Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/376e1f-96b1-4fe1-8b7a-13ff6a0ad441/1/ZcZeSvsGbbsOHIIIiqQHIw5Qzl0.roa
File:                     ZcZeSvsGbbsOHIIIiqQHIw5Qzl0.roa (raw, json)
Hash identifier:          RyjrsqFpzxMACqsZtxcZ1XMQgXQ3CXb07ZDWuCKTE5Q=
Subject key identifier:   65:C6:5E:4A:FB:06:6D:BB:0E:1C:82:08:8A:A4:07:23:0E:50:CE:5D
Certificate issuer:       /CN=f96a6a2032f96d7023722239c9fa5edd5596f863
Certificate serial:       05BF9305
Authority key identifier: F9:6A:6A:20:32:F9:6D:70:23:72:22:39:C9:FA:5E:DD:55:96:F8:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-WpqIDL5bXAjciI5yfpe3VWW-GM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/376e1f-96b1-4fe1-8b7a-13ff6a0ad441/1/ZcZeSvsGbbsOHIIIiqQHIw5Qzl0.roa
Signing time:             Sat 01 Jan 2022 13:06:17 +0000
ROA not before:           Sat 01 Jan 2022 13:06:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49843
IP address blocks:        91.213.245.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96441093 (0x5bf9305)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f96a6a2032f96d7023722239c9fa5edd5596f863
        Validity
            Not Before: Jan  1 13:06:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=65c65e4afb066dbb0e1c82088aa407230e50ce5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:15:fa:a3:48:a2:a2:ed:82:23:d8:80:5c:be:
                    14:a5:bd:a8:da:a8:cc:fa:f4:61:f0:5a:2e:2c:16:
                    16:ac:5b:d5:51:d5:01:95:2d:87:f4:29:4d:86:bf:
                    03:ae:b3:e5:8f:ac:dc:53:9b:02:36:98:3f:a6:5b:
                    4c:a0:e9:68:0f:02:fb:66:9e:67:c2:9a:65:5e:38:
                    3d:18:8a:c7:94:bf:54:5a:db:85:5c:f1:3b:d8:42:
                    32:fc:25:76:56:10:14:de:25:a6:3d:40:76:48:dc:
                    34:25:b4:94:c0:ae:3d:75:f8:17:13:e1:15:16:bb:
                    21:7e:3a:dd:80:af:bb:13:c7:52:fd:45:ab:63:52:
                    c5:6b:56:5a:ee:8d:f9:9c:10:b4:0a:74:60:2f:3e:
                    d1:73:57:3b:45:94:19:d2:56:81:6d:da:39:ab:51:
                    4b:53:f0:43:8a:64:0c:35:11:1f:34:71:d0:d9:f2:
                    fc:a0:71:55:85:1d:6a:18:9c:56:43:e9:99:b1:3e:
                    09:b2:e0:a1:d7:2e:e4:e6:3a:dd:5f:ef:d3:36:e5:
                    00:b6:b9:1b:bf:11:f4:fe:c1:16:5e:0b:96:56:ee:
                    8b:67:f8:ac:94:b4:c9:a0:f5:bc:71:39:cc:17:57:
                    fa:1d:17:99:00:71:57:49:53:de:c4:6c:52:bd:30:
                    8b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:C6:5E:4A:FB:06:6D:BB:0E:1C:82:08:8A:A4:07:23:0E:50:CE:5D
            X509v3 Authority Key Identifier:
