Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/xboybJ9VNo1y5z_6I5HirizMf9s.roa
File:                     xboybJ9VNo1y5z_6I5HirizMf9s.roa (raw, json)
Hash identifier:          oy0kNSxHEUQIc3G4TanABd4Jgm/e3lNiJIdDe9OvL1M=
Subject key identifier:   C5:BA:32:6C:9F:55:36:8D:72:E7:3F:FA:23:91:E2:AE:2C:CC:7F:DB
Certificate issuer:       /CN=2078baee6b6ec5425a16b1fc00c52c30ed95a3f0
Certificate serial:       03C5A333
Authority key identifier: 20:78:BA:EE:6B:6E:C5:42:5A:16:B1:FC:00:C5:2C:30:ED:95:A3:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IHi67mtuxUJaFrH8AMUsMO2Vo_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/xboybJ9VNo1y5z_6I5HirizMf9s.roa
Signing time:             Sat 01 Jan 2022 03:56:56 +0000
ROA not before:           Sat 01 Jan 2022 03:56:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208290
IP address blocks:        45.148.209.0/24 maxlen: 24
                          45.148.210.0/24 maxlen: 24
                          45.148.211.0/24 maxlen: 24
                          45.148.208.0/24 maxlen: 24
                          2a10:9f00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63284019 (0x3c5a333)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2078baee6b6ec5425a16b1fc00c52c30ed95a3f0
        Validity
            Not Before: Jan  1 03:56:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c5ba326c9f55368d72e73ffa2391e2ae2ccc7fdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d1:7b:a5:7b:34:12:b5:a3:3b:4b:25:fb:b7:
                    ea:72:35:27:32:9c:50:87:f8:1c:23:8c:a0:56:f7:
                    8a:a5:58:ff:6d:1d:07:b7:b9:e4:8c:0d:71:68:c3:
                    63:6e:62:cc:df:fd:19:3d:57:f1:ff:48:da:6e:bf:
                    ee:5b:d9:14:db:00:32:00:09:58:2c:0e:a4:0a:6a:
                    cb:f2:4d:14:93:aa:ee:f0:91:77:53:81:13:ae:45:
                    45:ac:4b:03:c3:22:65:ba:8d:25:e3:7b:66:7a:58:
                    fe:03:26:de:8d:67:cd:a7:1f:ea:1c:d9:db:49:91:
                    53:f2:a2:18:6d:ae:29:14:b5:14:dc:1e:11:70:84:
                    42:05:d8:eb:6d:f4:09:ed:e8:2c:70:7a:af:51:cb:
                    41:cc:b6:03:53:bf:14:17:c0:a1:2f:a5:08:9b:76:
                    22:83:94:90:f7:ab:a2:61:1f:61:cc:5a:24:97:24:
                    1a:cf:3b:bf:95:bb:b0:16:93:08:e3:21:8e:62:4f:
                    5c:b7:97:c7:59:20:95:4d:03:bb:3c:65:71:e0:01:
                    63:81:fb:a7:90:e4:34:3d:81:c3:cb:5b:7d:ee:46:
                    bb:48:a2:24:ac:f5:11:22:ac:75:17:74:2f:ce:ef:
                    d7:23:b4:c0:31:8d:24:3e:98:16:4d:05:35:7c:74:
                    fd:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:BA:32:6C:9F:55:36:8D:72:E7:3F:FA:23:91:E2:AE:2C:CC:7F:DB
            X509v3 Authority Key Identifier:
                keyid:20:78:BA:EE:6B:6E:C5:42:5A:16:B1:FC:00:C5:2C:30:ED:95:A3:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IHi67mtuxUJaFrH8AMUsMO2Vo_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/xboybJ9VNo1y5z_6I5HirizMf9s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/IHi67mtuxUJaFrH8AMUsMO2Vo_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.208.0/22
