Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/rwLzFx5JYi06K9UhOa1s9T7MTVU.roa
File:                     rwLzFx5JYi06K9UhOa1s9T7MTVU.roa (raw, json)
Hash identifier:          d7gS2w6GSy2uVckybGbB8aWy7lxB7QqINyf5J4KnAQ4=
Subject key identifier:   AF:02:F3:17:1E:49:62:2D:3A:2B:D5:21:39:AD:6C:F5:3E:CC:4D:55
Certificate issuer:       /CN=9992b53426fb614d9a5a6d83f400566a660c9dd2
Certificate serial:       02ADC4FE
Authority key identifier: 99:92:B5:34:26:FB:61:4D:9A:5A:6D:83:F4:00:56:6A:66:0C:9D:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mZK1NCb7YU2aWm2D9ABWamYMndI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/rwLzFx5JYi06K9UhOa1s9T7MTVU.roa
Signing time:             Sat 01 Jan 2022 05:06:35 +0000
ROA not before:           Sat 01 Jan 2022 05:06:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50572
IP address blocks:        91.223.47.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44942590 (0x2adc4fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9992b53426fb614d9a5a6d83f400566a660c9dd2
        Validity
            Not Before: Jan  1 05:06:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=af02f3171e49622d3a2bd52139ad6cf53ecc4d55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:7e:e1:3d:1d:98:c5:05:90:35:63:4a:16:49:
                    ba:d8:cb:89:db:d3:3a:7a:b6:77:68:ed:63:95:08:
                    22:c3:2f:54:de:c8:de:c3:41:bc:f4:20:44:ba:ef:
                    a7:4f:9d:ee:00:78:8d:a4:81:2e:26:86:75:bd:9a:
                    74:2c:43:bf:81:b8:b5:69:39:39:d7:56:f5:9b:e9:
                    c9:f5:a8:79:39:e9:e8:e2:d9:21:13:78:26:6d:cb:
                    98:6a:5e:88:69:7e:00:d1:7a:4f:57:16:15:db:1d:
                    59:20:1f:be:a1:7c:ee:33:3f:2c:9e:12:14:b8:48:
                    1b:f3:dd:20:dd:91:37:83:22:1f:28:ae:f0:83:34:
                    b9:24:74:9c:95:a7:28:dd:8e:f4:8e:46:a2:6a:b9:
                    15:9c:0e:4d:38:35:ce:5c:40:18:95:c0:ae:3c:7e:
                    2a:7d:52:0b:48:8a:d0:a7:64:b7:61:36:c3:80:0c:
                    d0:d5:e2:80:88:85:af:5b:eb:2c:02:12:fd:db:75:
                    25:29:1f:87:d2:bf:60:e7:09:2a:9b:f2:38:84:24:
                    3b:df:12:27:98:78:b9:ba:6f:b3:43:0a:23:e4:8b:
                    84:97:ed:ee:ef:69:ea:40:61:9d:3a:c2:2a:9a:df:
                    e4:b0:e6:10:ae:22:3b:33:f2:39:42:01:bd:f6:e3:
                    9b:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:02:F3:17:1E:49:62:2D:3A:2B:D5:21:39:AD:6C:F5:3E:CC:4D:55
            X509v3 Authority Key Identifier:
                keyid:99:92:B5:34:26:FB:61:4D:9A:5A:6D:83:F4:00:56:6A:66:0C:9D:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZK1NCb7YU2aWm2D9ABWamYMndI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/rwLzFx5JYi06K9UhOa1s9T7MTVU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:6a:0d:03:6b:fd:8e:38:ae:d0:fd:19:48:af:07:0a:2c:72:
