Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/bOBStrCsdinuS3e6wq3T7OK0hfw.roa
File:                     bOBStrCsdinuS3e6wq3T7OK0hfw.roa (raw, json)
Hash identifier:          rSO3HSr+3cLE27TavH7lhGW7IqewwPya9ulVsoIZAEE=
Subject key identifier:   6C:E0:52:B6:B0:AC:76:29:EE:4B:77:BA:C2:AD:D3:EC:E2:B4:85:FC
Certificate issuer:       /CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Certificate serial:       0183EADF1530BC2F8AABA2791082E512F07F
Authority key identifier: 30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/bOBStrCsdinuS3e6wq3T7OK0hfw.roa
Signing time:             Tue 18 Oct 2022 11:33:51 +0000
ROA not before:           Tue 18 Oct 2022 11:33:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202348
IP address blocks:        91.240.89.0/24 maxlen: 24
                          2a13:141:4::/48 maxlen: 48
                          2a13:141:2::/48 maxlen: 48
                          2a13:141:11::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ea:df:15:30:bc:2f:8a:ab:a2:79:10:82:e5:12:f0:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
        Validity
            Not Before: Oct 18 11:33:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6ce052b6b0ac7629ee4b77bac2add3ece2b485fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:ae:9b:66:35:b3:38:01:17:29:a7:59:11:f4:
                    8f:b7:92:47:8e:76:90:ba:bb:e5:47:05:4c:64:58:
                    3f:07:ff:97:23:ab:1d:f1:03:01:69:1a:bb:ef:c0:
                    7c:6c:de:c6:66:74:e4:95:3d:5c:d5:db:74:ee:7a:
                    23:fb:d8:7a:db:b0:74:86:09:80:5d:3e:b6:97:73:
                    19:e2:1a:8e:c4:7d:c8:4f:99:bf:d0:08:47:5b:5b:
                    ea:df:d3:1a:58:a7:13:85:48:40:f8:88:af:80:a0:
                    37:9b:e2:b9:ca:85:9c:87:d8:4d:8a:f8:ad:9b:28:
                    30:ab:ac:90:bb:d0:92:56:2b:9c:5f:7f:1d:59:06:
                    89:f4:79:80:6f:02:ad:ad:44:27:5c:65:79:fa:16:
                    6a:8b:8c:f6:e9:9d:25:86:d4:1e:5a:6d:99:f6:f5:
                    2d:de:87:f4:f4:aa:9a:7f:83:1d:bf:bf:a6:0b:8f:
                    a4:c9:1e:39:b0:a4:dd:18:c5:f9:78:88:16:d5:9e:
                    6b:d3:72:7a:58:71:82:f1:d2:d0:fd:93:e3:ae:e7:
                    10:c4:0f:bd:e3:cd:14:d4:eb:c5:75:01:f1:ed:c3:
                    26:88:92:1b:10:69:4e:6d:b5:2b:10:24:db:be:95:
                    11:62:96:1e:90:7a:fa:6b:ea:79:5e:a4:46:56:e4:
                    22:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:E0:52:B6:B0:AC:76:29:EE:4B:77:BA:C2:AD:D3:EC:E2:B4:85:FC
            X509v3 Authority Key Identifier:
                keyid:30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/bOBStrCsdinuS3e6wq3T7OK0hfw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/MNWOQMbZHzcp5X4zRNMItZkv5G4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.240.89.0/24
