Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/lPoODrJacN-hkIwzrA5Vb4lEqbA.roa
File:                     lPoODrJacN-hkIwzrA5Vb4lEqbA.roa (raw, json)
Hash identifier:          ODSi3fN7xk+MSXJVJFv7U6UFvtrv5Og1EKgt10Fu4Rk=
Subject key identifier:   94:FA:0E:0E:B2:5A:70:DF:A1:90:8C:33:AC:0E:55:6F:89:44:A9:B0
Certificate issuer:       /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial:       018258B21A94B22F82050E0B573DFC65F401
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/lPoODrJacN-hkIwzrA5Vb4lEqbA.roa
Signing time:             Mon 01 Aug 2022 09:17:23 +0000
ROA not before:           Mon 01 Aug 2022 09:17:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203545
IP address blocks:        91.148.126.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:58:b2:1a:94:b2:2f:82:05:0e:0b:57:3d:fc:65:f4:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
        Validity
            Not Before: Aug  1 09:17:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=94fa0e0eb25a70dfa1908c33ac0e556f8944a9b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:5d:52:49:3a:e9:3c:63:d5:18:21:76:3e:7d:
                    54:68:ad:f9:23:14:90:97:04:03:dc:0e:17:ac:1e:
                    d5:67:30:e0:db:98:f6:e0:f5:ff:fa:84:36:f1:e8:
                    96:17:5f:35:5d:bf:74:64:0e:83:e2:3c:e7:90:8d:
                    d7:de:d0:f0:5e:8f:93:80:77:fe:82:0d:13:f3:1a:
                    ff:89:0a:13:3a:f7:7f:6d:2d:19:ee:a4:fc:aa:bf:
                    4a:5f:cd:f7:80:f1:3d:bc:0c:bb:cc:84:b1:fc:52:
                    8f:9b:33:46:6c:ee:e5:04:63:d9:73:32:24:dc:6d:
                    2b:c0:8a:da:64:db:56:80:89:a3:4d:c1:3f:b2:1d:
                    70:01:86:87:74:00:77:32:8b:4a:8d:6d:5f:0d:62:
                    d9:99:f3:a5:7b:5a:ac:5a:94:e8:7b:93:b6:f3:e2:
                    7c:c1:11:07:3e:d5:83:6c:27:cb:e7:24:bd:fd:9f:
                    af:7b:ac:87:66:45:a4:b4:82:1a:00:fe:22:64:b0:
                    8c:b6:5f:9f:fa:6f:40:86:f4:43:35:00:1d:a8:de:
                    43:00:85:40:a3:f6:c2:9d:d1:a6:21:22:5e:ee:92:
                    d9:af:91:38:70:8a:1e:37:76:35:d0:96:12:9e:d5:
                    1b:5b:55:75:ac:b0:0c:e2:14:59:77:65:77:ab:ae:
                    de:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:FA:0E:0E:B2:5A:70:DF:A1:90:8C:33:AC:0E:55:6F:89:44:A9:B0
            X509v3 Authority Key Identifier:
                keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/lPoODrJacN-hkIwzrA5Vb4lEqbA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.148.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:40:27:67:5b:90:38:e2:30:bf:a1:3e:8b:8f:a2:a5:25:77:
         2d:c5:9f:c3:a0:f8:c5:39:0a:9a:81:73:22:c7:48:3e:26:d9:
         73:0f:6c:42:3b:ac:ca:66:0b:ba:fa:9b:f0:78:39:82:c7:ef:
         fa:0a:0b:24:f0:f8:3e:41:8e:d9:80:c3:ef:46:19:0c:11:33:
         ea:d1:31:94:58:41:ad:c5:d8:eb:89:af:b9:92:db:08:ea:10:
         b6:ab:df:c9:24:bd:5e:37:3e:f4:9d:84:04:58:2a:34:fd:ae:
         90:43:e1:03:b4:ae:d6:c3:ac:4e:75:a2:60:59:9e:48:cb:38:
         69:73:82:fa:41:5c:3a:3c:f2:f0:75:86:8e:a2:2c:5a:5d:7b:
         22:a2:5c:cc:ef:4e:d1:78:dc:46:b9:93:47:cc:d2:fb:53:d0:
         ad:86:17:fe:55:d9:72:4f:1c:81:4e:fc:fe:2d:2f:6d:5a:25:
         86:32:0a:4f:8b:81:0c:cc:da:ac:69:a6:f2:d8:03:c6:cd:e8:
         f9:b6:fc:bd:b4:15:e6:84:a8:95:17:b2:e1:69:92:ac:0d:86:
         ed:db:22:e0:77:b7:4a:61:0b:08:8d:f8:9a:d6:19:ae:28:32:
         85:95:96:b6:cc:29:56:16:7f:4d:7b:63:5c:1b:84:ed:45:df:
         a5:db:81:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJYshqUsi+CBQ4LVz38ZfQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjIwODAxMDkxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGZhMGUwZWIyNWE3MGRmYTE5MDhjMzNhYzBlNTU2Zjg5NDRhOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF1SSTrpPGPVGCF2Pn1UaK35IxSQ
lwQD3A4XrB7VZzDg25j24PX/+oQ28eiWF181Xb90ZA6D4jznkI3X3tDwXo+TgHf+
gg0T8xr/iQoTOvd/bS0Z7qT8qr9KX833gPE9vAy7zISx/FKPmzNGbO7lBGPZczIk
3G0rwIraZNtWgImjTcE/sh1wAYaHdAB3MotKjW1fDWLZmfOle1qsWpToe5O28+J8
wREHPtWDbCfL5yS9/Z+ve6yHZkWktIIaAP4iZLCMtl+f+m9AhvRDNQAdqN5DAIVA
o/bCndGmISJe7pLZr5E4cIoeN3Y10JYSntUbW1V1rLAM4hRZd2V3q67eYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJT6Dg6yWnDfoZCMM6wOVW+JRKmwMB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvbFBvT0RySmFjTi1oa0l3enJBNVZiNGxFcWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5R+MA0G
CSqGSIb3DQEBCwUAA4IBAQB4QCdnW5A44jC/oT6Lj6KlJXctxZ/DoPjFOQqagXMi
x0g+JtlzD2xCO6zKZgu6+pvweDmCx+/6Cgsk8Pg+QY7ZgMPvRhkMETPq0TGUWEGt
xdjria+5ktsI6hC2q9/JJL1eNz70nYQEWCo0/a6QQ+EDtK7Ww6xOdaJgWZ5Iyzhp
c4L6QVw6PPLwdYaOoixaXXsiolzM707ReNxGuZNHzNL7U9Cthhf+VdlyTxyBTvz+
LS9tWiWGMgpPi4EMzNqsaaby2APGzej5tvy9tBXmhKiVF7LhaZKsDYbt2yLgd7dK
YQsIjfia1hmuKDKFlZa2zClWFn9Ne2NcG4TtRd+l24G+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:19 2024 by rpki-client on console-ams.rpki-client.org