         72:93:5b:33:52:ca:1a:fd:76:10:f8:13:1a:3e:49:90:00:92:
         6c:a3:64:88:61:60:4c:a8:fd:4c:51:da:ea:fd:12:10:d1:7d:
         14:98:ac:d5:fc:91:6a:b2:18:f7:57:c4:16:af:22:9e:96:77:
         77:8c:68:1c:6d:30:66:d7:36:14:46:72:09:e5:1b:c0:7a:99:
         0a:62:dd:69:4c:86:a7:d9:90:ea:13:fb:28:86:de:c5:b3:34:
         73:76:91:1c:3d:e4:62:61:7f:1b:f1:7f:24:e9:04:a1:2b:ea:
         7a:d1:5d:22:a5:68:f9:56:c5:df:27:db:21:4e:72:91:c7:40:
         ec:29:8b:11:65:64:25:2e:f6:51:b7:38:81:20:c3:a6:05:68:
         3a:fe:d3:f4:5b:d0:b0:dd:41:2f:bd:99:60:b5:61:31:d9:30:
         66:21:56:51:f7:69:c7:95:74:9f:df:62:ad:16:69:13:d8:4c:
         53:49:db:36:a1:5b:f3:f6:c7:8c:ce:77:9f:e4:d8:c7:aa:3d:
         8a:2f:c3:ee:f2:f6:48:25:c2:ed:97:d6:e4:60:ed:3b:83:09:
         d4:2d:70:5c:f8:39:00:d7:05:da:c1:f1:73:a4:08:f7:1a:a9:
         2c:7d:fb:4e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAq3E/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTkyYjUzNDI2ZmI2MTRkOWE1YTZkODNmNDAwNTY2YTY2MGM5ZGQyMB4XDTIyMDEw
MTA1MDYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWYwMmYzMTcxZTQ5
NjIyZDNhMmJkNTIxMzlhZDZjZjUzZWNjNGQ1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOV+4T0dmMUFkDVjShZJutjLidvTOnq2d2jtY5UIIsMvVN7I
3sNBvPQgRLrvp0+d7gB4jaSBLiaGdb2adCxDv4G4tWk5OddW9ZvpyfWoeTnp6OLZ
IRN4Jm3LmGpeiGl+ANF6T1cWFdsdWSAfvqF87jM/LJ4SFLhIG/PdIN2RN4MiHyiu
8IM0uSR0nJWnKN2O9I5Gomq5FZwOTTg1zlxAGJXArjx+Kn1SC0iK0Kdkt2E2w4AM
0NXigIiFr1vrLAIS/dt1JSkfh9K/YOcJKpvyOIQkO98SJ5h4ubpvs0MKI+SLhJft
7u9p6kBhnTrCKprf5LDmEK4iOzPyOUIBvfbjm78CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSvAvMXHkliLTor1SE5rWz1PsxNVTAfBgNVHSMEGDAWgBSZkrU0JvthTZpa
bYP0AFZqZgyd0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21aSzFOQ2I3WVUyYVdtMkQ5QUJXYW1ZTW5kSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvOTAxNzJhLTk2OWItNDZkYS04MDg4LTc5MWE2MmQyZDhhYi8x
L3J3THpGeDVKWWkwNks5VWhPYTFzOVQ3TVRWVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
OTAxNzJhLTk2OWItNDZkYS04MDg4LTc5MWE2MmQyZDhhYi8xL21aSzFOQ2I3WVUy
YVdtMkQ5QUJXYW1ZTW5kSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvfLzANBgkqhkiG9w0BAQsFAAOC
AQEAuGoNA2v9jjiu0P0ZSK8HCixycpNbM1LKGv12EPgTGj5JkACSbKNkiGFgTKj9
TFHa6v0SENF9FJis1fyRarIY91fEFq8inpZ3d4xoHG0wZtc2FEZyCeUbwHqZCmLd
aUyGp9mQ6hP7KIbexbM0c3aRHD3kYmF/G/F/JOkEoSvqetFdIqVo+VbF3yfbIU5y
kcdA7CmLEWVkJS72Ubc4gSDDpgVoOv7T9FvQsN1BL72ZYLVhMdkwZiFWUfdpx5V0
n99irRZpE9hMU0nbNqFb8/bHjM53n+TYx6o9ii/D7vL2SCXC7ZfW5GDtO4MJ1C1w
XPg5ANcF2sHxc6QI9xqpLH37Tg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:51 2023 by rpki-client on console-fra.rpki-client.org