Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2053c4-bc4a-416a-8970-ac536b2ab4f8/1/pMhknzzIIWrCCpLx-9DW7Wqd1Ks.roa
File:                     pMhknzzIIWrCCpLx-9DW7Wqd1Ks.roa (raw, json)
Hash identifier:          9hhkpZlOqQioiIWCtlzSZD7KPf/rvExtp1VPnXTNcvM=
Subject key identifier:   A4:C8:64:9F:3C:C8:21:6A:C2:0A:92:F1:FB:D0:D6:ED:6A:9D:D4:AB
Certificate issuer:       /CN=5acb3089461e1f5f8984b7742c89bb68f1b88c12
Certificate serial:       07AF261A
Authority key identifier: 5A:CB:30:89:46:1E:1F:5F:89:84:B7:74:2C:89:BB:68:F1:B8:8C:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WsswiUYeH1-JhLd0LIm7aPG4jBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/2053c4-bc4a-416a-8970-ac536b2ab4f8/1/pMhknzzIIWrCCpLx-9DW7Wqd1Ks.roa
Signing time:             Sat 01 Jan 2022 09:01:22 +0000
ROA not before:           Sat 01 Jan 2022 09:01:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41585
IP address blocks:        194.9.124.0/23 maxlen: 23
                          194.9.126.0/24 maxlen: 24
                          91.195.50.0/23 maxlen: 23
                          91.194.254.0/23 maxlen: 23
                          91.136.128.0/17 maxlen: 17

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128919066 (0x7af261a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5acb3089461e1f5f8984b7742c89bb68f1b88c12
        Validity
            Not Before: Jan  1 09:01:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a4c8649f3cc8216ac20a92f1fbd0d6ed6a9dd4ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f3:52:b0:38:b1:7f:76:dd:87:1a:67:bf:14:
                    fd:c9:32:e3:d9:75:75:81:64:1c:b0:37:08:ed:c4:
                    23:bc:17:fc:09:a4:4b:ff:86:f3:de:64:de:11:e9:
                    56:0e:d3:6d:48:85:83:a5:cf:17:f1:0f:98:2d:37:
                    99:ac:c2:6b:d9:31:cf:40:7d:16:dc:43:c9:72:0b:
                    1c:38:2b:06:72:ce:40:b2:b0:3c:a7:56:e6:ed:9e:
                    bc:43:bd:9a:55:0e:b6:2d:2c:c0:e2:e5:54:78:24:
                    3a:f2:66:64:cf:43:6f:53:d8:6e:7b:1e:db:11:c3:
                    e1:b3:a3:53:f2:fe:2d:d7:29:33:52:a6:fa:f9:c6:
                    f1:e5:82:03:e3:8f:4f:33:20:74:71:3e:75:71:f8:
                    3a:43:01:c7:f7:dd:98:89:7d:8c:62:01:58:2e:dc:
                    f8:bb:2e:a0:32:4f:d1:e9:53:60:02:79:ad:c0:a2:
                    26:e4:50:86:68:d5:4d:0f:ab:a0:89:15:87:f2:d2:
                    47:e2:25:89:5a:48:b4:6c:a9:77:93:f2:d4:b9:4d:
                    79:5c:93:e3:8e:e7:f3:b8:a6:db:cc:12:d7:ea:2a:
                    a1:2c:e6:d4:47:82:35:b6:67:31:5c:90:f2:28:b7:
                    36:92:6d:2c:d9:e3:7a:15:55:20:83:3a:52:0c:04:
                    66:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:C8:64:9F:3C:C8:21:6A:C2:0A:92:F1:FB:D0:D6:ED:6A:9D:D4:AB
            X509v3 Authority Key Identifier:
                keyid:5A:CB:30:89:46:1E:1F:5F:89:84:B7:74:2C:89:BB:68:F1:B8:8C:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsswiUYeH1-JhLd0LIm7aPG4jBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2053c4-bc4a-416a-8970-ac536b2ab4f8/1/pMhknzzIIWrCCpLx-9DW7Wqd1Ks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2053c4-bc4a-416a-8970-ac536b2ab4f8/1/WsswiUYeH1-JhLd0LIm7aPG4jBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.136.128.0/17
