Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/t4OvI-QxOL-YsTewvP1YR-6HZXc.roa
File:                     t4OvI-QxOL-YsTewvP1YR-6HZXc.roa (raw, json)
Hash identifier:          rBx59tH/mzl2tWe8cILzlTnkVaWzMaQC+iJ1u3LzgvM=
Subject key identifier:   B7:83:AF:23:E4:31:38:BF:98:B1:37:B0:BC:FD:58:47:EE:87:65:77
Certificate issuer:       /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial:       1684F7
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/t4OvI-QxOL-YsTewvP1YR-6HZXc.roa
Signing time:             Mon 14 Mar 2022 20:08:37 +0000
ROA not before:           Mon 14 Mar 2022 20:08:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47891
IP address blocks:        91.212.26.0/24 maxlen: 24
                          185.177.44.0/24 maxlen: 24
                          2a0a:2f81::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1475831 (0x1684f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
        Validity
            Not Before: Mar 14 20:08:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b783af23e43138bf98b137b0bcfd5847ee876577
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:2f:31:3f:05:6a:7f:e4:bf:a7:f1:38:61:c9:
                    2f:c2:b2:e2:f6:80:aa:ef:12:d7:3e:c8:46:46:d3:
                    cd:b0:fc:76:60:54:26:2c:71:15:0a:10:c4:92:b1:
                    cb:f9:e7:ee:d6:57:45:56:5d:3b:a5:76:d3:62:c4:
                    30:fa:df:ec:6f:8c:3b:75:21:3a:05:c9:c7:b7:ec:
                    10:db:17:37:56:a3:e4:d9:71:c5:41:84:b6:b5:43:
                    1e:dd:a8:b5:eb:3f:88:6b:b7:4e:b1:45:3f:f7:89:
                    21:32:80:6f:f1:77:f7:e6:6b:01:32:52:5f:b7:45:
                    15:bc:2b:ae:87:2c:ea:44:76:47:71:73:cb:4f:a2:
                    a8:f3:63:8c:a3:8a:73:0f:ea:20:aa:1a:73:8d:75:
                    12:60:f9:d4:de:2f:48:54:4e:c4:fa:1e:ae:5c:54:
                    3a:fd:63:8e:16:f1:45:d7:f2:aa:24:d1:58:59:f4:
                    52:93:a2:a2:49:01:2d:cb:cb:98:36:b8:a0:4a:ea:
                    40:3c:69:4d:56:76:38:8f:d1:8b:14:22:29:49:13:
                    2f:7e:6e:ae:69:29:bd:7f:25:5f:ff:3a:d8:3e:37:
                    b6:c1:62:34:f2:73:7d:88:27:66:7c:fe:fe:f6:c6:
                    a0:56:03:dd:97:2e:31:78:d4:53:1e:12:a0:d7:a1:
                    c4:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:83:AF:23:E4:31:38:BF:98:B1:37:B0:BC:FD:58:47:EE:87:65:77
            X509v3 Authority Key Identifier:
                keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/t4OvI-QxOL-YsTewvP1YR-6HZXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.212.26.0/24
                  185.177.44.0/24
                IPv6:
                  2a0a:2f81::/32

    Signature Algorithm: sha256WithRSAEncryption
         29:6f:28:9f:00:e2:dc:d2:82:24:2a:d2:f6:df:4e:b1:09:2a:
         ca:c9:dd:e8:e4:8a:9f:e3:ef:8c:b3:eb:0e:e7:48:84:33:4f:
         18:8d:00:aa:30:c7:95:da:20:44:d5:ff:6e:56:ef:08:ae:b1:
         b3:15:71:72:30:7a:0c:cc:e1:15:63:6b:11:c4:1b:bf:9e:41:
         99:2c:68:53:83:22:8a:ea:b3:2e:eb:bd:50:f6:5d:d4:dd:fb:
         91:18:62:5a:0f:65:8a:c4:f2:37:47:13:24:4f:22:8b:47:f9:
         56:51:54:92:e0:72:80:dd:bc:d0:e0:5f:00:07:32:57:4e:b9:
         9a:76:5b:32:9a:6d:27:ec:8f:7a:d0:a5:6f:b2:ed:8f:5b:98:
         c0:fb:25:75:8c:87:cf:94:b0:93:86:a0:f9:14:98:6f:4b:40:
         48:4b:93:b2:3f:6f:35:09:fe:3f:26:e9:d6:2c:2e:5d:5c:bb:
         83:68:84:bf:f5:d4:92:c7:c6:87:bb:b1:d6:41:c9:80:04:a4:
         3e:ee:96:e1:a1:0c:a6:84:c7:b0:0c:17:09:17:aa:07:9d:4d:
         61:8d:63:4f:ef:4d:59:0a:ed:18:00:a6:70:f7:7f:84:d5:2e:
         de:1e:3f:02:02:2b:51:df:0f:d5:df:62:36:9c:5a:60:f5:03:
         b1:72:35:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDFoT3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIx
Y2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJjYzMxOWQwHhcNMjIwMzE0
MjAwODM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNzgzYWYyM2U0MzEz
OGJmOThiMTM3YjBiY2ZkNTg0N2VlODc2NTc3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAry8xPwVqf+S/p/E4YckvwrLi9oCq7xLXPshGRtPNsPx2YFQm
LHEVChDEkrHL+efu1ldFVl07pXbTYsQw+t/sb4w7dSE6BcnHt+wQ2xc3VqPk2XHF
QYS2tUMe3ai16z+Ia7dOsUU/94khMoBv8Xf35msBMlJft0UVvCuuhyzqRHZHcXPL
T6Ko82OMo4pzD+ogqhpzjXUSYPnU3i9IVE7E+h6uXFQ6/WOOFvFF1/KqJNFYWfRS
k6KiSQEty8uYNrigSupAPGlNVnY4j9GLFCIpSRMvfm6uaSm9fyVf/zrYPje2wWI0
8nN9iCdmfP7+9sagVgPdly4xeNRTHhKg16HEqwIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFLeDryPkMTi/mLE3sLz9WEfuh2V3MB8GA1UdIwQYMBaAFCHLKsN3/GA/lfrs
xUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4LzEv
dDRPdkktUXhPTC1Zc1Rld3ZQMVlSLTZIWlhjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82
N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4LzEvSWNzcXczZjhZRC1W
LXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9QaAwQAubEsMA0EAgACMAcDBQAq
Ci+BMA0GCSqGSIb3DQEBCwUAA4IBAQApbyifAOLc0oIkKtL2306xCSrKyd3o5Iqf
4++Ms+sO50iEM08YjQCqMMeV2iBE1f9uVu8IrrGzFXFyMHoMzOEVY2sRxBu/nkGZ
LGhTgyKK6rMu671Q9l3U3fuRGGJaD2WKxPI3RxMkTyKLR/lWUVSS4HKA3bzQ4F8A
BzJXTrmadlsymm0n7I960KVvsu2PW5jA+yV1jIfPlLCThqD5FJhvS0BIS5OyP281
Cf4/JunWLC5dXLuDaIS/9dSSx8aHu7HWQcmABKQ+7pbhoQymhMewDBcJF6oHnU1h
jWNP701ZCu0YAKZw93+E1S7eHj8CAitR3w/V32I2nFpg9QOxcjXx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:37 2024 by rpki-client on console-fra.rpki-client.org