Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/vrEMMtML87coF-9t6bti1FwHy3g.roa
File:                     vrEMMtML87coF-9t6bti1FwHy3g.roa (raw, json)
Hash identifier:          05NyITijZQV5+Tr8NN1mjJjzlhxA3A+rwXgLdo1el8w=
Subject key identifier:   BE:B1:0C:32:D3:0B:F3:B7:28:17:EF:6D:E9:BB:62:D4:5C:07:CB:78
Certificate issuer:       /CN=cac21641bdbcfac24c54b6a4859483c5e41640b6
Certificate serial:       01836408BA499470981B171E8B6335D3396F
Authority key identifier: CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/vrEMMtML87coF-9t6bti1FwHy3g.roa
Signing time:             Thu 22 Sep 2022 07:10:37 +0000
ROA not before:           Thu 22 Sep 2022 07:10:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        45.56.224.0/21 maxlen: 21
                          45.56.236.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:64:08:ba:49:94:70:98:1b:17:1e:8b:63:35:d3:39:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cac21641bdbcfac24c54b6a4859483c5e41640b6
        Validity
            Not Before: Sep 22 07:10:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=beb10c32d30bf3b72817ef6de9bb62d45c07cb78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fb:e5:cd:19:ca:64:9f:b6:b5:de:16:d8:f8:
                    eb:58:0b:6e:34:4f:37:9f:36:a5:0d:b7:ae:08:e5:
                    b6:70:59:81:6f:a7:94:79:06:ea:f6:7c:43:00:51:
                    69:00:0b:0d:c0:05:76:05:66:c8:1a:47:e8:ac:80:
                    50:e0:f2:17:5e:80:eb:19:64:15:c8:d8:31:10:e2:
                    c0:29:8a:c5:40:59:e9:a2:84:6b:1d:a1:e5:43:15:
                    74:1e:37:8b:15:f5:03:1b:18:f2:b5:7c:b5:4a:72:
                    b2:84:bf:ac:f2:26:d1:b6:60:32:f3:92:6d:90:ec:
                    e0:99:eb:25:1e:9b:2a:19:b4:83:80:f6:b3:c5:03:
                    38:a8:f7:6d:4b:62:c2:e3:7c:31:bc:24:e4:12:96:
                    e2:cb:4a:d5:39:f1:5d:46:27:81:95:25:fd:f8:67:
                    69:11:10:1d:b7:7d:85:7c:c5:98:c8:c2:f4:84:82:
                    31:15:e7:90:82:24:02:3d:4c:16:0d:44:2c:d8:39:
                    7c:b2:92:5a:7d:b8:6b:52:49:5e:c0:e1:70:82:46:
                    32:5b:78:3e:bd:f8:99:66:ad:34:ba:0d:f1:e1:58:
                    25:8c:44:62:b2:11:76:00:90:26:ce:f3:5e:80:f4:
                    5a:ef:f1:37:d5:d5:92:73:f4:a6:5c:bc:8a:1d:a5:
                    d6:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:B1:0C:32:D3:0B:F3:B7:28:17:EF:6D:E9:BB:62:D4:5C:07:CB:78
            X509v3 Authority Key Identifier:
                keyid:CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/vrEMMtML87coF-9t6bti1FwHy3g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ysIWQb28-sJMVLakhZSDxeQWQLY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.56.224.0/21
