Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/fiKWlshh6jK2_3pgFj3jRxzypRI.roa
File:                     fiKWlshh6jK2_3pgFj3jRxzypRI.roa (raw, json)
Hash identifier:          XZOOrWyxhAd3+NpUxlL7qZd0PTpXd9uM1yDvVmi+1rE=
Subject key identifier:   7E:22:96:96:C8:61:EA:32:B6:FF:7A:60:16:3D:E3:47:1C:F2:A5:12
Certificate issuer:       /CN=4368330bea2dfe880ffa62f67b566aeae2d287fd
Certificate serial:       018340371861EBF65842872F62DCD0EE820A
Authority key identifier: 43:68:33:0B:EA:2D:FE:88:0F:FA:62:F6:7B:56:6A:EA:E2:D2:87:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/fiKWlshh6jK2_3pgFj3jRxzypRI.roa
Signing time:             Thu 15 Sep 2022 08:14:56 +0000
ROA not before:           Thu 15 Sep 2022 08:14:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47873
IP address blocks:        91.205.123.0/24 maxlen: 24
                          91.205.120.0/24 maxlen: 24
                          91.205.121.0/24 maxlen: 24
                          91.205.122.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:40:37:18:61:eb:f6:58:42:87:2f:62:dc:d0:ee:82:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4368330bea2dfe880ffa62f67b566aeae2d287fd
        Validity
            Not Before: Sep 15 08:14:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7e229696c861ea32b6ff7a60163de3471cf2a512
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7e:b5:1f:69:28:56:9d:0a:e4:08:33:94:df:
                    17:04:ab:9b:09:0e:e7:dc:1f:55:3c:a2:53:fa:b5:
                    73:96:83:a3:2a:15:63:8d:9a:83:cd:46:9c:7b:7b:
                    4f:19:a5:b0:54:5c:4a:8c:6b:4b:32:23:55:84:66:
                    0f:6e:5f:5b:9d:6f:1a:d2:58:8f:03:75:21:cb:e7:
                    8c:e0:1e:ce:a6:e4:81:06:df:e6:80:c6:7b:3d:f0:
                    7c:7e:6b:8b:99:95:00:25:2d:f1:0d:6b:50:5f:05:
                    c7:06:06:69:3b:74:b9:b7:16:ab:46:38:f6:0a:90:
                    c1:56:4c:f6:91:0a:26:8f:be:23:c9:b9:7d:8b:1c:
                    14:99:39:5a:0f:25:b2:e2:fe:c1:5f:51:de:06:0b:
                    de:ab:c2:57:82:0f:d5:58:20:59:d5:7b:be:da:a5:
                    da:ed:e9:a5:d0:a2:13:2d:b8:0e:0f:a6:a7:3c:84:
                    69:e9:7a:40:7c:8f:fd:d5:70:3e:26:71:ed:b9:86:
                    5c:00:31:19:ed:c6:4e:d6:10:57:91:eb:29:2e:36:
                    4b:e6:01:2d:87:35:da:c9:95:dc:26:a4:e2:ab:45:
                    d1:a9:59:62:50:cb:8e:80:c7:3f:04:e8:78:c0:87:
                    4e:09:f2:ba:8f:fa:8a:e8:5e:92:7d:c5:cc:ee:06:
                    1b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:22:96:96:C8:61:EA:32:B6:FF:7A:60:16:3D:E3:47:1C:F2:A5:12
            X509v3 Authority Key Identifier:
