMpIQP56UQ
FGZuqTtWdPRfGTqomImhxD18yP4l+zBXVQFWi2UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSYR3WHQsml4fQ/Q31EpqXNZVZ8RzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L21FZDFoMExKcGVIMFAwTjlSS2FseldWV2ZFYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2K0jANBgkqhkiG9w0BAQsFAAOC
AQEAUhTOqeE2mC1M1OZ6zP/NCO7rh9xQ4VzWfW5YUe9+pJTk89ibSshPwY76RNxg
gVRpuLJ2iHVwCphxcVBVA/24JjfvCsakCw1MoSoSinsFIitYo3zV/F6TIiIfPZrk
8tHHercTY0yFDNmR2NkzDWC3iyomioQRb9GXuIJY/ZbHUyesGiFm6i0KmrRqUYsG
dsFScXeDBSi5B0COErFIUAiWbEwJKCRF4h8WwugWKWBPJLpUy8+iX2RQ8BUMVuh8
hXJP+ig5EIiYvi5naIsADYBwbV/u+JN3yefQ+sqj91+xsbWHtuCRHO3OaYSmWR7X
4ntIy7lKD5CZbMOmAlpYFK0sYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org