Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/x97J8qG9yyeGYRMk8H8WRX-z6ns.roa
File:                     x97J8qG9yyeGYRMk8H8WRX-z6ns.roa (raw, json)
Hash identifier:          voIezT+Jkt1EHF+jzZZHVTbdHLRPgqfBqDFpQZGgE0c=
Subject key identifier:   C7:DE:C9:F2:A1:BD:CB:27:86:61:13:24:F0:7F:16:45:7F:B3:EA:7B
Certificate issuer:       /CN=36900183cf08a6e5bc807846294a46062e190e3b
Certificate serial:       01C90F90
Authority key identifier: 36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/x97J8qG9yyeGYRMk8H8WRX-z6ns.roa
Signing time:             Tue 28 Jun 2022 12:19:47 +0000
ROA not before:           Tue 28 Jun 2022 12:19:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207459
IP address blocks:        80.91.218.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29953936 (0x1c90f90)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36900183cf08a6e5bc807846294a46062e190e3b
        Validity
            Not Before: Jun 28 12:19:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c7dec9f2a1bdcb2786611324f07f16457fb3ea7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:f3:9f:75:ba:82:8e:da:9e:10:e3:b6:e7:3e:
                    73:d6:f9:d7:19:83:9c:cc:c4:62:0e:4e:e4:bf:cf:
                    44:3b:42:f0:4a:64:c8:f3:35:5d:c1:56:c1:70:4c:
                    83:03:61:34:e8:95:73:7c:65:1d:80:75:ae:66:22:
                    eb:a0:ae:b9:ba:fa:6e:37:f5:78:64:a6:b9:90:39:
                    f5:05:b1:2a:d1:2e:c3:01:ad:1d:cf:a7:2a:7f:c1:
                    d0:4c:0c:f4:d4:e2:34:3f:38:09:a9:aa:c8:43:d3:
                    5d:de:bf:ac:4a:6a:9b:fb:11:92:2b:25:70:8a:d7:
                    a2:fb:90:44:5b:57:50:17:82:99:cd:de:f7:fe:19:
                    c7:d9:a8:ca:63:cc:9a:b2:45:50:20:4f:bf:c4:92:
                    27:6a:a4:be:e0:00:46:29:3c:cd:08:57:d2:3d:4d:
                    fb:e8:8d:5d:d7:ad:50:bb:5b:dc:39:0d:33:22:5a:
                    68:ca:42:10:8f:46:fd:35:95:d8:af:9f:84:fc:b7:
                    63:b9:ee:31:6d:bf:b8:42:0e:13:50:4b:8d:a4:f4:
                    78:df:69:b1:d0:19:d8:22:80:4b:85:cd:ae:c0:db:
                    92:33:d3:3d:e0:e7:fd:18:a2:b4:b3:4f:f1:ec:ea:
                    66:c7:03:67:91:99:52:02:2d:d4:4b:36:48:b5:c4:
                    49:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:DE:C9:F2:A1:BD:CB:27:86:61:13:24:F0:7F:16:45:7F:B3:EA:7B
            X509v3 Authority Key Identifier:
                keyid:36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/x97J8qG9yyeGYRMk8H8WRX-z6ns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/NpABg88IpuW8gHhGKUpGBi4ZDjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.91.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:3b:a2:d5:e6:e2:5f:a1:e3:e8:97:d8:47:97:e0:1f:a4:34:
         5d:fa:2e:37:c1:46:de:14:b5:d0:2f:db:3b:b5:06:fa:ca:45:
         9a:b9:1d:88:13:3b:6c:1b:a6:ca:43:a7:48:bb:80:42:41:e2:
         48:53:16:a6:92:fc:43:9d:14:c4:a6:62:06:a3:e3:77:bf:2e:
         4f:4e:b8:3d:6e:0e:9d:38:d7:3c:83:ee:a8:74:48:7d:ff:1a:
         96:6f:ec:0f:b0:55:0a:e7:05:f7:4b:1f:3e:fe:45:79:e6:ef:
         b0:3a:d7:01:3f:b0:e0:59:bd:fc:15:5d:c4:54:90:e4:be:4d:
         ad:bf:b6:e9:b8:c9:d3:3f:d3:d6:f9:f0:8b:93:49:25:2d:93:
         31:e7:8b:d7:d5:53:e5:58:90:88:87:c2:10:c8:6c:29:e3:68:
         aa:48:3d:12:10:24:fd:10:c4:e6:06:62:d1:81:b8:32:d0:04:
         8c:77:bb:a8:51:4a:fe:74:df:25:14:d5:e4:91:18:30:08:4d:
         e6:26:4b:1e:23:bc:12:7e:c9:04:74:93:d2:2a:68:77:32:0f:
         96:96:88:85:75:c7:d1:a8:1a:72:b1:c0:2d:01:fa:ea:3c:72:
         ca:09:f4:5b:f8:97:30:95:e3:cc:89:1d:b8:40:15:31:27:0b:
         a3:03:ed:c3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAckPkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjkwMDE4M2NmMDhhNmU1YmM4MDc4NDYyOTRhNDYwNjJlMTkwZTNiMB4XDTIyMDYy
ODEyMTk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzdkZWM5ZjJhMWJk
Y2IyNzg2NjExMzI0ZjA3ZjE2NDU3ZmIzZWE3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIPzn3W6go7anhDjtuc+c9b51xmDnMzEYg5O5L/PRDtC8Epk
yPM1XcFWwXBMgwNhNOiVc3xlHYB1rmYi66Cuubr6bjf1eGSmuZA59QWxKtEuwwGt
Hc+nKn/B0EwM9NTiND84CamqyEPTXd6/rEpqm/sRkislcIrXovuQRFtXUBeCmc3e
9/4Zx9moymPMmrJFUCBPv8SSJ2qkvuAARik8zQhX0j1N++iNXdetULtb3DkNMyJa
aMpCEI9G/TWV2K+fhPy3Y7nuMW2/uEIOE1BLjaT0eN9psdAZ2CKAS4XNrsDbkjPT
PeDn/RiitLNP8ezqZscDZ5GZUgIt1Es2SLXESQkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTH3snyob3LJ4ZhEyTwfxZFf7PqezAfBgNVHSMEGDAWgBQ2kAGDzwim5byA
eEYpSkYGLhkOOzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05wQUJnODhJcHVXOGdIaEdLVXBHQmk0WkRqcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvNWEzMmJjLTA4MzYtNDdlYy1iNWIzLTJmNWI2YTgzZmFmMy8x
L3g5N0o4cUc5eXllR1lSTWs4SDhXUlgtejZucy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
NWEzMmJjLTA4MzYtNDdlYy1iNWIzLTJmNWI2YTgzZmFmMy8xL05wQUJnODhJcHVX
OGdIaEdLVXBHQmk0WkRqcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFBb2jANBgkqhkiG9w0BAQsFAAOC
AQEAtjui1ebiX6Hj6JfYR5fgH6Q0XfouN8FG3hS10C/bO7UG+spFmrkdiBM7bBum
ykOnSLuAQkHiSFMWppL8Q50UxKZiBqPjd78uT064PW4OnTjXPIPuqHRIff8alm/s
D7BVCucF90sfPv5FeebvsDrXAT+w4Fm9/BVdxFSQ5L5Nrb+26bjJ0z/T1vnwi5NJ
JS2TMeeL19VT5ViQiIfCEMhsKeNoqkg9EhAk/RDE5gZi0YG4MtAEjHe7qFFK/nTf
JRTV5JEYMAhN5iZLHiO8En7JBHST0ipodzIPlpaIhXXH0agacrHALQH66jxyygn0
W/iXMJXjzIkduEAVMScLowPtww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:29 2024 by rpki-client on console-fra.rpki-client.org