Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/iTf1cvDYVNQg9HFynMTjzw0-3sU.roa
File:                     iTf1cvDYVNQg9HFynMTjzw0-3sU.roa (raw, json)
Hash identifier:          WTDlhRzGIkLEtf0BwCBxthEj2iC2sZAyJpynFPR9dto=
Subject key identifier:   89:37:F5:72:F0:D8:54:D4:20:F4:71:72:9C:C4:E3:CF:0D:3E:DE:C5
Certificate issuer:       /CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Certificate serial:       0183563AFEC56EF233D9BBBDB9C930DE57D1
Authority key identifier: BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/iTf1cvDYVNQg9HFynMTjzw0-3sU.roa
Signing time:             Mon 19 Sep 2022 14:50:50 +0000
ROA not before:           Mon 19 Sep 2022 14:50:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        45.85.240.0/24 maxlen: 24
                          45.85.241.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:56:3a:fe:c5:6e:f2:33:d9:bb:bd:b9:c9:30:de:57:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
        Validity
            Not Before: Sep 19 14:50:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8937f572f0d854d420f471729cc4e3cf0d3edec5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d4:15:3b:21:3f:e7:82:d7:5f:33:cc:20:ab:
                    43:0a:87:74:78:55:9d:e4:4e:dc:17:45:0e:6a:25:
                    29:09:96:b3:10:ea:98:98:95:09:38:9a:27:75:4f:
                    54:92:cf:9e:bc:52:80:8c:df:4d:49:43:5d:a7:25:
                    e3:a2:19:55:67:a2:63:85:75:d5:6c:d4:e8:7a:43:
                    21:ec:0c:90:f4:e5:ab:47:ed:ab:f4:e1:d9:3a:f8:
                    be:15:bc:f0:38:35:5b:27:3f:a8:23:03:55:f7:3f:
                    a7:85:41:99:22:42:21:d6:1c:c0:82:51:2c:7c:cf:
                    45:f0:96:f7:e1:05:45:ce:af:a3:ff:54:e3:7f:e6:
                    a1:4a:16:49:32:e4:4d:0b:09:a4:a0:1e:7e:73:e9:
                    66:8d:3d:04:a2:00:13:26:8e:a2:a4:7a:7c:a5:47:
                    5c:75:2f:b0:24:b1:15:91:d8:32:d9:be:92:5f:ab:
                    52:e7:0c:51:4b:8b:8d:b8:f7:dc:ec:be:43:ca:8e:
                    4d:cc:75:81:09:b7:b5:3a:b6:22:ca:9d:7f:02:f2:
                    e4:bc:82:4a:ba:37:37:35:ba:73:74:a4:69:c8:bc:
                    6c:ac:a6:25:c8:3b:84:21:01:c7:dd:fb:dd:ef:14:
                    98:e9:a8:3c:ab:df:fd:4c:a4:52:57:97:ff:a2:27:
                    64:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:37:F5:72:F0:D8:54:D4:20:F4:71:72:9C:C4:E3:CF:0D:3E:DE:C5
            X509v3 Authority Key Identifier:
                keyid:BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/iTf1cvDYVNQg9HFynMTjzw0-3sU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.240.0/23

    Signature Algorithm: sha256WithRSAEncryption
         92:e3:4d:f9:de:a5:8f:a9:29:e5:62:67:78:fd:0c:f0:18:66:
         2d:e3:6d:1b:a1:b1:36:36:3a:ef:2f:64:06:1e:ab:dd:48:e5:
         04:63:94:be:c3:54:bb:5b:c6:9b:82:40:4d:73:b8:f0:03:aa:
         8a:ce:e1:ce:f6:46:5a:00:43:60:b4:87:cf:1a:47:3f:93:17:
         71:02:80:fa:58:24:8b:2c:eb:17:47:cc:33:49:44:84:14:6d:
         06:2d:01:bf:5e:92:75:77:4b:e1:3b:51:9f:04:10:3e:12:64:
         e9:a4:4e:31:5e:da:65:aa:92:f9:82:02:a7:e0:37:c9:f9:17:
         cc:cc:cb:6e:1b:12:38:ca:e9:aa:e9:54:03:88:7c:8f:8a:a3:
         26:21:db:e6:7d:6d:34:a7:47:01:1c:16:2c:22:b2:fc:0b:88:
         a8:46:b4:1c:af:c0:4e:e8:6e:ea:db:b1:e0:a8:72:1e:c6:2e:
         84:8c:a1:5e:fc:fa:91:75:e3:a2:d2:7a:ba:c3:66:da:f1:de:
         42:cb:ac:84:0e:b1:09:a2:60:14:b0:40:ed:1a:ae:72:22:33:
         7d:14:31:65:db:54:a4:f0:9e:ab:6d:b3:e9:31:d9:7e:27:91:
         f8:54:e0:ff:dd:e6:6b:ca:5e:86:22:20:76:3d:57:14:ca:e3:
         7a:48:bc:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNWOv7FbvIz2bu9uckw3lfRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYjgzZTk5YmY3MjU0Zjk0ODA1N2E1ZTk4MWJlNmZhNWMy
MDU0ZGQwHhcNMjIwOTE5MTQ1MDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTM3ZjU3MmYwZDg1NGQ0MjBmNDcxNzI5Y2M0ZTNjZjBkM2VkZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNQVOyE/54LXXzPMIKtDCod0eFWd
5E7cF0UOaiUpCZazEOqYmJUJOJondU9Uks+evFKAjN9NSUNdpyXjohlVZ6JjhXXV
bNToekMh7AyQ9OWrR+2r9OHZOvi+FbzwODVbJz+oIwNV9z+nhUGZIkIh1hzAglEs
fM9F8Jb34QVFzq+j/1Tjf+ahShZJMuRNCwmkoB5+c+lmjT0EogATJo6ipHp8pUdc
dS+wJLEVkdgy2b6SX6tS5wxRS4uNuPfc7L5Dyo5NzHWBCbe1OrYiyp1/AvLkvIJK
ujc3NbpzdKRpyLxsrKYlyDuEIQHH3fvd7xSY6ag8q9/9TKRSV5f/oidk/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIk39XLw2FTUIPRxcpzE488NPt7FMB8GA1UdIwQY
MBaAFL24Ppm/clT5SAV6Xpgb5vpcIFTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEt
ZTQ5NWFhYTBjYWMwLzEvaVRmMWN2RFlWTlFnOUhGeW5NVGp6dzAtM3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEtZTQ5NWFhYTBjYWMw
LzEvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVXwMA0G
CSqGSIb3DQEBCwUAA4IBAQCS40353qWPqSnlYmd4/QzwGGYt420bobE2NjrvL2QG
HqvdSOUEY5S+w1S7W8abgkBNc7jwA6qKzuHO9kZaAENgtIfPGkc/kxdxAoD6WCSL
LOsXR8wzSUSEFG0GLQG/XpJ1d0vhO1GfBBA+EmTppE4xXtplqpL5ggKn4DfJ+RfM
zMtuGxI4yumq6VQDiHyPiqMmIdvmfW00p0cBHBYsIrL8C4ioRrQcr8BO6G7q27Hg
qHIexi6EjKFe/PqRdeOi0nq6w2ba8d5Cy6yEDrEJomAUsEDtGq5yIjN9FDFl21Sk
8J6rbbPpMdl+J5H4VOD/3eZryl6GIiB2PVcUyuN6SLyi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:59 2024 by rpki-client on console-fra.rpki-client.org