Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yV260-IgYJVihu5E2wmhYrQBj0k.roa
File:                     yV260-IgYJVihu5E2wmhYrQBj0k.roa (raw, json)
Hash identifier:          nvPbkPw7QCJII2eAsNnFOy9hYl2L4NoP3UmBpA1iHOU=
Subject key identifier:   C9:5D:BA:D3:E2:20:60:95:62:86:EE:44:DB:09:A1:62:B4:01:8F:49
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       018448A086A4BBFDD45477C519733EE466D6
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yV260-IgYJVihu5E2wmhYrQBj0k.roa
Signing time:             Sat 05 Nov 2022 16:29:50 +0000
ROA not before:           Sat 05 Nov 2022 16:29:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     149485
IP address blocks:        45.138.211.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:48:a0:86:a4:bb:fd:d4:54:77:c5:19:73:3e:e4:66:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Nov  5 16:29:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c95dbad3e22060956286ee44db09a162b4018f49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:7c:fc:be:53:b0:4d:8e:96:28:c7:b1:73:07:
                    49:fe:59:6d:36:ad:af:a9:d6:29:11:21:14:3a:08:
                    5d:61:1d:da:5f:e0:85:40:a0:30:71:8e:23:ab:8e:
                    bb:d9:05:b5:4e:95:7a:16:88:06:a2:98:10:e1:a8:
                    85:2a:39:f7:66:6b:79:7a:a9:e0:0f:ed:b5:1b:72:
                    f7:7f:de:54:cf:6e:f3:fa:50:12:e0:cd:60:66:cd:
                    c9:b1:ea:3f:11:b3:ee:9b:0a:4d:9f:3f:d2:b9:fc:
                    c4:60:fb:ae:04:d5:0e:39:4d:06:eb:80:23:4a:d5:
                    1c:67:22:74:aa:7d:ea:1d:80:9c:e9:65:5a:f0:d2:
                    04:e7:61:a2:3e:58:10:fa:7f:b3:43:33:db:83:cd:
                    ef:b7:58:c7:c6:62:9b:15:ca:7b:9f:79:27:f8:c2:
                    a6:52:d6:e0:fd:93:7f:b0:eb:df:95:3a:b9:82:af:
                    24:7d:bd:3d:6f:a5:ec:91:94:a6:6c:44:57:89:9a:
                    50:92:19:8f:ee:74:2f:ff:6a:f0:6e:70:20:71:d6:
                    56:a9:0e:7f:0c:5f:81:51:47:12:91:7a:0e:0b:05:
                    1b:90:73:e6:49:93:5e:be:38:43:4b:aa:00:31:3c:
                    e0:4f:30:63:5b:0c:99:f8:7f:01:ea:64:40:43:13:
                    d7:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:5D:BA:D3:E2:20:60:95:62:86:EE:44:DB:09:A1:62:B4:01:8F:49
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yV260-IgYJVihu5E2wmhYrQBj0k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:7b:fa:51:9b:82:d4:76:73:fc:95:c5:7d:e4:aa:4c:9a:b2:
         fb:6a:86:a8:d7:fe:6c:e9:cc:e6:30:21:30:f3:9b:93:95:1b:
         64:d5:6e:1f:a6:ae:75:cb:ad:f6:88:84:90:ba:37:53:d9:26:
         f0:71:bd:57:9f:d0:b5:4c:bc:52:9a:e4:fa:22:f2:58:02:9a:
         80:51:16:19:60:b4:10:ec:fb:a3:9a:73:b3:fd:4f:a0:ff:ae:
         6c:86:b5:81:b8:2e:9f:f2:e2:11:c0:98:ad:ef:fb:49:ca:21:
         af:12:6b:11:7a:cc:4b:a4:fa:e3:e6:bd:80:e7:44:a8:a6:96:
         03:c8:64:34:52:61:9a:41:67:6a:31:39:29:3b:46:63:39:04:
         41:52:90:10:a4:1b:4c:d6:b7:fb:a8:13:8c:d2:0e:d5:0b:1f:
         a6:b4:82:51:cc:53:61:46:ea:89:a9:b0:c3:d1:db:e4:56:32:
         0b:17:90:9b:c3:5e:bb:18:97:c0:11:de:78:ac:85:a5:1d:29:
         f2:32:82:94:09:90:c0:ff:26:f4:94:6c:2b:7f:97:03:2c:d4:
         02:3d:86:22:75:d9:ea:dd:8f:37:98:64:b5:c3:f8:45:42:f5:
         52:2b:72:88:45:2a:45:11:6c:17:b1:8c:a6:e8:60:2b:72:ae:
         94:a2:73:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRIoIaku/3UVHfFGXM+5GbWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjIxMTA1MTYyOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTVkYmFkM2UyMjA2MDk1NjI4NmVlNDRkYjA5YTE2MmI0MDE4ZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3z8vlOwTY6WKMexcwdJ/lltNq2v
qdYpESEUOghdYR3aX+CFQKAwcY4jq4672QW1TpV6FogGopgQ4aiFKjn3Zmt5eqng
D+21G3L3f95Uz27z+lAS4M1gZs3Jseo/EbPumwpNnz/SufzEYPuuBNUOOU0G64Aj
StUcZyJ0qn3qHYCc6WVa8NIE52GiPlgQ+n+zQzPbg83vt1jHxmKbFcp7n3kn+MKm
Utbg/ZN/sOvflTq5gq8kfb09b6XskZSmbERXiZpQkhmP7nQv/2rwbnAgcdZWqQ5/
DF+BUUcSkXoOCwUbkHPmSZNevjhDS6oAMTzgTzBjWwyZ+H8B6mRAQxPXWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMldutPiIGCVYobuRNsJoWK0AY9JMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEveVYyNjAtSWdZSlZpaHU1RTJ3bWhZclFCajBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYrTMA0G
CSqGSIb3DQEBCwUAA4IBAQCte/pRm4LUdnP8lcV95KpMmrL7aoao1/5s6czmMCEw
85uTlRtk1W4fpq51y632iISQujdT2Sbwcb1Xn9C1TLxSmuT6IvJYApqAURYZYLQQ
7PujmnOz/U+g/65shrWBuC6f8uIRwJit7/tJyiGvEmsResxLpPrj5r2A50SoppYD
yGQ0UmGaQWdqMTkpO0ZjOQRBUpAQpBtM1rf7qBOM0g7VCx+mtIJRzFNhRuqJqbDD
0dvkVjILF5Cbw167GJfAEd54rIWlHSnyMoKUCZDA/yb0lGwrf5cDLNQCPYYiddnq
3Y83mGS1w/hFQvVSK3KIRSpFEWwXsYym6GArcq6UonN3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org