                keyid:43:68:33:0B:EA:2D:FE:88:0F:FA:62:F6:7B:56:6A:EA:E2:D2:87:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/fiKWlshh6jK2_3pgFj3jRxzypRI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:bf:87:05:c0:3d:73:f2:95:43:f8:fd:f4:c8:13:06:17:75:
         ce:25:68:ac:f3:3e:c0:23:ed:90:22:96:04:64:fa:d6:80:54:
         a5:97:f5:14:71:e5:e4:88:51:9a:db:72:b5:53:8b:69:3c:2d:
         03:1b:f1:a6:11:48:18:87:6b:d7:e6:43:4d:30:97:3a:2f:5d:
         08:d8:6e:37:e7:1b:fb:c3:c4:0b:3f:89:24:64:85:23:76:3e:
         30:e8:1e:22:6d:20:81:7a:4a:c1:60:57:60:be:b6:67:67:dc:
         0d:92:df:f2:b6:41:a0:98:ae:2f:3c:02:c4:24:84:10:dc:6b:
         85:11:d9:47:96:4e:4f:33:1d:a8:67:0d:52:0f:aa:88:69:f8:
         09:e7:ee:c6:2f:9f:34:e2:4d:59:c4:2e:92:db:fc:ab:10:e9:
         7a:d1:41:43:02:c1:6d:e3:af:33:47:01:1d:8e:d6:7e:e5:8c:
         15:4b:5c:81:12:0c:73:8b:09:10:da:4c:4c:60:7f:1b:9e:59:
         0b:bd:b5:85:8e:af:6c:bc:2a:35:13:71:e3:1a:51:95:75:0f:
         86:ba:cb:ca:b6:4a:b9:59:82:b8:1a:d5:f4:c7:e8:49:35:aa:
         3e:e4:ac:d2:61:4a:d6:91:4f:6c:c2:ae:06:0e:d2:cf:25:25:
         1d:65:73:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNANxhh6/ZYQocvYtzQ7oIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjgzMzBiZWEyZGZlODgwZmZhNjJmNjdiNTY2YWVhZTJk
Mjg3ZmQwHhcNMjIwOTE1MDgxNDU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTIyOTY5NmM4NjFlYTMyYjZmZjdhNjAxNjNkZTM0NzFjZjJhNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn61H2koVp0K5AgzlN8XBKubCQ7n
3B9VPKJT+rVzloOjKhVjjZqDzUace3tPGaWwVFxKjGtLMiNVhGYPbl9bnW8a0liP
A3Uhy+eM4B7OpuSBBt/mgMZ7PfB8fmuLmZUAJS3xDWtQXwXHBgZpO3S5txarRjj2
CpDBVkz2kQomj74jybl9ixwUmTlaDyWy4v7BX1HeBgveq8JXgg/VWCBZ1Xu+2qXa
7eml0KITLbgOD6anPIRp6XpAfI/91XA+JnHtuYZcADEZ7cZO1hBXkespLjZL5gEt
hzXayZXcJqTiq0XRqVliUMuOgMc/BOh4wIdOCfK6j/qK6F6SfcXM7gYbqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4ilpbIYeoytv96YBY940cc8qUSMB8GA1UdIwQY
MBaAFENoMwvqLf6ID/pi9ntWauri0of9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJnekMtb3Rfb2dQLW1MMmUxWnE2dUxTaF8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84ZmMzYjAtOTcwNC00NzUxLWIxNDkt
NWEzN2Y2YTFiY2E5LzEvZmlLV2xzaGg2aksyXzNwZ0ZqM2pSeHp5cFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS84ZmMzYjAtOTcwNC00NzUxLWIxNDktNWEzN2Y2YTFiY2E5
LzEvUTJnekMtb3Rfb2dQLW1MMmUxWnE2dUxTaF8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW814MA0G
CSqGSIb3DQEBCwUAA4IBAQCRv4cFwD1z8pVD+P30yBMGF3XOJWis8z7AI+2QIpYE
ZPrWgFSll/UUceXkiFGa23K1U4tpPC0DG/GmEUgYh2vX5kNNMJc6L10I2G435xv7
w8QLP4kkZIUjdj4w6B4ibSCBekrBYFdgvrZnZ9wNkt/ytkGgmK4vPALEJIQQ3GuF
EdlHlk5PMx2oZw1SD6qIafgJ5+7GL5804k1ZxC6S2/yrEOl60UFDAsFt468zRwEd
jtZ+5YwVS1yBEgxziwkQ2kxMYH8bnlkLvbWFjq9svCo1E3HjGlGVdQ+GusvKtkq5
WYK4GtX0x+hJNao+5KzSYUrWkU9swq4GDtLPJSUdZXM6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:39 2024 by rpki-client on console-fra.rpki-client.org