Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/y5HvMngJGdfX0H78Sz6wG9jF9wI.roa
File:                     y5HvMngJGdfX0H78Sz6wG9jF9wI.roa (raw, json)
Hash identifier:          qFwOznl7hQC+3nClBGNeDHhlGxCRbVuFx9LPRvg2Yts=
Subject key identifier:   CB:91:EF:32:78:09:19:D7:D7:D0:7E:FC:4B:3E:B0:1B:D8:C5:F7:02
Certificate issuer:       /CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Certificate serial:       04EA6DE3
Authority key identifier: 56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/y5HvMngJGdfX0H78Sz6wG9jF9wI.roa
Signing time:             Thu 12 May 2022 06:04:03 +0000
ROA not before:           Thu 12 May 2022 06:04:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199103
IP address blocks:        91.105.200.0/22 maxlen: 22
                          185.220.92.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82472419 (0x4ea6de3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
        Validity
            Not Before: May 12 06:04:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cb91ef32780919d7d7d07efc4b3eb01bd8c5f702
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:0a:5b:09:f5:0c:03:b9:38:e6:5e:0c:b4:e5:
                    18:b4:fa:99:7b:03:c5:90:66:3b:26:a3:8b:7f:97:
                    f6:1a:77:5e:3d:d7:29:1c:2e:11:b7:b0:a9:14:0b:
                    98:09:b7:72:cd:cc:85:1e:13:05:0c:10:06:57:3b:
                    08:6c:5c:05:20:02:12:82:e3:90:76:39:79:bf:11:
                    f1:93:95:a3:8e:d9:e8:60:25:6d:fd:9b:b0:a4:63:
                    f7:f1:99:b6:ad:3b:ab:90:60:31:7e:d4:9e:e0:c3:
                    b8:3f:65:c2:51:73:71:e1:ec:78:d3:21:d8:d6:1e:
                    35:f2:bf:92:85:c7:47:a7:2e:ce:bf:b0:43:f3:d0:
                    a8:f4:7d:ad:34:7d:7a:7d:b7:55:9a:cf:a8:e2:13:
                    1e:36:dc:04:5a:3c:14:2c:96:75:1a:c1:56:23:d5:
                    18:76:1a:94:63:66:38:47:7b:d3:48:a4:fa:f5:f9:
                    27:e1:87:28:16:13:37:f2:74:08:6b:aa:4c:ef:16:
                    b1:b6:3f:80:dc:fe:56:80:98:fd:5a:58:36:e6:b8:
                    d7:76:8c:57:ae:f6:36:b7:55:f8:2d:b6:01:f8:02:
                    eb:fe:c4:e4:47:2a:aa:b8:87:7c:97:fa:f2:ab:0e:
                    5d:90:a7:b9:f3:c4:8e:92:1c:e5:c0:cf:bf:5a:0c:
                    39:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:91:EF:32:78:09:19:D7:D7:D0:7E:FC:4B:3E:B0:1B:D8:C5:F7:02
            X509v3 Authority Key Identifier:
                keyid:56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/y5HvMngJGdfX0H78Sz6wG9jF9wI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.105.200.0/22
                  185.220.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:d4:c0:1d:40:af:f2:f3:c0:48:44:70:84:f3:fc:d0:31:9c:
