Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/Yf3ablkFL6XBc9z_yBHownUZSLM.roa
File:                     Yf3ablkFL6XBc9z_yBHownUZSLM.roa (raw, json)
Hash identifier:          1mQnerh/2mVFSbJfNQDcgQ6FPniqjzlZVjYt5/BZImo=
Subject key identifier:   61:FD:DA:6E:59:05:2F:A5:C1:73:DC:FF:C8:11:E8:C2:75:19:48:B3
Certificate issuer:       /CN=49f39d6c8b23fcdc20e53174e92fb3f56caa8b61
Certificate serial:       0579A3B7
Authority key identifier: 49:F3:9D:6C:8B:23:FC:DC:20:E5:31:74:E9:2F:B3:F5:6C:AA:8B:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SfOdbIsj_Nwg5TF06S-z9Wyqi2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/Yf3ablkFL6XBc9z_yBHownUZSLM.roa
Signing time:             Sat 01 Jan 2022 07:56:54 +0000
ROA not before:           Sat 01 Jan 2022 07:56:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208789
IP address blocks:        45.85.52.0/22 maxlen: 24
                          2a0e:b880::/31 maxlen: 31

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91857847 (0x579a3b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49f39d6c8b23fcdc20e53174e92fb3f56caa8b61
        Validity
            Not Before: Jan  1 07:56:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=61fdda6e59052fa5c173dcffc811e8c2751948b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:2c:99:b2:4c:c3:11:68:17:8b:f5:a1:5c:83:
                    41:34:5f:60:f7:e2:57:6c:8f:17:b8:bf:81:b7:01:
                    c0:9e:7c:56:66:30:4d:5a:ab:02:89:59:65:e0:5c:
                    5c:11:35:5f:86:25:29:7c:24:39:93:6a:4e:d4:46:
                    a8:3d:f8:45:00:80:20:2d:34:c7:67:d2:a2:6a:64:
                    38:03:76:68:3c:cf:ae:a9:82:3e:be:f4:7a:00:4a:
                    42:b7:5f:a7:2b:50:57:e6:09:f1:fd:d2:04:ba:33:
                    b2:97:67:41:ce:b3:5b:31:f2:28:03:2b:81:60:5e:
                    d6:0d:51:9a:54:67:e6:3f:28:7a:7f:f9:4b:4b:22:
                    93:a3:0b:1e:79:0d:86:eb:a7:df:68:4c:8d:85:31:
                    e5:07:47:f5:0e:aa:14:ae:25:53:11:aa:35:bf:a1:
                    04:22:e4:74:7b:cf:0d:a7:9e:96:86:18:a1:dc:37:
                    cc:0a:7c:f3:49:96:9e:0c:0d:01:e4:72:8e:de:7d:
                    69:7a:a5:4c:bf:35:12:3e:05:47:33:32:86:24:aa:
                    e5:aa:ce:15:98:2c:17:d4:aa:94:0a:88:a8:49:c4:
                    ea:53:44:24:73:7d:c5:d6:00:42:ba:59:df:26:77:
                    ba:c5:db:6c:52:e1:55:22:38:a5:ca:20:9d:76:45:
                    9e:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:FD:DA:6E:59:05:2F:A5:C1:73:DC:FF:C8:11:E8:C2:75:19:48:B3
            X509v3 Authority Key Identifier:
                keyid:49:F3:9D:6C:8B:23:FC:DC:20:E5:31:74:E9:2F:B3:F5:6C:AA:8B:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SfOdbIsj_Nwg5TF06S-z9Wyqi2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/Yf3ablkFL6XBc9z_yBHownUZSLM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/16460f-e498-4f7b-9b90-7a5043c918f9/1/SfOdbIsj_Nwg5TF06S-z9Wyqi2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.52.0/22
