Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/yXZG9AIKPOB-viMSnnVDp6awUF0.roa
File:                     yXZG9AIKPOB-viMSnnVDp6awUF0.roa (raw, json)
Hash identifier:          07avxVYP19F0NypfEVD/EZ5hbJgYn3SIXWqF9EwTB3o=
Subject key identifier:   C9:76:46:F4:02:0A:3C:E0:7E:BE:23:12:9E:75:43:A7:A6:B0:50:5D
Certificate issuer:       /CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Certificate serial:       09205039
Authority key identifier: 75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/yXZG9AIKPOB-viMSnnVDp6awUF0.roa
Signing time:             Sat 01 Jan 2022 14:02:19 +0000
ROA not before:           Sat 01 Jan 2022 14:02:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        193.151.94.0/24 maxlen: 24
                          195.8.103.0/24 maxlen: 24
                          91.240.19.0/24 maxlen: 24
                          91.240.18.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153112633 (0x9205039)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
        Validity
            Not Before: Jan  1 14:02:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c97646f4020a3ce07ebe23129e7543a7a6b0505d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:50:dc:34:fc:d0:3f:b2:d0:0a:6b:61:90:e5:
                    32:9e:58:ed:20:0f:75:a0:b7:b2:8d:d8:c9:94:3d:
                    f4:ea:46:a5:18:e1:2c:a9:56:1f:b3:c5:b5:6f:8b:
                    db:1f:59:cb:3b:92:a1:f4:e3:e9:16:71:d2:63:79:
                    c5:fd:66:1a:d6:a1:8a:48:4a:5f:91:aa:99:48:4a:
                    09:0f:2a:2d:1c:64:c0:85:ed:0d:27:03:31:30:19:
                    26:b4:7d:67:b1:34:33:ea:c0:79:1a:9b:4a:3d:67:
                    d3:d9:29:e6:0d:79:a8:17:80:b3:9f:07:e0:20:5e:
                    72:a2:96:b0:fe:db:da:4c:f6:27:d9:2d:09:51:5b:
                    07:81:ad:54:de:e8:f0:89:d4:c5:30:3d:7a:29:e1:
                    d1:91:3e:0a:ca:bb:4f:8a:ed:d8:fd:bc:97:3e:ae:
                    aa:c5:ec:aa:2b:23:45:24:8a:3c:7b:95:ac:49:ee:
                    d0:18:e4:b2:2a:d8:21:cd:ef:ae:8b:20:0c:0f:11:
                    ec:c8:c4:4e:3a:87:72:20:18:69:82:8c:96:be:c6:
                    4f:e0:7e:63:5a:22:d2:96:e5:eb:14:d1:ce:52:80:
                    9f:1b:a5:32:69:90:af:7e:68:23:a4:99:7c:7a:0a:
                    6c:26:26:c1:22:30:24:ad:1c:2e:46:7d:f6:a7:2f:
                    24:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:76:46:F4:02:0A:3C:E0:7E:BE:23:12:9E:75:43:A7:A6:B0:50:5D
            X509v3 Authority Key Identifier:
                keyid:75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/yXZG9AIKPOB-viMSnnVDp6awUF0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.240.18.0/23
                  193.151.94.0/24
