Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/5c8941-5a28-44e1-9395-bd31c5aceb59/1/_6ayvVyXM8L9QTu_qxGimwS69nc.roa
File:                     _6ayvVyXM8L9QTu_qxGimwS69nc.roa (raw, json)
Hash identifier:          n4hcNvgcETVSOhdhqEr/xbP7fHbgljF0lHGL0ilLs/w=
Subject key identifier:   FF:A6:B2:BD:5C:97:33:C2:FD:41:3B:BF:AB:11:A2:9B:04:BA:F6:77
Certificate issuer:       /CN=5791bb1150beac5ea0c724f39d2ce7fccfc1546a
Certificate serial:       056401FF
Authority key identifier: 57:91:BB:11:50:BE:AC:5E:A0:C7:24:F3:9D:2C:E7:FC:CF:C1:54:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V5G7EVC-rF6gxyTznSzn_M_BVGo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/5c8941-5a28-44e1-9395-bd31c5aceb59/1/_6ayvVyXM8L9QTu_qxGimwS69nc.roa
Signing time:             Sat 01 Jan 2022 15:57:56 +0000
ROA not before:           Sat 01 Jan 2022 15:57:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62199
IP address blocks:        185.45.76.0/22 maxlen: 24
                          2a01:49a0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90440191 (0x56401ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5791bb1150beac5ea0c724f39d2ce7fccfc1546a
        Validity
            Not Before: Jan  1 15:57:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ffa6b2bd5c9733c2fd413bbfab11a29b04baf677
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:de:bb:80:72:b8:8f:ac:ee:8e:1c:d5:eb:49:
                    32:bd:02:27:63:30:43:06:7d:39:be:e3:54:8b:28:
                    e9:94:eb:d2:d8:de:8a:aa:f7:62:2e:cd:33:fe:39:
                    9d:98:19:cb:75:43:24:f0:c0:f1:c9:fe:de:d9:ee:
                    0e:a6:bf:20:dc:5d:83:71:ca:a3:38:02:9e:7b:b7:
                    bf:c9:61:cb:1f:db:04:59:ab:4c:bc:ae:3c:69:e8:
                    aa:1b:60:66:34:7e:3e:6c:75:c9:42:c7:bf:e1:ef:
                    86:82:08:18:f1:12:24:73:ca:ac:10:be:cc:46:62:
                    e2:53:43:ac:9c:d7:b8:1a:9f:32:49:80:db:94:1e:
                    11:c7:f3:2a:63:0f:bb:f6:70:bb:a7:1c:27:d6:e6:
                    bb:d0:c6:26:d8:70:0c:6e:11:77:90:8e:6a:5b:f5:
                    13:92:cc:0a:b7:b5:58:a7:20:18:3f:ca:04:36:49:
                    a6:66:7c:c7:e2:d7:e4:0b:20:02:f2:2a:e7:59:cd:
                    49:28:a8:65:93:eb:4b:d3:35:8d:f7:98:92:bc:cc:
                    3d:38:20:2f:ef:68:55:a5:0d:6b:23:ec:15:09:46:
                    38:75:0c:37:2c:72:ef:4e:75:2b:3f:5c:8f:e6:bf:
                    98:58:92:08:b8:06:a0:72:73:85:0a:d7:07:d7:59:
                    a1:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:A6:B2:BD:5C:97:33:C2:FD:41:3B:BF:AB:11:A2:9B:04:BA:F6:77
            X509v3 Authority Key Identifier:
                keyid:57:91:BB:11:50:BE:AC:5E:A0:C7:24:F3:9D:2C:E7:FC:CF:C1:54:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5G7EVC-rF6gxyTznSzn_M_BVGo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5c8941-5a28-44e1-9395-bd31c5aceb59/1/_6ayvVyXM8L9QTu_qxGimwS69nc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5c8941-5a28-44e1-9395-bd31c5aceb59/1/V5G7EVC-rF6gxyTznSzn_M_BVGo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.45.76.0/22
