Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/gxki3PT_tQN422BUt8bZW6r8LmU.roa
File:                     gxki3PT_tQN422BUt8bZW6r8LmU.roa (raw, json)
Hash identifier:          NtFlCWnc4p/NV9YIBOWdZMHlO/4vFInzbsXIoBVtJIM=
Subject key identifier:   83:19:22:DC:F4:FF:B5:03:78:DB:60:54:B7:C6:D9:5B:AA:FC:2E:65
Certificate issuer:       /CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Certificate serial:       02A70692
Authority key identifier: 61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/gxki3PT_tQN422BUt8bZW6r8LmU.roa
Signing time:             Sat 01 Jan 2022 11:57:36 +0000
ROA not before:           Sat 01 Jan 2022 11:57:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199524
IP address blocks:        91.202.245.0/24 maxlen: 24
                          91.202.246.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44500626 (0x2a70692)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6161470d39be4ba2dd5df8fa47b16396278e670a
        Validity
            Not Before: Jan  1 11:57:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=831922dcf4ffb50378db6054b7c6d95baafc2e65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:4c:99:20:61:30:2f:c1:15:05:9c:28:2e:f8:
                    1b:c3:4f:ad:bf:42:f5:6d:99:cc:9c:f2:9e:3f:3d:
                    26:a4:81:11:7c:3b:91:54:15:7e:a0:8b:4b:65:8b:
                    cf:ae:c3:e9:79:28:7f:63:07:7e:ed:38:93:c2:4e:
                    fe:b1:2c:55:46:8e:7e:bd:e0:2b:3d:c0:87:55:f0:
                    3f:61:eb:45:b4:c9:47:20:d6:c8:14:fe:4b:25:43:
                    fa:77:8c:a0:ca:42:65:14:06:98:77:23:f9:2b:b2:
                    07:ef:a7:c0:b7:d1:8a:e7:2b:e8:88:ec:cb:d1:c2:
                    8f:0e:a1:0a:57:f3:66:cd:06:8d:44:f9:e1:d6:c1:
                    b2:21:db:cf:d3:23:fa:e0:15:55:b5:c4:3a:63:ca:
                    3a:a1:5b:40:f0:33:01:c4:59:0b:67:24:69:4d:4c:
                    fe:88:56:54:7b:3e:43:de:75:4c:92:d5:92:35:17:
                    38:03:52:49:67:42:5c:d7:20:8f:5f:3e:e0:de:5d:
                    8f:81:7f:10:c3:9d:7d:b8:a8:6b:f4:40:f5:23:c0:
                    10:f5:01:85:7d:2f:c7:6d:a8:87:30:9a:20:d5:87:
                    58:fe:ca:28:70:fb:cd:51:41:c9:3a:92:17:fc:d4:
                    0a:08:a0:a8:5b:c8:65:3e:ed:b8:57:b1:4c:17:70:
                    24:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:19:22:DC:F4:FF:B5:03:78:DB:60:54:B7:C6:D9:5B:AA:FC:2E:65
            X509v3 Authority Key Identifier:
                keyid:61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/gxki3PT_tQN422BUt8bZW6r8LmU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.202.245.0-91.202.247.255

    Signature Algorithm: sha256WithRSAEncryption