                  195.8.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:d8:fc:98:d9:cb:9d:c6:9e:b7:ef:83:c0:48:8c:6f:4f:ac:
         05:e9:51:e9:57:16:c0:b2:a2:2c:82:62:9a:bd:02:27:aa:fb:
         f6:c5:6f:6f:9c:00:06:54:4a:d2:e4:48:b1:f1:7a:e9:ad:a3:
         1d:3a:83:86:ba:e1:89:4f:3a:5d:78:fe:53:e0:87:42:77:39:
         3b:15:95:3d:6d:1b:b1:5c:9a:3a:31:3d:2a:92:bd:f5:93:d4:
         85:7f:2b:96:84:f2:1c:25:70:95:b2:2a:83:31:66:a6:c1:e7:
         4c:63:af:53:c9:a9:34:2a:e1:f2:2a:c1:ef:ba:b9:b3:92:b3:
         d8:85:b2:d5:d7:25:9c:a1:8c:96:d3:bf:d3:34:44:12:a6:79:
         ea:2d:ed:6d:4d:3d:fa:b7:b3:1b:c9:fa:b9:73:b7:34:5b:84:
         4d:19:1c:a1:d9:35:91:6a:2a:6f:ce:c9:b3:e6:f8:d3:1b:79:
         ad:4d:d0:7f:84:da:0c:33:4c:50:74:c5:79:f6:6e:05:d4:81:
         d3:36:3c:f1:e0:15:bc:cb:00:04:8a:b0:e7:39:ec:e9:9f:2e:
         52:fe:46:4b:c9:a5:13:2d:d5:96:7f:c4:93:90:f2:7b:91:3c:
         fa:b2:e2:5b:93:8e:4e:54:3b:02:e9:f9:9c:2a:f3:7e:7a:26:
         72:73:d3:c0
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECSBQOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NWRjYzc3NmIyYmY1OTViZjRiM2U2MGJiYTQyNDVmMDEyMGEyMTc2MB4XDTIyMDEw
MTE0MDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk3NjQ2ZjQwMjBh
M2NlMDdlYmUyMzEyOWU3NTQzYTdhNmIwNTA1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtQ3DT80D+y0AprYZDlMp5Y7SAPdaC3so3YyZQ99OpGpRjh
LKlWH7PFtW+L2x9ZyzuSofTj6RZx0mN5xf1mGtahikhKX5GqmUhKCQ8qLRxkwIXt
DScDMTAZJrR9Z7E0M+rAeRqbSj1n09kp5g15qBeAs58H4CBecqKWsP7b2kz2J9kt
CVFbB4GtVN7o8InUxTA9einh0ZE+Csq7T4rt2P28lz6uqsXsqisjRSSKPHuVrEnu
0BjksirYIc3vrosgDA8R7MjETjqHciAYaYKMlr7GT+B+Y1oi0pbl6xTRzlKAnxul
MmmQr35oI6SZfHoKbCYmwSIwJK0cLkZ99qcvJOUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTJdkb0Ago84H6+IxKedUOnprBQXTAfBgNVHSMEGDAWgBR13Md2sr9ZW/Sz
5gu6QkXwEgohdjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RkekhkcktfV1Z2MHMtWUx1a0pGOEJJS0lYWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvNTgxYzVkLWJjOWItNDBhNi1hNWE0LTY0NTQwMjA1ZWNmNC8x
L3lYWkc5QUlLUE9CLXZpTVNublZEcDZhd1VGMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
NTgxYzVkLWJjOWItNDBhNi1hNWE0LTY0NTQwMjA1ZWNmNC8xL2RkekhkcktfV1Z2
MHMtWUx1a0pGOEJJS0lYWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVvwEgMEAMGXXgMEAMMIZzANBgkq
hkiG9w0BAQsFAAOCAQEAZNj8mNnLncaet++DwEiMb0+sBelR6VcWwLKiLIJimr0C
J6r79sVvb5wABlRK0uRIsfF66a2jHTqDhrrhiU86XXj+U+CHQnc5OxWVPW0bsVya
OjE9KpK99ZPUhX8rloTyHCVwlbIqgzFmpsHnTGOvU8mpNCrh8irB77q5s5Kz2IWy
1dclnKGMltO/0zREEqZ56i3tbU09+rezG8n6uXO3NFuETRkcodk1kWoqb87Js+b4
0xt5rU3Qf4TaDDNMUHTFefZuBdSB0zY88eAVvMsABIqw5zns6Z8uUv5GS8mlEy3V
ln/Ek5Dye5E8+rLiW5OOTlQ7Aun5nCrzfnomcnPTwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:02 2024 by rpki-client on console-fra.rpki-client.org