                IPv6:
                  2a0e:b880::/31

    Signature Algorithm: sha256WithRSAEncryption
         11:f4:a0:32:4d:2f:b4:9a:be:e4:f7:d7:1d:0b:ed:07:5e:bc:
         74:03:a9:98:a8:eb:bf:62:43:55:e6:c9:e5:6f:05:21:ff:be:
         32:0a:43:6e:70:aa:0d:9c:92:a9:d5:b3:52:ef:56:15:e7:bc:
         26:4e:54:51:83:10:16:4c:53:91:1b:2f:c5:fa:f2:cd:d4:33:
         88:20:19:66:1e:5a:ce:e8:05:0f:0f:26:85:90:15:e8:27:4a:
         f1:d6:be:24:06:2b:6d:fb:6e:42:95:a6:4a:7d:08:88:21:d4:
         d7:3f:1b:ce:e5:1c:44:33:40:7c:78:84:c5:40:38:b1:b7:e5:
         98:0d:63:08:22:cc:70:e8:86:91:1a:75:9d:0a:7b:53:6b:5a:
         8b:6a:72:c8:4a:66:83:f9:d3:01:d0:cb:00:dd:44:48:53:40:
         a4:c5:4d:d1:9b:33:85:9e:8e:3d:53:d9:ea:b6:6a:cb:06:cf:
         10:75:67:d3:b7:63:e7:00:28:a5:fb:7c:41:c0:f8:1b:06:54:
         23:2c:12:cf:58:24:76:a6:5b:ea:71:9b:32:2c:04:9f:4d:06:
         fd:54:ca:9b:e1:8d:56:32:9c:ff:53:20:94:e7:1b:ad:0e:11:
         05:39:6b:2b:6c:b2:9d:c7:e8:91:d4:c4:4d:98:cb:4f:b0:5e:
         9d:47:8b:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBXmjtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OWYzOWQ2YzhiMjNmY2RjMjBlNTMxNzRlOTJmYjNmNTZjYWE4YjYxMB4XDTIyMDEw
MTA3NTY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFmZGRhNmU1OTA1
MmZhNWMxNzNkY2ZmYzgxMWU4YzI3NTE5NDhiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAsmbJMwxFoF4v1oVyDQTRfYPfiV2yPF7i/gbcBwJ58VmYw
TVqrAolZZeBcXBE1X4YlKXwkOZNqTtRGqD34RQCAIC00x2fSompkOAN2aDzPrqmC
Pr70egBKQrdfpytQV+YJ8f3SBLozspdnQc6zWzHyKAMrgWBe1g1RmlRn5j8oen/5
S0sik6MLHnkNhuun32hMjYUx5QdH9Q6qFK4lUxGqNb+hBCLkdHvPDaeeloYYodw3
zAp880mWngwNAeRyjt59aXqlTL81Ej4FRzMyhiSq5arOFZgsF9SqlAqIqEnE6lNE
JHN9xdYAQrpZ3yZ3usXbbFLhVSI4pcognXZFnk8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRh/dpuWQUvpcFz3P/IEejCdRlIszAfBgNVHSMEGDAWgBRJ851siyP83CDl
MXTpL7P1bKqLYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NmT2RiSXNqX053ZzVURjA2Uy16OVd5cWkyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvMTY0NjBmLWU0OTgtNGY3Yi05YjkwLTdhNTA0M2M5MThmOS8x
L1lmM2FibGtGTDZYQmM5el95Qkhvd25VWlNMTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
MTY0NjBmLWU0OTgtNGY3Yi05YjkwLTdhNTA0M2M5MThmOS8xL1NmT2RiSXNqX053
ZzVURjA2Uy16OVd5cWkyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1VNDANBAIAAjAHAwUBKg64gDAN
BgkqhkiG9w0BAQsFAAOCAQEAEfSgMk0vtJq+5PfXHQvtB168dAOpmKjrv2JDVebJ
5W8FIf++MgpDbnCqDZySqdWzUu9WFee8Jk5UUYMQFkxTkRsvxfryzdQziCAZZh5a
zugFDw8mhZAV6CdK8da+JAYrbftuQpWmSn0IiCHU1z8bzuUcRDNAfHiExUA4sbfl
mA1jCCLMcOiGkRp1nQp7U2tai2pyyEpmg/nTAdDLAN1ESFNApMVN0ZszhZ6OPVPZ
6rZqywbPEHVn07dj5wAopft8QcD4GwZUIywSz1gkdqZb6nGbMiwEn00G/VTKm+GN
VjKc/1MglOcbrQ4RBTlrK2yyncfokdTETZjLT7BenUeLFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:23 2024 by rpki-client on console-ams.rpki-client.org