Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/X4P8jzzxdBLx2Q8uhcViNv2ASjo.roa
File:                     X4P8jzzxdBLx2Q8uhcViNv2ASjo.roa (raw, json)
Hash identifier:          2cxDdn+Trdf+2UJRi/G2mu2pfJiE8Ev7cW6n+bDoTXo=
Subject key identifier:   5F:83:FC:8F:3C:F1:74:12:F1:D9:0F:2E:85:C5:62:36:FD:80:4A:3A
Certificate issuer:       /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial:       011D7CDF
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/X4P8jzzxdBLx2Q8uhcViNv2ASjo.roa
Signing time:             Sat 01 Jan 2022 00:58:52 +0000
ROA not before:           Sat 01 Jan 2022 00:58:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60674
IP address blocks:        91.216.40.0/24 maxlen: 24
                          2a11:e480::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18709727 (0x11d7cdf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
        Validity
            Not Before: Jan  1 00:58:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5f83fc8f3cf17412f1d90f2e85c56236fd804a3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:41:15:20:40:21:05:0b:bf:67:a9:0e:30:2d:
                    3a:c1:0b:72:30:46:c6:b9:4a:dc:35:98:01:99:40:
                    05:1a:39:e7:3b:57:35:62:3f:16:65:a0:90:f2:b1:
                    19:e6:25:82:3f:d7:a5:a7:23:e9:60:df:55:58:bd:
                    72:78:04:79:99:1b:f4:e5:e4:48:d0:a1:0e:7e:53:
                    9a:7e:73:de:19:0a:17:40:c7:15:b5:fa:5b:f6:89:
                    d3:e9:e7:b1:6a:86:3d:7a:2d:24:bd:9f:98:91:77:
                    7f:34:2d:29:1d:75:1a:8c:30:e2:78:8b:dd:28:c5:
                    36:09:c1:03:38:27:b5:2b:7c:45:f6:ea:2e:73:30:
                    90:5d:8b:ad:81:d2:44:20:b6:01:5e:8c:89:3a:1d:
                    d1:ab:30:e3:1d:fb:1b:f8:29:58:a8:16:e9:f6:06:
                    ce:ef:c6:91:31:31:93:df:49:fb:ff:c6:e4:d4:5f:
                    d6:da:dc:28:2b:85:25:70:24:9a:d8:18:f8:e4:58:
                    85:c4:62:32:dd:b3:a3:1f:ec:cd:7d:2c:c1:fc:77:
                    32:8e:03:31:a6:43:61:84:45:c8:46:95:1e:74:75:
                    93:e6:6c:9c:10:5f:41:de:8f:7b:90:9f:a7:b8:54:
                    0f:78:14:79:9b:84:ae:90:a7:b9:cc:86:61:4d:04:
                    e0:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:83:FC:8F:3C:F1:74:12:F1:D9:0F:2E:85:C5:62:36:FD:80:4A:3A
            X509v3 Authority Key Identifier:
                keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/X4P8jzzxdBLx2Q8uhcViNv2ASjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.40.0/24
                IPv6:
                  2a11:e480::/32

    Signature Algorithm: sha256WithRSAEncryption