                  45.56.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0a:dd:8b:62:6a:a3:9f:cb:6b:40:91:d1:13:19:cd:f3:ac:aa:
         7b:e2:b6:73:1a:39:1a:cc:0a:32:cf:2d:68:91:dc:dd:f9:f4:
         7e:94:f5:5b:3a:1b:88:b4:8e:c8:f1:4a:0b:c0:6f:9f:5c:5a:
         2e:e5:b4:bb:87:fb:a6:1b:fc:ad:c0:4f:f8:88:02:41:1a:82:
         74:1e:14:4b:3b:41:46:ac:ed:6b:bb:1e:37:e6:93:2f:43:ff:
         47:9b:d9:a1:c1:1f:db:38:9c:15:66:ed:7c:ef:a4:7c:55:33:
         bf:54:5f:b4:cc:90:bd:77:d6:e7:26:28:53:13:4b:4c:86:cf:
         b3:87:27:99:1c:74:4b:1e:ee:b2:41:fb:6f:cb:4f:02:7d:eb:
         e3:44:ec:3e:63:98:91:95:61:9b:19:b4:d8:97:a2:f1:c0:66:
         4b:5a:e9:57:b3:f5:bf:fb:3c:e3:6b:97:a4:cf:db:59:ee:6f:
         1f:c6:75:da:c0:c1:88:90:53:1f:ba:79:9a:de:79:8d:ab:33:
         de:e4:4b:aa:1b:00:77:0b:44:e3:86:60:92:ee:04:41:a9:9d:
         2f:18:2a:62:e8:9a:8f:40:90:53:75:de:c8:32:00:ac:be:ab:
         88:9e:5e:fb:8a:23:b1:d8:bd:29:f0:4f:65:ca:8d:ac:f6:00:
         db:e9:65:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNkCLpJlHCYGxcei2M10zlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYzIxNjQxYmRiY2ZhYzI0YzU0YjZhNDg1OTQ4M2M1ZTQx
NjQwYjYwHhcNMjIwOTIyMDcxMDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWIxMGMzMmQzMGJmM2I3MjgxN2VmNmRlOWJiNjJkNDVjMDdjYjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvvlzRnKZJ+2td4W2PjrWAtuNE83
nzalDbeuCOW2cFmBb6eUeQbq9nxDAFFpAAsNwAV2BWbIGkforIBQ4PIXXoDrGWQV
yNgxEOLAKYrFQFnpooRrHaHlQxV0HjeLFfUDGxjytXy1SnKyhL+s8ibRtmAy85Jt
kOzgmeslHpsqGbSDgPazxQM4qPdtS2LC43wxvCTkEpbiy0rVOfFdRieBlSX9+Gdp
ERAdt32FfMWYyML0hIIxFeeQgiQCPUwWDUQs2Dl8spJafbhrUklewOFwgkYyW3g+
vfiZZq00ug3x4VgljERishF2AJAmzvNegPRa7/E31dWSc/SmXLyKHaXW4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL6xDDLTC/O3KBfvbem7YtRcB8t4MB8GA1UdIwQY
MBaAFMrCFkG9vPrCTFS2pIWUg8XkFkC2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXNJV1FiMjgtc0pNVkxha2haU0R4ZVFXUUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84NzdlNDAtNmNhMS00YTJiLTg5YTUt
OGFiZjVlZTZjNGFkLzEvdnJFTU10TUw4N2NvRi05dDZidGkxRndIeTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84NzdlNDAtNmNhMS00YTJiLTg5YTUtOGFiZjVlZTZjNGFk
LzEveXNJV1FiMjgtc0pNVkxha2haU0R4ZVFXUUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLTjgAwQB
LTjsMA0GCSqGSIb3DQEBCwUAA4IBAQAK3YtiaqOfy2tAkdETGc3zrKp74rZzGjka
zAoyzy1okdzd+fR+lPVbOhuItI7I8UoLwG+fXFou5bS7h/umG/ytwE/4iAJBGoJ0
HhRLO0FGrO1rux435pMvQ/9Hm9mhwR/bOJwVZu1876R8VTO/VF+0zJC9d9bnJihT
E0tMhs+zhyeZHHRLHu6yQftvy08CfevjROw+Y5iRlWGbGbTYl6LxwGZLWulXs/W/
+zzja5ekz9tZ7m8fxnXawMGIkFMfunma3nmNqzPe5EuqGwB3C0TjhmCS7gRBqZ0v
GCpi6JqPQJBTdd7IMgCsvquInl77iiOx2L0p8E9lyo2s9gDb6WXH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:29 2024 by rpki-client on console-fra.rpki-client.org