         5c:9c:35:79:b5:f3:4f:44:db:07:15:d2:08:41:03:29:d4:7e:
         2f:4c:a0:1e:85:85:0b:f8:85:ba:88:b6:41:93:2f:c9:44:b2:
         88:e8:3a:05:c6:30:7e:06:87:cf:b9:f4:96:39:29:12:96:5e:
         90:78:bf:d0:9c:de:88:94:2e:a0:8b:78:32:dd:4f:33:63:af:
         8b:16:d1:53:97:19:7b:c6:e0:d5:60:39:a9:52:40:3b:ea:ac:
         19:1e:24:24:61:a5:01:88:4b:e5:af:4d:61:bb:31:50:d2:ee:
         bf:dd:2f:7a:8a:7d:76:b4:b9:75:6f:7c:4d:fa:c9:ff:c7:ab:
         f1:47:dd:66:94:09:b2:e6:ae:54:2e:c5:c2:5d:cf:ec:34:c5:
         5a:33:e6:3d:bf:2d:ce:04:8c:02:97:5a:90:6c:b0:25:a0:98:
         ea:4d:20:6b:f4:06:35:60:71:3d:3b:28:60:99:9a:08:07:b0:
         82:ee:4b:e5:66:3c:ac:24:a3:e9:7a:89:62:72:f2:65:a4:2f:
         31:1c:8d:15:71:d6:0d:79:12:c6:1c:a2:ec:0d:cd:51:8f:07:
         a5:99:ce:eb:4d:59:8e:c2:09:43:8b:be:c1:0c:7c:d3:f1:27:
         0b:07:80:32
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBOpt4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NmE0OTg3YmY4YzZiNGNkZDY1N2JiYzJkMGE1ZTEzZTliNjI2Y2I5MB4XDTIyMDUx
MjA2MDQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I5MWVmMzI3ODA5
MTlkN2Q3ZDA3ZWZjNGIzZWIwMWJkOGM1ZjcwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkKWwn1DAO5OOZeDLTlGLT6mXsDxZBmOyaji3+X9hp3Xj3X
KRwuEbewqRQLmAm3cs3MhR4TBQwQBlc7CGxcBSACEoLjkHY5eb8R8ZOVo47Z6GAl
bf2bsKRj9/GZtq07q5BgMX7UnuDDuD9lwlFzceHseNMh2NYeNfK/koXHR6cuzr+w
Q/PQqPR9rTR9en23VZrPqOITHjbcBFo8FCyWdRrBViPVGHYalGNmOEd700ik+vX5
J+GHKBYTN/J0CGuqTO8WsbY/gNz+VoCY/VpYNua413aMV672NrdV+C22AfgC6/7E
5EcqqriHfJf68qsOXZCnufPEjpIc5cDPv1oMOeECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTLke8yeAkZ19fQfvxLPrAb2MX3AjAfBgNVHSMEGDAWgBRWpJh7+Ma0zdZX
u8LQpeE+m2JsuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZxU1llX2pHdE0zV1Y3dkMwS1hoUHB0aWJMay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvODgwOWRkLTY2N2EtNDA0Ny04MTA0LWRlNTg2OThiNjQ3MC8x
L3k1SHZNbmdKR2RmWDBINzhTejZ3RzlqRjl3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
ODgwOWRkLTY2N2EtNDA0Ny04MTA0LWRlNTg2OThiNjQ3MC8xL1ZxU1llX2pHdE0z
V1Y3dkMwS1hoUHB0aWJMay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAltpyAMEAbncXDANBgkqhkiG9w0B
AQsFAAOCAQEAAdTAHUCv8vPASERwhPP80DGcXJw1ebXzT0TbBxXSCEEDKdR+L0yg
HoWFC/iFuoi2QZMvyUSyiOg6BcYwfgaHz7n0ljkpEpZekHi/0JzeiJQuoIt4Mt1P
M2OvixbRU5cZe8bg1WA5qVJAO+qsGR4kJGGlAYhL5a9NYbsxUNLuv90veop9drS5
dW98TfrJ/8er8UfdZpQJsuauVC7Fwl3P7DTFWjPmPb8tzgSMApdakGywJaCY6k0g
a/QGNWBxPTsoYJmaCAewgu5L5WY8rCSj6XqJYnLyZaQvMRyNFXHWDXkSxhyi7A3N
UY8HpZnO601ZjsIJQ4u+wQx80/EnCweAMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:23 2024 by rpki-client on console-ams.rpki-client.org