                IPv6:
                  2a13:141:2::/48
                  2a13:141:4::/48
                  2a13:141:11::/48

    Signature Algorithm: sha256WithRSAEncryption
         1e:11:66:8f:1c:03:44:57:4a:3d:9d:8f:b6:b4:43:78:06:76:
         2f:b2:b7:7e:c6:ec:de:c3:9c:ed:98:45:85:f2:f8:22:91:70:
         84:aa:2e:ea:5a:bb:63:df:89:aa:0f:53:46:25:6f:6e:c6:b5:
         a2:dc:92:52:79:68:20:e4:1a:2f:cd:84:ea:9d:de:fe:f4:c8:
         ac:c9:60:0a:c6:40:4c:66:13:3b:13:31:9b:8e:29:90:5f:a7:
         be:7b:07:7d:38:f4:40:1f:67:de:e5:71:3f:e5:43:65:19:1d:
         58:be:00:f3:a1:d1:2b:10:1d:d0:51:f8:4e:06:7a:ae:4c:3d:
         af:6c:00:a1:b8:a3:57:b2:9e:73:ae:8b:cf:bd:d1:f6:6b:4c:
         bb:b2:4c:16:ea:4d:3a:6e:42:f6:8b:79:ab:e4:a8:37:20:62:
         0a:70:0e:e6:77:e6:2a:ed:54:8d:eb:1a:c9:ac:04:d2:ee:ca:
         29:8c:77:13:c2:36:49:d8:b5:ee:3d:f5:40:a3:fa:72:cf:37:
         b6:75:4c:e3:5b:54:f1:53:77:db:81:6b:48:6b:ee:48:a6:9b:
         16:37:17:ea:a3:65:2f:d6:f7:c2:a1:f3:be:92:44:82:53:34:
         60:53:fa:8a:81:cc:76:a7:1e:a2:6b:bd:6a:83:94:a1:f0:96:
         ba:a1:84:ec
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYPq3xUwvC+Kq6J5EILlEvB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZDU4ZTQwYzZkOTFmMzcyOWU1N2UzMzQ0ZDMwOGI1OTky
ZmU0NmUwHhcNMjIxMDE4MTEzMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2UwNTJiNmIwYWM3NjI5ZWU0Yjc3YmFjMmFkZDNlY2UyYjQ4NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka6bZjWzOAEXKadZEfSPt5JHjnaQ
urvlRwVMZFg/B/+XI6sd8QMBaRq778B8bN7GZnTklT1c1dt07noj+9h627B0hgmA
XT62l3MZ4hqOxH3IT5m/0AhHW1vq39MaWKcThUhA+IivgKA3m+K5yoWch9hNivit
mygwq6yQu9CSViucX38dWQaJ9HmAbwKtrUQnXGV5+hZqi4z26Z0lhtQeWm2Z9vUt
3of09Kqaf4Mdv7+mC4+kyR45sKTdGMX5eIgW1Z5r03J6WHGC8dLQ/ZPjrucQxA+9
480U1OvFdQHx7cMmiJIbEGlObbUrECTbvpURYpYekHr6a+p5XqRGVuQiPQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGzgUrawrHYp7kt3usKt0+zitIX8MB8GA1UdIwQY
MBaAFDDVjkDG2R83KeV+M0TTCLWZL+RuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEt
ZjgyYjcwZDhhMGE3LzEvYk9CU3RyQ3NkaW51UzNlNndxM1Q3T0swaGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEtZjgyYjcwZDhhMGE3
LzEvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAW/BZMCEE
AgACMBsDBwAqEwFBAAIDBwAqEwFBAAQDBwAqEwFBABEwDQYJKoZIhvcNAQELBQAD
ggEBAB4RZo8cA0RXSj2dj7a0Q3gGdi+yt37G7N7DnO2YRYXy+CKRcISqLupau2Pf
iaoPU0Ylb27GtaLcklJ5aCDkGi/NhOqd3v70yKzJYArGQExmEzsTMZuOKZBfp757
B3049EAfZ97lcT/lQ2UZHVi+APOh0SsQHdBR+E4Geq5MPa9sAKG4o1eynnOui8+9
0fZrTLuyTBbqTTpuQvaLeavkqDcgYgpwDuZ35irtVI3rGsmsBNLuyimMdxPCNknY
te499UCj+nLPN7Z1TONbVPFTd9uBa0hr7kimmxY3F+qjZS/W98Kh876SRIJTNGBT
+oqBzHanHqJrvWqDlKHwlrqhhOw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:24 2024 by rpki-client on console-ams.rpki-client.org