                IPv6:
                  2a10:9f00::/29

    Signature Algorithm: sha256WithRSAEncryption
         78:25:fe:5f:e7:47:60:d8:fd:1d:82:43:72:8d:85:fd:5f:d7:
         d9:69:52:f5:8a:9b:a7:b5:7b:e1:ea:14:35:ea:2f:3e:91:13:
         b5:7f:f3:25:56:14:82:76:63:b4:99:37:b9:21:3e:da:f6:f3:
         ed:d8:f7:56:b9:9c:b9:85:38:13:c2:49:90:91:4f:2e:93:1d:
         ba:ec:38:d1:68:9b:96:98:4e:39:c9:01:21:81:5c:77:cf:7b:
         28:83:2f:f8:fa:1f:13:e8:bd:a8:38:42:cb:3e:61:bb:08:b5:
         42:e3:a4:6d:79:e7:9a:a1:bb:a0:24:c6:b9:16:fb:64:dc:fd:
         85:b0:43:5f:fc:5a:26:49:c0:72:0a:db:6f:ad:ef:0b:c6:01:
         2f:ae:a5:c6:a5:03:4b:2e:3e:4c:ce:a6:41:db:8c:39:d9:a4:
         d3:4e:55:f9:8f:86:f6:d5:21:68:c9:8a:25:1a:50:54:83:c0:
         c3:0a:4b:d4:7f:d7:4b:bc:81:a1:29:3f:8f:7e:ff:cc:84:33:
         48:6b:a4:f7:59:72:23:bd:ac:b8:d1:f5:18:dd:bb:2b:d7:59:
         0c:ac:7a:ae:de:33:00:ed:a4:fd:64:96:2b:32:00:dc:98:fd:
         bc:27:8d:06:d2:19:9c:27:89:14:1c:3c:64:4c:b1:8b:ac:ae:
         ce:8b:32:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA8WjMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDc4YmFlZTZiNmVjNTQyNWExNmIxZmMwMGM1MmMzMGVkOTVhM2YwMB4XDTIyMDEw
MTAzNTY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzViYTMyNmM5ZjU1
MzY4ZDcyZTczZmZhMjM5MWUyYWUyY2NjN2ZkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTRe6V7NBK1oztLJfu36nI1JzKcUIf4HCOMoFb3iqVY/20d
B7e55IwNcWjDY25izN/9GT1X8f9I2m6/7lvZFNsAMgAJWCwOpApqy/JNFJOq7vCR
d1OBE65FRaxLA8MiZbqNJeN7ZnpY/gMm3o1nzacf6hzZ20mRU/KiGG2uKRS1FNwe
EXCEQgXY6230Ce3oLHB6r1HLQcy2A1O/FBfAoS+lCJt2IoOUkPeromEfYcxaJJck
Gs87v5W7sBaTCOMhjmJPXLeXx1kglU0DuzxlceABY4H7p5DkND2Bw8tbfe5Gu0ii
JKz1ESKsdRd0L87v1yO0wDGNJD6YFk0FNXx0/SsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTFujJsn1U2jXLnP/ojkeKuLMx/2zAfBgNVHSMEGDAWgBQgeLrua27FQloW
sfwAxSww7ZWj8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lIaTY3bXR1eFVKYUZySDhBTVVzTU8yVm9fQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvYjE4MmJjLWJjMzItNGUyZi1iYWQ3LWNhNTFmYjQwODkwMS8x
L3hib3liSjlWTm8xeTV6XzZJNUhpcml6TWY5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
YjE4MmJjLWJjMzItNGUyZi1iYWQ3LWNhNTFmYjQwODkwMS8xL0lIaTY3bXR1eFVK
YUZySDhBTVVzTU8yVm9fQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2U0DANBAIAAjAHAwUDKhCfADAN
BgkqhkiG9w0BAQsFAAOCAQEAeCX+X+dHYNj9HYJDco2F/V/X2WlS9Yqbp7V74eoU
NeovPpETtX/zJVYUgnZjtJk3uSE+2vbz7dj3VrmcuYU4E8JJkJFPLpMduuw40Wib
lphOOckBIYFcd897KIMv+PofE+i9qDhCyz5huwi1QuOkbXnnmqG7oCTGuRb7ZNz9
hbBDX/xaJknAcgrbb63vC8YBL66lxqUDSy4+TM6mQduMOdmk005V+Y+G9tUhaMmK
JRpQVIPAwwpL1H/XS7yBoSk/j37/zIQzSGuk91lyI72suNH1GN27K9dZDKx6rt4z
AO2k/WSWKzIA3Jj9vCeNBtIZnCeJFBw8ZEyxi6yuzosyXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:51 2024 by rpki-client on console-ams.rpki-client.org