Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS26388.roa
File:                     AS26388.roa (raw, json)
Hash identifier:          3z3TgdmIQvfhgFv3y/CYNOJu8uX46/e3BbbeNt4MHf4=
Subject key identifier:   BC:9F:06:04:4C:0F:56:29:F1:A9:CA:81:14:CC:EE:85:ED:51:20:57
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       64A59F4BD28D09DA7CE4A30B37CEA05706A19A81
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS26388.roa
Signing time:             Wed 01 Mar 2023 07:08:19 +0000
ROA not before:           Wed 01 Mar 2023 07:03:19 +0000
ROA not after:            Wed 28 Feb 2024 07:08:19 +0000
asID:                     26388
IP address blocks:        45.133.178.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:a5:9f:4b:d2:8d:09:da:7c:e4:a3:0b:37:ce:a0:57:06:a1:9a:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Mar  1 07:03:19 2023 GMT
            Not After : Feb 28 07:08:19 2024 GMT
        Subject: CN=BC9F06044C0F5629F1A9CA8114CCEE85ED512057
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:cb:57:db:8f:46:a7:c2:ac:e5:2e:05:54:28:
                    ca:23:36:a2:c7:8a:24:f6:95:ce:84:e8:2f:ba:18:
                    54:9f:96:86:18:f7:28:c1:0d:23:9b:4a:9f:51:98:
                    aa:d7:5e:a6:51:ec:3f:c3:a4:4a:49:bf:91:7a:a0:
                    bd:bc:10:9d:cf:28:1e:40:59:20:bd:72:aa:62:a4:
                    d0:21:df:61:18:19:57:1b:a3:d3:ea:04:5a:7e:31:
                    ee:94:c7:6a:f6:c7:d7:76:63:af:e3:77:79:f5:12:
                    9b:e1:0d:b9:49:bb:57:d4:39:df:da:bf:62:4a:be:
                    93:be:ff:0f:b4:40:17:37:81:f1:e8:63:99:c2:ef:
                    1c:6d:f4:37:bf:95:84:ee:9d:38:cf:2c:bb:cf:ea:
                    09:24:bc:94:cb:4a:fb:6f:1e:1b:14:12:3a:91:49:
                    91:ac:27:86:4f:e4:ee:12:ef:4e:e1:4f:d9:78:50:
                    30:07:f1:a4:09:89:98:aa:ee:5f:ca:e2:4c:ab:31:
                    e5:fb:df:98:7c:42:55:b1:6d:ce:2c:c1:7e:23:0a:
                    57:41:a4:1f:c3:e0:97:be:63:02:88:79:a4:5c:c0:
                    65:2d:2f:54:54:ac:88:fd:16:9b:e3:3c:4a:b3:48:
                    59:08:c6:6c:28:ed:66:58:cb:f8:ad:d3:f5:18:9e:
                    0c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:9F:06:04:4C:0F:56:29:F1:A9:CA:81:14:CC:EE:85:ED:51:20:57
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS26388.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:9c:bb:da:24:b3:9d:9c:ff:c2:a8:69:74:92:c0:0e:0d:a5:
         6c:b4:17:40:1a:7e:de:79:6d:c6:04:2e:8f:0c:a4:1a:a5:28:
         ff:c6:4d:50:09:ab:9c:6c:17:cf:17:c1:d6:70:f0:57:6d:d2:
         68:55:4a:02:e8:aa:45:58:44:f3:4c:3b:17:bb:d4:4c:e0:38:
         17:6c:49:33:b3:3a:ac:14:6b:90:bd:b7:b8:cb:5f:ad:03:6e:
         1d:91:82:0a:47:2d:9b:18:8d:ce:dc:71:b9:27:20:31:e5:9e:
         cc:eb:f7:5e:3b:f8:6e:bc:e9:fc:97:aa:e9:2c:a6:01:a2:aa:
         f4:1b:ab:0b:2a:70:17:4f:2e:6b:d5:06:ea:cc:35:9d:72:cd:
         d7:d1:8b:ef:73:4c:ba:27:df:3d:e0:65:f2:82:49:5f:61:00:
         74:03:d6:7d:94:40:5d:cb:7b:5a:d5:ec:10:90:60:14:9e:2b:
         05:e2:4b:d2:e2:e2:7e:3a:87:a3:51:f2:eb:90:ce:09:d5:ec:
         b3:bb:be:8d:31:4a:7c:66:93:9b:2e:56:35:3c:c2:f8:87:e0:
         bb:e2:e8:e1:2e:b5:60:8b:5b:5b:89:5f:7a:51:ce:52:fe:9a:
         64:6d:9c:e3:91:83:68:f2:a1:93:85:ab:e7:99:05:2b:99:64:
         af:92:0b:82
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUZKWfS9KNCdp85KMLN86gVwahmoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzAzMDEwNzAzMTlaFw0yNDAyMjgwNzA4MTlaMDMxMTAvBgNV
BAMTKEJDOUYwNjA0NEMwRjU2MjlGMUE5Q0E4MTE0Q0NFRTg1RUQ1MTIwNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfy1fbj0anwqzlLgVUKMojNqLH
iiT2lc6E6C+6GFSfloYY9yjBDSObSp9RmKrXXqZR7D/DpEpJv5F6oL28EJ3PKB5A
WSC9cqpipNAh32EYGVcbo9PqBFp+Me6Ux2r2x9d2Y6/jd3n1EpvhDblJu1fUOd/a
v2JKvpO+/w+0QBc3gfHoY5nC7xxt9De/lYTunTjPLLvP6gkkvJTLSvtvHhsUEjqR
SZGsJ4ZP5O4S707hT9l4UDAH8aQJiZiq7l/K4kyrMeX735h8QlWxbc4swX4jCldB
pB/D4Je+YwKIeaRcwGUtL1RUrIj9FpvjPEqzSFkIxmwo7WZYy/it0/UYngzNAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUvJ8GBEwPVinxqcqBFMzuhe1RIFcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjYzODgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthbIw
DQYJKoZIhvcNAQELBQADggEBAG2cu9oks52c/8KoaXSSwA4NpWy0F0Aaft55bcYE
Lo8MpBqlKP/GTVAJq5xsF88XwdZw8Fdt0mhVSgLoqkVYRPNMOxe71EzgOBdsSTOz
OqwUa5C9t7jLX60Dbh2RggpHLZsYjc7ccbknIDHlnszr9147+G686fyXqukspgGi
qvQbqwsqcBdPLmvVBurMNZ1yzdfRi+9zTLon3z3gZfKCSV9hAHQD1n2UQF3Le1rV
7BCQYBSeKwXiS9Li4n46h6NR8uuQzgnV7LO7vo0xSnxmk5suVjU8wviH4Lvi6OEu
tWCLW1uJX3pRzlL+mmRtnOORg2jyoZOFq+eZBSuZZK+SC4I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:04 2024 by rpki-client on console-ams.rpki-client.org