Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/69f8fc-5175-4fb3-aaaf-637cfd72baf0/1/lx3FiBh9JGIEDd06pBYMZvhGz2c.roa
File:                     lx3FiBh9JGIEDd06pBYMZvhGz2c.roa (raw, json)
Hash identifier:          Jdmqxc+9g4IA6kUppXV519ns9vRNwMzcL5ABj1S4FL8=
Subject key identifier:   97:1D:C5:88:18:7D:24:62:04:0D:DD:3A:A4:16:0C:66:F8:46:CF:67
Certificate issuer:       /CN=254cc4ab5d48c5270d40e9fe50e72396deec5869
Certificate serial:       018246195B67882698B7CBE81E9FEB6E1297
Authority key identifier: 25:4C:C4:AB:5D:48:C5:27:0D:40:E9:FE:50:E7:23:96:DE:EC:58:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JUzEq11IxScNQOn-UOcjlt7sWGk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/69f8fc-5175-4fb3-aaaf-637cfd72baf0/1/lx3FiBh9JGIEDd06pBYMZvhGz2c.roa
Signing time:             Thu 28 Jul 2022 18:37:23 +0000
ROA not before:           Thu 28 Jul 2022 18:37:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56622
IP address blocks:        91.226.35.0/24 maxlen: 24
                          91.226.34.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:46:19:5b:67:88:26:98:b7:cb:e8:1e:9f:eb:6e:12:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=254cc4ab5d48c5270d40e9fe50e72396deec5869
        Validity
            Not Before: Jul 28 18:37:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=971dc588187d2462040ddd3aa4160c66f846cf67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:d8:63:84:fd:9c:33:16:42:73:74:28:9f:40:
                    cf:2b:4b:37:ad:4e:ad:a7:30:70:84:67:7e:a5:ce:
                    69:d6:68:13:0e:8f:34:c0:50:42:3d:a6:5c:a3:b8:
                    1d:9f:cb:2d:b3:bb:75:d2:24:9c:6d:cf:8b:41:02:
                    ee:46:0b:7b:3d:48:c3:db:07:99:a5:79:d7:37:3c:
                    21:2d:d0:bf:84:b9:31:55:10:93:f4:31:41:8b:06:
                    2c:df:be:12:c8:36:f1:13:f8:50:e0:7d:c2:e0:79:
                    63:38:00:6d:ae:fa:fd:48:d6:ff:8d:14:0b:f6:6c:
                    36:43:c2:02:f6:ed:f4:f1:c4:3e:c3:49:8c:6b:bf:
                    8e:4f:7b:5c:bc:4c:9c:c6:5a:19:dd:b6:2d:c5:dc:
                    9d:29:13:71:49:48:93:f4:18:31:3a:08:c9:7a:84:
                    d7:6a:8b:c3:2e:05:11:91:f9:45:a4:34:ec:73:0c:
                    60:37:7f:d9:9b:3b:d7:90:db:c1:6b:cf:cc:d8:c2:
                    e3:3e:90:af:a7:26:38:af:27:29:c4:b7:35:ef:19:
                    26:ca:2f:f8:ee:da:53:46:0b:4e:d7:c6:a7:1d:7c:
                    cc:a1:b6:4c:65:12:2b:a6:d0:89:2b:aa:89:54:36:
                    51:e5:2a:23:73:cb:6f:e1:df:22:94:0a:04:d0:5b:
                    b0:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:1D:C5:88:18:7D:24:62:04:0D:DD:3A:A4:16:0C:66:F8:46:CF:67
            X509v3 Authority Key Identifier:
