Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/3ee969-98d1-481a-a487-9a895467da85/1/uVkg3huoq61TKOwdoXVsA_h9N94.roa
File:                     uVkg3huoq61TKOwdoXVsA_h9N94.roa (raw, json)
Hash identifier:          2KTkgNLoZXJ5bDm24xTZm9j5IiHzZxEc7Sfe2Wx7524=
Subject key identifier:   B9:59:20:DE:1B:A8:AB:AD:53:28:EC:1D:A1:75:6C:03:F8:7D:37:DE
Certificate issuer:       /CN=c2510a8a525dc9b1ec0b1560d090a64268d42ec4
Certificate serial:       059DCDF6
Authority key identifier: C2:51:0A:8A:52:5D:C9:B1:EC:0B:15:60:D0:90:A6:42:68:D4:2E:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wlEKilJdybHsCxVg0JCmQmjULsQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/3ee969-98d1-481a-a487-9a895467da85/1/uVkg3huoq61TKOwdoXVsA_h9N94.roa
Signing time:             Sat 01 Jan 2022 01:57:38 +0000
ROA not before:           Sat 01 Jan 2022 01:57:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43394
IP address blocks:        91.198.214.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 94227958 (0x59dcdf6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2510a8a525dc9b1ec0b1560d090a64268d42ec4
        Validity
            Not Before: Jan  1 01:57:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b95920de1ba8abad5328ec1da1756c03f87d37de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:dd:50:fa:dd:b7:12:06:c8:29:21:54:9a:c1:
                    bf:ba:d4:0d:8c:e6:ce:0e:29:7b:06:db:af:f4:9f:
                    94:b4:57:df:7c:7c:25:fa:24:29:04:e1:7e:4b:f0:
                    1f:58:7f:07:8e:92:3c:e1:d8:86:f5:04:84:74:6d:
                    e7:25:46:6a:68:56:3e:65:24:03:88:06:67:9c:3b:
                    4a:40:45:6d:2a:db:3e:88:d4:dc:5d:1b:d3:e8:63:
                    c9:10:86:2a:3c:49:19:aa:c0:bf:f9:4b:a5:25:0d:
                    3b:3e:94:41:d5:8c:9b:37:5a:92:28:80:26:e0:f5:
                    9d:b1:e7:f1:78:77:df:26:8e:c9:84:97:78:38:25:
                    cc:90:7a:71:b1:55:59:66:f6:5d:df:a1:c5:97:7f:
                    66:8f:d4:75:d8:25:36:d5:51:d1:3f:67:56:fd:d1:
                    98:b1:56:5e:46:7b:7c:2a:03:de:ab:2c:ca:32:d1:
                    c8:12:d8:bc:78:3a:17:8f:67:28:51:a4:b4:00:76:
                    56:08:f9:ed:2c:e5:8b:14:0c:7b:f8:9c:fe:a5:3e:
                    d1:be:ae:5e:37:f3:00:d2:f5:a7:57:ab:66:39:18:
                    80:4e:b7:a3:ac:bc:2b:d9:9d:9d:68:82:cb:56:f4:
                    ea:9e:b7:28:95:29:1f:52:83:6b:02:d5:94:b7:9b:
                    48:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:59:20:DE:1B:A8:AB:AD:53:28:EC:1D:A1:75:6C:03:F8:7D:37:DE
            X509v3 Authority Key Identifier:
                keyid:C2:51:0A:8A:52:5D:C9:B1:EC:0B:15:60:D0:90:A6:42:68:D4:2E:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wlEKilJdybHsCxVg0JCmQmjULsQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/3ee969-98d1-481a-a487-9a895467da85/1/uVkg3huoq61TKOwdoXVsA_h9N94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/3ee969-98d1-481a-a487-9a895467da85/1/wlEKilJdybHsCxVg0JCmQmjULsQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:b6:a7:7e:70:c6:a6:7d:4e:5d:f3:a2:14:83:00:dc:1b:7c:
         16:9b:b8:d3:76:36:cd:e4:3d:5f:75:94:9d:41:33:e6:93:36:
         08:25:9e:74:57:eb:fb:0a:c9:36:55:65:5c:96:2a:79:87:1a:
         6a:a3:aa:09:ae:42:08:dd:38:63:8e:7f:8c:62:a1:0c:e1:82:
         d2:0d:fc:c9:09:5a:41:ae:51:c2:d9:c7:28:7d:23:98:ec:49:
         86:df:d7:51:fd:51:09:ad:13:e0:c9:be:10:3c:17:c8:0c:fd:
         fb:7f:e7:bc:68:e4:4e:a7:01:28:e6:ef:d7:93:cb:fe:ce:e1:
         b5:05:10:0b:ba:dd:b5:d4:87:56:46:83:db:d5:b4:40:8f:9a:
         5c:8e:02:aa:7a:ee:f4:67:ce:54:be:23:b2:54:bf:ca:54:d6:
         7f:10:61:25:6b:1b:b8:c8:08:00:25:25:cd:df:6f:96:55:69:
         c3:c7:7a:ae:03:b1:9b:d3:e7:9b:f7:54:2d:d4:8b:da:ae:87:
         04:2d:81:4a:29:1f:72:01:28:bf:c8:dc:56:f4:e2:3f:27:5f:
         e3:ac:4c:f8:bf:a5:b1:2c:da:8c:49:3f:e0:79:f6:52:75:77:
         2b:6a:15:52:23:61:9b:f9:79:ab:fe:39:eb:30:48:c5:c9:c7:
         db:ce:38:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBZ3N9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MjUxMGE4YTUyNWRjOWIxZWMwYjE1NjBkMDkwYTY0MjY4ZDQyZWM0MB4XDTIyMDEw
MTAxNTczOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjk1OTIwZGUxYmE4
YWJhZDUzMjhlYzFkYTE3NTZjMDNmODdkMzdkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJLdUPrdtxIGyCkhVJrBv7rUDYzmzg4pewbbr/SflLRX33x8
JfokKQThfkvwH1h/B46SPOHYhvUEhHRt5yVGamhWPmUkA4gGZ5w7SkBFbSrbPojU
3F0b0+hjyRCGKjxJGarAv/lLpSUNOz6UQdWMmzdakiiAJuD1nbHn8Xh33yaOyYSX
eDglzJB6cbFVWWb2Xd+hxZd/Zo/UddglNtVR0T9nVv3RmLFWXkZ7fCoD3qssyjLR
yBLYvHg6F49nKFGktAB2Vgj57SzlixQMe/ic/qU+0b6uXjfzANL1p1erZjkYgE63
o6y8K9mdnWiCy1b06p63KJUpH1KDawLVlLebSB0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS5WSDeG6irrVMo7B2hdWwD+H033jAfBgNVHSMEGDAWgBTCUQqKUl3JsewL
FWDQkKZCaNQuxDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dsRUtpbEpkeWJIc0N4VmcwSkNtUW1qVUxzUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvM2VlOTY5LTk4ZDEtNDgxYS1hNDg3LTlhODk1NDY3ZGE4NS8x
L3VWa2czaHVvcTYxVEtPd2RvWFZzQV9oOU45NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
M2VlOTY5LTk4ZDEtNDgxYS1hNDg3LTlhODk1NDY3ZGE4NS8xL3dsRUtpbEpkeWJI
c0N4VmcwSkNtUW1qVUxzUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvG1jANBgkqhkiG9w0BAQsFAAOC
AQEAqranfnDGpn1OXfOiFIMA3Bt8Fpu403Y2zeQ9X3WUnUEz5pM2CCWedFfr+wrJ
NlVlXJYqeYcaaqOqCa5CCN04Y45/jGKhDOGC0g38yQlaQa5RwtnHKH0jmOxJht/X
Uf1RCa0T4Mm+EDwXyAz9+3/nvGjkTqcBKObv15PL/s7htQUQC7rdtdSHVkaD29W0
QI+aXI4Cqnru9GfOVL4jslS/ylTWfxBhJWsbuMgIACUlzd9vllVpw8d6rgOxm9Pn
m/dULdSL2q6HBC2BSikfcgEov8jcVvTiPydf46xM+L+lsSzajEk/4Hn2UnV3K2oV
UiNhm/l5q/456zBIxcnH2844NA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:44 2024 by rpki-client on console-ams.rpki-client.org