                keyid:F9:6A:6A:20:32:F9:6D:70:23:72:22:39:C9:FA:5E:DD:55:96:F8:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-WpqIDL5bXAjciI5yfpe3VWW-GM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/376e1f-96b1-4fe1-8b7a-13ff6a0ad441/1/ZcZeSvsGbbsOHIIIiqQHIw5Qzl0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/376e1f-96b1-4fe1-8b7a-13ff6a0ad441/1/1-WpqIDL5bXAjciI5yfpe3VWW-GM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:48:b5:98:12:41:b0:04:e6:75:9d:ff:50:47:f2:15:56:27:
         67:2e:9c:18:a6:d1:a4:37:0f:ba:93:78:8b:ca:91:8b:2f:70:
         cd:e3:44:f8:22:2c:17:50:a0:61:3f:16:1a:99:f2:49:e9:92:
         a6:49:9f:33:35:b0:8e:3e:81:21:90:7b:58:cc:42:96:92:42:
         0d:46:92:85:27:89:72:98:cc:ca:00:04:fa:8c:40:b9:d8:02:
         40:21:52:91:bb:2e:87:55:f3:35:18:b2:5f:85:92:20:71:32:
         69:42:04:f4:f8:43:b1:66:c5:70:c4:d7:99:a1:74:ea:38:d0:
         08:e1:97:ea:1b:a3:c8:cf:f3:b8:71:20:4b:02:e7:00:4f:75:
         63:b0:3f:d0:01:3b:d7:3f:b2:cb:24:7a:29:14:bf:24:13:74:
         9a:73:81:85:ba:c4:2f:4e:fd:bc:80:b2:ef:20:42:71:ca:4a:
         8a:a5:d9:10:60:57:3e:90:31:ed:9c:7a:90:d8:f3:a9:54:f8:
         5b:50:05:db:3f:ea:9d:c9:b2:19:0d:a6:d9:74:99:79:c3:8c:
         05:87:7f:74:76:a9:a4:72:ad:50:ae:b8:e1:96:96:57:9d:68:
         59:dc:dd:7b:46:fd:db:ec:1b:c6:51:1a:33:27:a4:36:35:c7:
         3c:81:f3:d1
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEBb+TBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTZhNmEyMDMyZjk2ZDcwMjM3MjIyMzljOWZhNWVkZDU1OTZmODYzMB4XDTIyMDEw
MTEzMDYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjVjNjVlNGFmYjA2
NmRiYjBlMWM4MjA4OGFhNDA3MjMwZTUwY2U1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQV+qNIoqLtgiPYgFy+FKW9qNqozPr0YfBaLiwWFqxb1VHV
AZUth/QpTYa/A66z5Y+s3FObAjaYP6ZbTKDpaA8C+2aeZ8KaZV44PRiKx5S/VFrb
hVzxO9hCMvwldlYQFN4lpj1AdkjcNCW0lMCuPXX4FxPhFRa7IX463YCvuxPHUv1F
q2NSxWtWWu6N+ZwQtAp0YC8+0XNXO0WUGdJWgW3aOatRS1PwQ4pkDDURHzRx0Nny
/KBxVYUdahicVkPpmbE+CbLgodcu5OY63V/v0zblALa5G78R9P7BFl4Lllbui2f4
rJS0yaD1vHE5zBdX+h0XmQBxV0lT3sRsUr0wi70CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRlxl5K+wZtuw4cggiKpAcjDlDOXTAfBgNVHSMEGDAWgBT5amogMvltcCNy
IjnJ+l7dVZb4YzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtV3BxSURMNWJYQWpjaUk1eWZwZTNWV1ctR00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzE2LzM3NmUxZi05NmIxLTRmZTEtOGI3YS0xM2ZmNmEwYWQ0NDEv
MS9aY1plU3ZzR2Jic09ISUlJaXFRSEl3NVF6bDAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE2
LzM3NmUxZi05NmIxLTRmZTEtOGI3YS0xM2ZmNmEwYWQ0NDEvMS8xLVdwcUlETDVi
WEFqY2lJNXlmcGUzVldXLUdNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9X1MA0GCSqGSIb3DQEBCwUA
A4IBAQCvSLWYEkGwBOZ1nf9QR/IVVidnLpwYptGkNw+6k3iLypGLL3DN40T4IiwX
UKBhPxYamfJJ6ZKmSZ8zNbCOPoEhkHtYzEKWkkINRpKFJ4lymMzKAAT6jEC52AJA
IVKRuy6HVfM1GLJfhZIgcTJpQgT0+EOxZsVwxNeZoXTqONAI4ZfqG6PIz/O4cSBL
AucAT3VjsD/QATvXP7LLJHopFL8kE3Sac4GFusQvTv28gLLvIEJxykqKpdkQYFc+
kDHtnHqQ2POpVPhbUAXbP+qdybIZDabZdJl5w4wFh390dqmkcq1QrrjhlpZXnWhZ
3N17Rv3b7BvGURozJ6Q2Ncc8gfPR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:29 2024 by rpki-client on console-fra.rpki-client.org