                keyid:25:4C:C4:AB:5D:48:C5:27:0D:40:E9:FE:50:E7:23:96:DE:EC:58:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JUzEq11IxScNQOn-UOcjlt7sWGk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/69f8fc-5175-4fb3-aaaf-637cfd72baf0/1/lx3FiBh9JGIEDd06pBYMZvhGz2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/69f8fc-5175-4fb3-aaaf-637cfd72baf0/1/JUzEq11IxScNQOn-UOcjlt7sWGk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.226.34.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a1:39:9f:23:be:53:be:e7:ef:d7:34:b7:ef:54:39:73:89:08:
         d9:a7:f2:7b:ee:cf:b4:9a:67:a8:2f:de:9d:9f:65:ce:5f:83:
         48:51:d2:ae:3f:b1:85:59:f7:f6:98:63:7e:06:25:9a:dc:b2:
         b9:d6:fb:76:0e:9d:8c:37:2f:6d:73:4f:24:32:1a:04:35:c5:
         14:8c:9a:a0:a6:ee:94:6e:8e:1a:c6:9a:10:af:25:63:f3:2c:
         d7:b3:73:46:49:1a:f9:aa:68:f7:c3:f2:f9:17:d1:28:82:7e:
         41:7c:7a:cb:67:93:b7:88:ec:a5:40:be:98:61:8e:74:43:7f:
         a6:b7:c8:b6:fc:dc:46:c2:68:8a:f8:7d:84:1a:42:3f:63:ef:
         16:bc:67:70:3c:5f:70:67:6c:0e:e9:61:be:0d:ac:5e:ae:21:
         61:f6:6a:af:aa:d1:a9:df:3f:d2:a6:6f:39:9e:82:51:f0:20:
         69:6b:25:a5:04:9a:b6:c6:1e:40:14:96:96:70:97:8d:bd:93:
         2e:16:4d:e1:88:ad:5c:19:02:02:fa:a9:89:af:12:6f:0d:3c:
         45:c8:aa:b3:a8:07:dc:f4:63:aa:5b:68:51:78:ee:e6:63:84:
         a3:4c:53:f7:09:6c:35:cd:e2:07:1b:bc:ca:ed:d4:9c:a7:3d:
         59:2e:cc:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJGGVtniCaYt8voHp/rbhKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NGNjNGFiNWQ0OGM1MjcwZDQwZTlmZTUwZTcyMzk2ZGVl
YzU4NjkwHhcNMjIwNzI4MTgzNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzFkYzU4ODE4N2QyNDYyMDQwZGRkM2FhNDE2MGM2NmY4NDZjZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NhjhP2cMxZCc3Qon0DPK0s3rU6t
pzBwhGd+pc5p1mgTDo80wFBCPaZco7gdn8sts7t10iScbc+LQQLuRgt7PUjD2weZ
pXnXNzwhLdC/hLkxVRCT9DFBiwYs374SyDbxE/hQ4H3C4HljOABtrvr9SNb/jRQL
9mw2Q8IC9u308cQ+w0mMa7+OT3tcvEycxloZ3bYtxdydKRNxSUiT9BgxOgjJeoTX
aovDLgURkflFpDTscwxgN3/ZmzvXkNvBa8/M2MLjPpCvpyY4rycpxLc17xkmyi/4
7tpTRgtO18anHXzMobZMZRIrptCJK6qJVDZR5Sojc8tv4d8ilAoE0FuwtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcdxYgYfSRiBA3dOqQWDGb4Rs9nMB8GA1UdIwQY
MBaAFCVMxKtdSMUnDUDp/lDnI5be7FhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlV6RXExMUl4U2NOUU9uLVVPY2psdDdzV0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82OWY4ZmMtNTE3NS00ZmIzLWFhYWYt
NjM3Y2ZkNzJiYWYwLzEvbHgzRmlCaDlKR0lFRGQwNnBCWU1admhHejJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82OWY4ZmMtNTE3NS00ZmIzLWFhYWYtNjM3Y2ZkNzJiYWYw
LzEvSlV6RXExMUl4U2NOUU9uLVVPY2psdDdzV0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+IiMA0G
CSqGSIb3DQEBCwUAA4IBAQChOZ8jvlO+5+/XNLfvVDlziQjZp/J77s+0mmeoL96d
n2XOX4NIUdKuP7GFWff2mGN+BiWa3LK51vt2Dp2MNy9tc08kMhoENcUUjJqgpu6U
bo4axpoQryVj8yzXs3NGSRr5qmj3w/L5F9Eogn5BfHrLZ5O3iOylQL6YYY50Q3+m
t8i2/NxGwmiK+H2EGkI/Y+8WvGdwPF9wZ2wO6WG+DaxeriFh9mqvqtGp3z/Spm85
noJR8CBpayWlBJq2xh5AFJaWcJeNvZMuFk3hiK1cGQIC+qmJrxJvDTxFyKqzqAfc
9GOqW2hReO7mY4SjTFP3CWw1zeIHG7zK7dScpz1ZLswm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:57 2024 by rpki-client on console-fra.rpki-client.org