         a7:ab:e9:74:86:51:04:cb:fb:29:e0:85:28:c9:b4:e3:70:a8:
         ae:7d:3c:c4:09:4c:fa:f5:0f:87:b1:30:59:06:93:d5:64:de:
         b7:dd:f0:f2:e3:81:2a:fa:e1:aa:fe:39:a2:6a:e9:f5:c0:b9:
         e5:43:1b:01:d9:64:b3:ff:ac:11:47:7f:69:32:66:3a:dd:75:
         7d:0c:4d:33:8f:76:4f:c2:51:01:59:df:57:73:10:cb:b6:68:
         b7:71:58:e4:94:cf:4a:92:72:7c:91:f1:f2:1f:50:1e:81:e7:
         ed:11:5c:de:2b:d2:07:17:c8:e2:e2:8c:ff:b7:80:cc:4c:6d:
         e1:10:90:89:02:a5:d3:bc:8d:35:e5:43:23:1b:81:26:fc:4c:
         f5:5a:3e:da:d3:88:15:ff:84:09:97:21:07:2f:33:2a:4b:ad:
         64:e8:5b:31:7c:3c:86:bf:c3:90:98:48:67:28:9a:83:20:9c:
         c0:07:94:6c:5d:e5:47:09:bd:d5:ff:0b:5a:f7:5e:09:59:78:
         01:56:c7:42:08:c1:11:3c:f5:0b:31:d6:0d:59:45:72:e6:4b:
         b5:70:40:74:fd:82:31:16:cc:5f:47:b1:41:f3:6d:7d:1d:31:
         83:84:86:96:be:f4:0d:5a:83:27:3f:74:56:e5:62:e1:f3:16:
         66:5f:12:ff
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAqcGkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MTYxNDcwZDM5YmU0YmEyZGQ1ZGY4ZmE0N2IxNjM5NjI3OGU2NzBhMB4XDTIyMDEw
MTExNTczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODMxOTIyZGNmNGZm
YjUwMzc4ZGI2MDU0YjdjNmQ5NWJhYWZjMmU2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFMmSBhMC/BFQWcKC74G8NPrb9C9W2ZzJzynj89JqSBEXw7
kVQVfqCLS2WLz67D6Xkof2MHfu04k8JO/rEsVUaOfr3gKz3Ah1XwP2HrRbTJRyDW
yBT+SyVD+neMoMpCZRQGmHcj+SuyB++nwLfRiucr6Ijsy9HCjw6hClfzZs0GjUT5
4dbBsiHbz9Mj+uAVVbXEOmPKOqFbQPAzAcRZC2ckaU1M/ohWVHs+Q951TJLVkjUX
OANSSWdCXNcgj18+4N5dj4F/EMOdfbioa/RA9SPAEPUBhX0vx22ohzCaINWHWP7K
KHD7zVFByTqSF/zUCgigqFvIZT7tuFexTBdwJK0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSDGSLc9P+1A3jbYFS3xtlbqvwuZTAfBgNVHSMEGDAWgBRhYUcNOb5Lot1d
+PpHsWOWJ45nCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lXRkhEVG0tUzZMZFhmajZSN0ZqbGllT1p3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvZTUxODU2LWU1MmUtNGIyNC04Yzk5LWMyNDBiZmM5Y2JjMS8x
L2d4a2kzUFRfdFFONDIyQlV0OGJaVzZyOExtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
ZTUxODU2LWU1MmUtNGIyNC04Yzk5LWMyNDBiZmM5Y2JjMS8xL1lXRkhEVG0tUzZM
ZFhmajZSN0ZqbGllT1p3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAW8r1AwQDW8rwMA0GCSqGSIb3
DQEBCwUAA4IBAQCnq+l0hlEEy/sp4IUoybTjcKiufTzECUz69Q+HsTBZBpPVZN63
3fDy44Eq+uGq/jmiaun1wLnlQxsB2WSz/6wRR39pMmY63XV9DE0zj3ZPwlEBWd9X
cxDLtmi3cVjklM9KknJ8kfHyH1AegeftEVzeK9IHF8ji4oz/t4DMTG3hEJCJAqXT
vI015UMjG4Em/Ez1Wj7a04gV/4QJlyEHLzMqS61k6FsxfDyGv8OQmEhnKJqDIJzA
B5RsXeVHCb3V/wta914JWXgBVsdCCMERPPULMdYNWUVy5ku1cEB0/YIxFsxfR7FB
8219HTGDhIaWvvQNWoMnP3RW5WLh8xZmXxL/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:24 2024 by rpki-client on console-ams.rpki-client.org