Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/4RyT1WCFP33vTZb9MRzJj0Vn9Lg.roa
File:                     4RyT1WCFP33vTZb9MRzJj0Vn9Lg.roa (raw, json)
Hash identifier:          Z/QPFWbjW7yO0y0qmSSJmE7jr/eThH6uD/e24Xn/P0c=
Subject key identifier:   E1:1C:93:D5:60:85:3F:7D:EF:4D:96:FD:31:1C:C9:8F:45:67:F4:B8
Certificate issuer:       /CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Certificate serial:       03FAAD6F
Authority key identifier: 61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/4RyT1WCFP33vTZb9MRzJj0Vn9Lg.roa
Signing time:             Mon 30 May 2022 07:58:13 +0000
ROA not before:           Mon 30 May 2022 07:58:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211796
IP address blocks:        91.202.244.0/24 maxlen: 24
                          2a0c:6ec0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66760047 (0x3faad6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6161470d39be4ba2dd5df8fa47b16396278e670a
        Validity
            Not Before: May 30 07:58:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e11c93d560853f7def4d96fd311cc98f4567f4b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9e:df:53:c4:35:f9:2b:e8:d1:e4:88:5b:4c:
                    21:01:bf:0d:88:5f:c8:57:ca:41:50:3a:f4:5a:08:
                    36:b2:c7:d6:94:01:9b:2a:55:dd:2b:3b:f4:61:f0:
                    2d:ee:20:40:01:fb:cf:fc:b9:e7:d0:e2:06:df:cf:
                    c8:e2:93:8e:70:a0:6f:73:25:dc:3e:24:c1:3a:ff:
                    82:bf:6d:95:f1:25:9b:8e:38:65:c6:7b:9c:96:b2:
                    c3:81:04:58:26:ed:db:71:58:fc:d6:b8:be:d5:a7:
                    93:cf:61:66:85:ba:46:fe:0f:77:ed:f5:40:7d:e1:
                    02:b4:31:b9:51:c1:76:c3:75:be:97:54:fb:f9:b8:
                    a6:8f:f9:2d:7a:7c:09:e0:3e:14:f6:d7:24:61:e5:
                    a5:ff:da:6d:33:8d:b6:5a:7c:0f:16:e0:26:0c:51:
                    2b:65:55:2f:c0:d0:50:7e:9b:c1:ca:bd:f3:87:b1:
                    20:c6:7f:d3:2b:44:13:ab:91:6d:fa:df:33:56:c0:
                    d6:3b:fe:07:8c:de:d0:a0:1a:f9:c3:c5:4e:83:b0:
                    ed:6f:89:1d:80:68:bd:46:59:01:2f:fe:06:c4:8d:
                    9f:aa:58:0a:0d:75:34:90:8b:05:e3:0d:12:dd:6e:
                    62:2f:ee:05:01:68:f4:82:bb:9e:93:0e:e3:4b:52:
                    ab:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:1C:93:D5:60:85:3F:7D:EF:4D:96:FD:31:1C:C9:8F:45:67:F4:B8
            X509v3 Authority Key Identifier:
                keyid:61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/4RyT1WCFP33vTZb9MRzJj0Vn9Lg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.202.244.0/24
                IPv6:
                  2a0c:6ec0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         9e:c7:c6:f9:a4:d5:55:fb:09:68:7f:ec:5c:c7:65:c9:ef:91:
         81:5b:a6:a4:a8:86:96:bd:52:a1:44:3f:66:d9:80:4c:5e:f5:
         80:c7:c1:10:ee:42:31:78:ed:33:3d:e6:a8:b2:3b:ad:7b:87:
         f7:fd:4d:39:5f:98:69:2c:44:5f:61:f0:62:df:ee:80:67:a3:
         f2:fd:f2:c5:6b:4e:15:e3:36:7d:7b:86:47:98:27:f3:bb:fd:
         19:b8:b6:d5:e8:67:9d:1e:67:96:2c:7f:12:66:df:45:d7:7b:
         0b:d6:70:49:5c:9b:26:17:6c:45:82:c4:62:45:ca:42:64:bd:
         02:e4:97:c6:57:de:e6:ec:3c:76:a7:94:f4:c7:e0:53:d4:32:
         bb:82:84:43:e2:08:6d:83:d3:00:ed:87:89:9f:db:b4:e4:20:
         0f:fd:59:5b:b7:15:6a:46:ac:37:26:6a:c5:eb:47:28:38:d4:
         f6:77:3d:bc:dd:bd:08:0a:36:d6:85:91:9d:48:fa:13:53:99:
         b5:c5:8f:8a:1c:3a:bd:06:26:bc:c9:43:c2:fc:0d:c4:93:7c:
         9d:89:5b:69:a9:85:66:7d:56:25:a9:ee:0c:92:b7:40:c0:a2:
         de:e8:83:1e:3d:4b:13:0b:97:e1:b8:55:86:d2:be:a3:89:06:
         4e:61:a7:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEA/qtbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MTYxNDcwZDM5YmU0YmEyZGQ1ZGY4ZmE0N2IxNjM5NjI3OGU2NzBhMB4XDTIyMDUz
MDA3NTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTExYzkzZDU2MDg1
M2Y3ZGVmNGQ5NmZkMzExY2M5OGY0NTY3ZjRiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALee31PENfkr6NHkiFtMIQG/DYhfyFfKQVA69FoINrLH1pQB
mypV3Ss79GHwLe4gQAH7z/y559DiBt/PyOKTjnCgb3Ml3D4kwTr/gr9tlfElm444
ZcZ7nJayw4EEWCbt23FY/Na4vtWnk89hZoW6Rv4Pd+31QH3hArQxuVHBdsN1vpdU
+/m4po/5LXp8CeA+FPbXJGHlpf/abTONtlp8DxbgJgxRK2VVL8DQUH6bwcq984ex
IMZ/0ytEE6uRbfrfM1bA1jv+B4ze0KAa+cPFToOw7W+JHYBovUZZAS/+BsSNn6pY
Cg11NJCLBeMNEt1uYi/uBQFo9IK7npMO40tSq20CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBThHJPVYIU/fe9Nlv0xHMmPRWf0uDAfBgNVHSMEGDAWgBRhYUcNOb5Lot1d
+PpHsWOWJ45nCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lXRkhEVG0tUzZMZFhmajZSN0ZqbGllT1p3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvZTUxODU2LWU1MmUtNGIyNC04Yzk5LWMyNDBiZmM5Y2JjMS8x
LzRSeVQxV0NGUDMzdlRaYjlNUnpKajBWbjlMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
ZTUxODU2LWU1MmUtNGIyNC04Yzk5LWMyNDBiZmM5Y2JjMS8xL1lXRkhEVG0tUzZM
ZFhmajZSN0ZqbGllT1p3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvK9DAPBAIAAjAJAwcAKgxuwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCex8b5pNVV+wlof+xcx2XJ75GBW6akqIaWvVKh
RD9m2YBMXvWAx8EQ7kIxeO0zPeaosjute4f3/U05X5hpLERfYfBi3+6AZ6Py/fLF
a04V4zZ9e4ZHmCfzu/0ZuLbV6GedHmeWLH8SZt9F13sL1nBJXJsmF2xFgsRiRcpC
ZL0C5JfGV97m7Dx2p5T0x+BT1DK7goRD4ghtg9MA7YeJn9u05CAP/VlbtxVqRqw3
JmrF60coONT2dz283b0ICjbWhZGdSPoTU5m1xY+KHDq9Bia8yUPC/A3Ek3ydiVtp
qYVmfVYlqe4MkrdAwKLe6IMePUsTC5fhuFWG0r6jiQZOYae3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:23 2024 by rpki-client on console-ams.rpki-client.org