                  91.194.254.0/23
                  91.195.50.0/23
                  194.9.124.0-194.9.126.255

    Signature Algorithm: sha256WithRSAEncryption
         09:56:dd:b9:24:11:46:5c:fb:10:1b:40:76:2e:4d:53:da:e6:
         3d:28:1d:da:4a:58:f1:f3:5a:67:0d:58:f4:62:da:e7:e4:ed:
         da:df:12:14:74:ff:76:8d:99:8c:25:8d:ef:cd:fd:de:b7:82:
         d6:53:f0:d5:de:7c:4d:7f:93:25:f2:f1:87:9d:03:36:63:3b:
         05:97:35:97:7d:53:26:19:bf:7f:d6:7f:fa:a4:07:bb:1e:cd:
         29:72:b9:97:83:4b:98:11:b3:49:d5:a9:e8:6d:df:c6:83:c1:
         a4:e4:c1:85:15:2a:7b:4e:82:97:58:fb:ae:03:5a:ec:f1:0c:
         06:2b:0c:9d:fa:36:fb:e8:6b:c5:59:f5:02:41:36:9e:bb:53:
         3f:d4:fb:33:0e:eb:fe:42:e8:5b:f3:98:b2:22:7b:8f:ba:af:
         89:9b:64:96:29:60:2b:00:8b:0c:9a:a4:c1:87:34:b3:f6:10:
         69:c3:f5:68:f1:3a:f5:e0:79:63:9f:c6:e4:94:1a:94:ec:87:
         04:8e:ff:5b:37:f6:26:41:d2:91:00:79:f9:07:99:77:92:c7:
         4b:69:9e:9c:a8:73:f8:3c:4e:23:89:6d:f2:cc:d1:f8:b5:43:
         80:40:28:b9:c3:12:c9:f6:31:d6:75:cf:dd:f1:4f:07:d4:c1:
         95:df:fb:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEB68mGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWNiMzA4OTQ2MWUxZjVmODk4NGI3NzQyYzg5YmI2OGYxYjg4YzEyMB4XDTIyMDEw
MTA5MDEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTRjODY0OWYzY2M4
MjE2YWMyMGE5MmYxZmJkMGQ2ZWQ2YTlkZDRhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLzUrA4sX923YcaZ78U/cky49l1dYFkHLA3CO3EI7wX/Amk
S/+G895k3hHpVg7TbUiFg6XPF/EPmC03mazCa9kxz0B9FtxDyXILHDgrBnLOQLKw
PKdW5u2evEO9mlUOti0swOLlVHgkOvJmZM9Db1PYbnse2xHD4bOjU/L+LdcpM1Km
+vnG8eWCA+OPTzMgdHE+dXH4OkMBx/fdmIl9jGIBWC7c+LsuoDJP0elTYAJ5rcCi
JuRQhmjVTQ+roIkVh/LSR+IliVpItGypd5Py1LlNeVyT447n87im28wS1+oqoSzm
1EeCNbZnMVyQ8ii3NpJtLNnjehVVIIM6UgwEZgcCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSkyGSfPMghasIKkvH70Nbtap3UqzAfBgNVHSMEGDAWgBRayzCJRh4fX4mE
t3Qsibto8biMEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dzc3dpVVllSDEtSmhMZDBMSW03YVBHNGpCSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvMjA1M2M0LWJjNGEtNDE2YS04OTcwLWFjNTM2YjJhYjRmOC8x
L3BNaGtuenpJSVdyQ0NwTHgtOURXN1dxZDFLcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
MjA1M2M0LWJjNGEtNDE2YS04OTcwLWFjNTM2YjJhYjRmOC8xL1dzc3dpVVllSDEt
SmhMZDBMSW03YVBHNGpCSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEB1uIgAMEAVvC/gMEAVvDMjAMAwQC
wgl8AwQAwgl+MA0GCSqGSIb3DQEBCwUAA4IBAQAJVt25JBFGXPsQG0B2Lk1T2uY9
KB3aSljx81pnDVj0Ytrn5O3a3xIUdP92jZmMJY3vzf3et4LWU/DV3nxNf5Ml8vGH
nQM2YzsFlzWXfVMmGb9/1n/6pAe7Hs0pcrmXg0uYEbNJ1anobd/Gg8Gk5MGFFSp7
ToKXWPuuA1rs8QwGKwyd+jb76GvFWfUCQTaeu1M/1PszDuv+Quhb85iyInuPuq+J
m2SWKWArAIsMmqTBhzSz9hBpw/Vo8Tr14Hljn8bklBqU7IcEjv9bN/YmQdKRAHn5
B5l3ksdLaZ6cqHP4PE4jiW3yzNH4tUOAQCi5wxLJ9jHWdc/d8U8H1MGV3/sj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:51 2024 by rpki-client on console-fra.rpki-client.org