                IPv6:
                  2a01:49a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         2d:30:5f:97:be:4a:56:46:37:ff:bb:2b:4b:36:f8:dd:1a:99:
         01:5b:21:0a:a5:a5:d8:6e:96:ac:d3:f0:64:70:97:d4:12:7e:
         90:04:c0:73:71:db:78:a6:cf:a6:54:63:4e:bf:ba:04:c8:8f:
         00:b0:48:4b:b1:4b:fd:7a:56:78:d4:a9:5e:5d:b5:d6:31:fc:
         96:61:dd:8e:77:ed:81:38:53:a6:21:52:d2:b2:61:c4:35:8f:
         20:cd:6f:25:81:4b:bf:e4:44:c7:90:22:c3:92:06:9c:67:8c:
         8e:43:3c:7f:84:c6:ca:e2:b1:11:22:e3:38:07:6b:b0:b5:68:
         51:b5:65:24:55:4e:25:01:24:3a:ff:23:c4:14:2c:53:bb:d3:
         13:b8:78:c4:fc:35:2a:75:5a:53:a3:f9:63:44:0d:0b:79:b1:
         a4:3a:7b:75:b7:4e:bf:0e:3c:69:eb:c8:22:ab:82:40:d5:96:
         bd:5d:29:4f:12:67:70:bb:c6:8b:7e:e9:88:30:aa:54:1a:e6:
         19:c4:db:ca:e4:94:ba:5c:35:75:f2:cb:06:76:b2:42:90:31:
         81:e4:9a:ac:2b:d9:77:bb:e9:e8:5a:d0:b5:8c:09:09:74:73:
         3a:a9:84:0a:9b:43:25:69:9c:5b:45:58:91:61:b3:bc:e6:f3:
         65:7b:a2:4c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBWQB/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzkxYmIxMTUwYmVhYzVlYTBjNzI0ZjM5ZDJjZTdmY2NmYzE1NDZhMB4XDTIyMDEw
MTE1NTc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZhNmIyYmQ1Yzk3
MzNjMmZkNDEzYmJmYWIxMWEyOWIwNGJhZjY3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI3eu4ByuI+s7o4c1etJMr0CJ2MwQwZ9Ob7jVIso6ZTr0tje
iqr3Yi7NM/45nZgZy3VDJPDA8cn+3tnuDqa/INxdg3HKozgCnnu3v8lhyx/bBFmr
TLyuPGnoqhtgZjR+Pmx1yULHv+HvhoIIGPESJHPKrBC+zEZi4lNDrJzXuBqfMkmA
25QeEcfzKmMPu/Zwu6ccJ9bmu9DGJthwDG4Rd5COalv1E5LMCre1WKcgGD/KBDZJ
pmZ8x+LX5AsgAvIq51nNSSioZZPrS9M1jfeYkrzMPTggL+9oVaUNayPsFQlGOHUM
Nyxy7051Kz9cj+a/mFiSCLgGoHJzhQrXB9dZoa0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT/prK9XJczwv1BO7+rEaKbBLr2dzAfBgNVHSMEGDAWgBRXkbsRUL6sXqDH
JPOdLOf8z8FUajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Y1RzdFVkMtckY2Z3h5VHpuU3puX01fQlZHby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvNWM4OTQxLTVhMjgtNDRlMS05Mzk1LWJkMzFjNWFjZWI1OS8x
L182YXl2VnlYTThMOVFUdV9xeEdpbXdTNjluYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
NWM4OTQxLTVhMjgtNDRlMS05Mzk1LWJkMzFjNWFjZWI1OS8xL1Y1RzdFVkMtckY2
Z3h5VHpuU3puX01fQlZHby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArktTDANBAIAAjAHAwUAKgFJoDAN
BgkqhkiG9w0BAQsFAAOCAQEALTBfl75KVkY3/7srSzb43RqZAVshCqWl2G6WrNPw
ZHCX1BJ+kATAc3HbeKbPplRjTr+6BMiPALBIS7FL/XpWeNSpXl211jH8lmHdjnft
gThTpiFS0rJhxDWPIM1vJYFLv+REx5Aiw5IGnGeMjkM8f4TGyuKxESLjOAdrsLVo
UbVlJFVOJQEkOv8jxBQsU7vTE7h4xPw1KnVaU6P5Y0QNC3mxpDp7dbdOvw48aevI
IquCQNWWvV0pTxJncLvGi37piDCqVBrmGcTbyuSUulw1dfLLBnayQpAxgeSarCvZ
d7vp6FrQtYwJCXRzOqmECptDJWmcW0VYkWGzvObzZXuiTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:18 2024 by rpki-client on console-fra.rpki-client.org