         a8:0a:6f:e3:59:58:24:1d:dd:3b:98:38:89:2a:51:65:79:b3:
         89:a0:be:14:15:d3:c6:e4:6d:c3:fa:8a:ba:c2:18:9d:70:0d:
         7a:f7:0d:08:d3:44:00:d2:12:e5:90:b0:4d:44:b8:4b:2c:2f:
         6d:13:17:18:35:cf:0e:25:7a:3d:d4:35:15:1e:35:8c:7a:bd:
         99:91:fc:60:b7:fc:cc:27:e0:8a:d0:ce:c9:5a:b6:6c:d3:b3:
         c2:36:ed:c1:35:0b:bd:46:36:3d:af:89:4d:d9:4b:17:29:46:
         ea:1b:ad:26:6e:bc:cb:6a:ca:41:84:23:7e:36:cd:22:f4:76:
         31:3d:ff:c5:33:7d:0b:76:7b:c2:d8:ff:24:9f:6e:d7:d4:c6:
         d1:05:49:e9:cc:9b:ed:53:e8:35:01:ce:83:ca:62:db:86:c5:
         9a:fd:d4:97:aa:d6:bb:1b:eb:eb:39:d0:82:00:aa:11:5d:47:
         13:97:32:fc:84:3e:56:76:65:06:f9:43:5e:c0:63:1a:d1:6e:
         a2:e3:37:dd:76:22:cc:b7:43:9e:6c:b1:2c:25:8d:a7:fd:d1:
         36:61:7b:e3:a5:0c:9f:60:41:25:71:7e:13:8e:c3:0b:b4:86:
         c9:ae:da:87:67:fe:be:c1:70:2f:78:24:b2:d9:4a:ce:95:11:
         e9:0e:37:68
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAR183zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NmFmY2Q4ZmI0MGFhZTFkMjQzYzJhOGNlMjU0MWE2OTk4N2VlZDEzMB4XDTIyMDEw
MTAwNTg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY4M2ZjOGYzY2Yx
NzQxMmYxZDkwZjJlODVjNTYyMzZmZDgwNGEzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1BFSBAIQULv2epDjAtOsELcjBGxrlK3DWYAZlABRo55ztX
NWI/FmWgkPKxGeYlgj/Xpacj6WDfVVi9cngEeZkb9OXkSNChDn5Tmn5z3hkKF0DH
FbX6W/aJ0+nnsWqGPXotJL2fmJF3fzQtKR11Goww4niL3SjFNgnBAzgntSt8Rfbq
LnMwkF2LrYHSRCC2AV6MiTod0asw4x37G/gpWKgW6fYGzu/GkTExk99J+//G5NRf
1trcKCuFJXAkmtgY+ORYhcRiMt2zox/szX0swfx3Mo4DMaZDYYRFyEaVHnR1k+Zs
nBBfQd6Pe5Cfp7hUD3gUeZuErpCnucyGYU0E4PECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRfg/yPPPF0EvHZDy6FxWI2/YBKOjAfBgNVHSMEGDAWgBRWr82PtAquHSQ8
KoziVBppmH7tEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZxX05qN1FLcmgwa1BDcU00bFFhYVpoLTdSTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvNGMyNjM3LTNiYmItNGE1My1hMjE2LTIzN2JlNzczMDA3YS8x
L1g0UDhqenp4ZEJMeDJROHVoY1ZpTnYyQVNqby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
NGMyNjM3LTNiYmItNGE1My1hMjE2LTIzN2JlNzczMDA3YS8xL1ZxX05qN1FLcmgw
a1BDcU00bFFhYVpoLTdSTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvYKDANBAIAAjAHAwUAKhHkgDAN
BgkqhkiG9w0BAQsFAAOCAQEAqApv41lYJB3dO5g4iSpRZXmziaC+FBXTxuRtw/qK
usIYnXANevcNCNNEANIS5ZCwTUS4SywvbRMXGDXPDiV6PdQ1FR41jHq9mZH8YLf8
zCfgitDOyVq2bNOzwjbtwTULvUY2Pa+JTdlLFylG6hutJm68y2rKQYQjfjbNIvR2
MT3/xTN9C3Z7wtj/JJ9u19TG0QVJ6cyb7VPoNQHOg8pi24bFmv3Ul6rWuxvr6znQ
ggCqEV1HE5cy/IQ+VnZlBvlDXsBjGtFuouM33XYizLdDnmyxLCWNp/3RNmF746UM
n2BBJXF+E47DC7SGya7ah2f+vsFwL3gkstlKzpUR6Q43aA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:03 2024 by rpki-client on console-ams.rpki-client.org