Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/stufVNo8rv5gSoRzbVfLUa7gtRM.roa
File:                     stufVNo8rv5gSoRzbVfLUa7gtRM.roa (raw, json)
Hash identifier:          HgVuisYjS7DDLMrzlu3STq+0x3/xGy8vS9VWz6X4igQ=
Subject key identifier:   B2:DB:9F:54:DA:3C:AE:FE:60:4A:84:73:6D:57:CB:51:AE:E0:B5:13
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       018448A08526A52793334D2C94F218B08F88
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/stufVNo8rv5gSoRzbVfLUa7gtRM.roa
Signing time:             Sat 05 Nov 2022 16:29:50 +0000
ROA not before:           Sat 05 Nov 2022 16:29:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60068
IP address blocks:        45.138.211.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:48:a0:85:26:a5:27:93:33:4d:2c:94:f2:18:b0:8f:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Nov  5 16:29:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b2db9f54da3caefe604a84736d57cb51aee0b513
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:de:fd:94:ce:36:30:85:f1:f0:39:eb:28:3e:
                    1f:22:3f:4d:77:85:79:d9:0a:bc:35:83:84:01:cc:
                    99:4c:54:ea:a2:79:0a:6e:70:eb:ce:49:61:95:97:
                    14:22:e4:2b:ac:e2:df:dd:68:8f:a2:df:7b:13:25:
                    06:e6:21:aa:5a:66:31:09:57:87:29:a0:22:b0:6d:
                    4b:77:b1:22:8b:85:56:2e:ab:18:f4:c7:fa:8c:8b:
                    7c:60:8d:96:e7:f0:e0:52:fc:b3:01:f1:28:ac:b6:
                    11:69:27:55:31:46:75:55:87:60:4a:dc:75:a7:f4:
                    db:28:c4:0d:13:c6:9c:69:05:32:3e:95:2a:a3:25:
                    95:16:c9:ef:dd:72:fe:35:2e:00:f7:56:69:6b:8b:
                    1e:ae:f5:f3:bc:5e:d6:73:d6:f8:0c:78:8b:e7:ce:
                    d4:79:c4:e2:45:0e:6e:03:3c:00:b0:b9:96:c5:3e:
                    14:f9:f2:9e:a1:b6:98:11:51:bc:7d:5c:da:54:1c:
                    d1:dc:bd:93:08:d8:b2:53:cd:b6:e7:1c:62:6c:1e:
                    20:ca:b3:e7:85:64:d9:fe:91:ba:71:cd:32:91:0a:
                    6f:d2:60:aa:48:14:b5:9c:10:9d:48:3e:30:6f:65:
                    94:b5:99:b1:12:e6:5b:1b:d6:07:cd:6c:61:c8:c6:
                    3d:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:DB:9F:54:DA:3C:AE:FE:60:4A:84:73:6D:57:CB:51:AE:E0:B5:13
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/stufVNo8rv5gSoRzbVfLUa7gtRM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:6f:d0:23:1b:6d:32:fa:95:c9:0e:1a:dd:ed:c7:7e:50:6a:
         1a:37:d2:c8:fb:53:8d:30:de:6d:e3:b1:5d:68:c1:fb:cc:dc:
         c0:c1:09:54:c5:ee:4c:c9:3d:28:7c:7d:fe:d2:8a:79:f8:25:
         16:3b:d5:29:f0:03:ee:d9:bf:fd:02:53:3a:0e:c7:46:74:b3:
         50:9b:a2:27:bb:41:e2:df:28:0e:a4:53:cb:a8:8a:8f:3f:fb:
         74:72:ea:e1:23:54:b7:7c:ed:b2:6d:31:ac:b3:55:5c:cd:8e:
         f0:29:3f:ba:8e:e0:d4:c6:77:f2:69:cc:a6:6e:24:e6:20:08:
         71:cf:f7:b9:7e:e8:94:4d:70:45:90:91:fe:17:10:4e:53:9f:
         86:0b:3b:cd:b8:00:53:88:c4:5c:9a:5a:ad:f1:80:7a:25:a3:
         7f:db:a0:bd:03:29:9e:50:cc:3c:6c:2b:e3:68:49:ca:40:44:
         3e:05:87:d6:ca:c5:d0:b9:6e:54:54:9a:d0:69:5a:88:7b:ba:
         af:67:92:bf:c8:f2:bf:0d:dd:03:53:20:b9:11:bc:8f:fa:cd:
         e4:e7:5c:c1:38:c1:1c:bf:01:e3:be:4e:d9:2d:ec:5c:0e:af:
         5d:f2:15:96:33:83:43:40:9e:3b:db:db:b4:17:2c:f4:99:0c:
         95:1c:c8:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRIoIUmpSeTM00slPIYsI+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjIxMTA1MTYyOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRiOWY1NGRhM2NhZWZlNjA0YTg0NzM2ZDU3Y2I1MWFlZTBiNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN79lM42MIXx8DnrKD4fIj9Nd4V5
2Qq8NYOEAcyZTFTqonkKbnDrzklhlZcUIuQrrOLf3WiPot97EyUG5iGqWmYxCVeH
KaAisG1Ld7Eii4VWLqsY9Mf6jIt8YI2W5/DgUvyzAfEorLYRaSdVMUZ1VYdgStx1
p/TbKMQNE8acaQUyPpUqoyWVFsnv3XL+NS4A91Zpa4servXzvF7Wc9b4DHiL587U
ecTiRQ5uAzwAsLmWxT4U+fKeobaYEVG8fVzaVBzR3L2TCNiyU8225xxibB4gyrPn
hWTZ/pG6cc0ykQpv0mCqSBS1nBCdSD4wb2WUtZmxEuZbG9YHzWxhyMY9+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLbn1TaPK7+YEqEc21Xy1Gu4LUTMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvc3R1ZlZObzhydjVnU29SemJWZkxVYTdndFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYrTMA0G
CSqGSIb3DQEBCwUAA4IBAQAzb9AjG20y+pXJDhrd7cd+UGoaN9LI+1ONMN5t47Fd
aMH7zNzAwQlUxe5MyT0ofH3+0op5+CUWO9Up8APu2b/9AlM6DsdGdLNQm6Inu0Hi
3ygOpFPLqIqPP/t0curhI1S3fO2ybTGss1VczY7wKT+6juDUxnfyacymbiTmIAhx
z/e5fuiUTXBFkJH+FxBOU5+GCzvNuABTiMRcmlqt8YB6JaN/26C9AymeUMw8bCvj
aEnKQEQ+BYfWysXQuW5UVJrQaVqIe7qvZ5K/yPK/Dd0DUyC5EbyP+s3k51zBOMEc
vwHjvk7ZLexcDq9d8hWWM4NDQJ4729u0Fyz0mQyVHMi0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org