Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/9d6660-775a-4f3f-93c2-a5eebd28d496/1/yZE5iu4EMNj_gaXDKpuW9I1obfs.roa
File:                     yZE5iu4EMNj_gaXDKpuW9I1obfs.roa (raw, json)
Hash identifier:          pIQckcrEUgQJ8SWY+O/Ab3SQaU9mcv8nhDmhATJkmVI=
Subject key identifier:   C9:91:39:8A:EE:04:30:D8:FF:81:A5:C3:2A:9B:96:F4:8D:68:6D:FB
Certificate issuer:       /CN=4b5c7d9c7440e5cb4b0a6761563c0d850f08111a
Certificate serial:       03975ADA
Authority key identifier: 4B:5C:7D:9C:74:40:E5:CB:4B:0A:67:61:56:3C:0D:85:0F:08:11:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S1x9nHRA5ctLCmdhVjwNhQ8IERo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/9d6660-775a-4f3f-93c2-a5eebd28d496/1/yZE5iu4EMNj_gaXDKpuW9I1obfs.roa
Signing time:             Sat 01 Jan 2022 15:03:29 +0000
ROA not before:           Sat 01 Jan 2022 15:03:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207403
IP address blocks:        91.202.7.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60250842 (0x3975ada)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b5c7d9c7440e5cb4b0a6761563c0d850f08111a
        Validity
            Not Before: Jan  1 15:03:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c991398aee0430d8ff81a5c32a9b96f48d686dfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:71:ad:31:60:e8:a2:df:74:6f:85:fc:57:2c:
                    1f:de:66:e0:cf:b7:97:1b:8e:dd:d0:0c:d2:e5:74:
                    79:75:21:ba:5d:9f:3d:97:1c:c2:2f:59:b7:8b:5b:
                    75:83:f4:a9:4a:1d:01:e0:83:9b:1e:fd:ab:4f:39:
                    d7:d0:a0:c5:86:6e:6b:9c:cd:9d:4e:e6:1e:bb:c5:
                    3f:f8:66:8f:4d:3d:2e:dc:76:62:88:2a:75:ea:c1:
                    b1:8c:14:18:69:f3:6a:89:4c:c2:2f:3a:4f:68:0c:
                    63:3d:e2:4f:f7:98:0a:da:4c:dd:92:76:ab:ae:ea:
                    e4:26:62:6b:8d:d4:01:0e:aa:0b:71:7a:9d:de:9b:
                    b6:ec:2d:69:48:7a:73:e4:a0:6a:33:5e:2c:51:5c:
                    be:62:d4:84:f6:be:8c:ec:20:e9:7f:8d:7d:91:f3:
                    58:e6:3a:a1:e7:06:8d:0a:14:08:90:ed:07:49:f6:
                    99:6f:4f:3f:ed:64:db:55:b3:93:29:4b:3e:14:28:
                    af:b7:2b:60:21:77:70:66:90:b6:e3:6f:13:22:da:
                    be:1b:31:e8:1b:b0:37:7b:a0:5c:26:79:47:9c:4c:
                    22:a9:84:3b:d4:1d:d3:73:7c:34:4d:b6:c3:80:37:
                    f4:47:f1:4a:a0:5e:0c:23:ca:18:a4:36:19:5d:bd:
                    11:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:91:39:8A:EE:04:30:D8:FF:81:A5:C3:2A:9B:96:F4:8D:68:6D:FB
            X509v3 Authority Key Identifier:
                keyid:4B:5C:7D:9C:74:40:E5:CB:4B:0A:67:61:56:3C:0D:85:0F:08:11:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1x9nHRA5ctLCmdhVjwNhQ8IERo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/9d6660-775a-4f3f-93c2-a5eebd28d496/1/yZE5iu4EMNj_gaXDKpuW9I1obfs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/9d6660-775a-4f3f-93c2-a5eebd28d496/1/S1x9nHRA5ctLCmdhVjwNhQ8IERo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.202.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:94:7f:f4:6e:a1:17:60:9b:29:20:76:3a:83:bc:38:47:6d:
         9d:3a:9e:4d:e1:7a:bf:b5:71:6d:55:9b:ad:87:cb:71:92:48:
         b3:a8:99:b5:72:10:2f:3c:51:23:08:c0:5b:14:c6:97:c0:fc:
         e9:1a:e0:19:1c:a9:99:47:2b:df:3b:16:5e:44:ec:fc:17:ac:
         92:a3:b8:59:12:72:e0:04:e3:2d:69:62:76:fd:a9:b4:4f:c2:
         a6:5b:77:4c:0a:e0:04:c0:c9:44:45:38:58:05:64:cf:4d:74:
         d1:f4:6c:5b:e8:a5:7a:89:f8:f5:1a:0f:3e:9c:f6:91:fd:cf:
         08:f9:2b:19:e4:32:d8:33:f9:73:87:9a:8c:86:ed:13:b8:4c:
         ba:e7:12:c6:64:44:81:0f:62:3f:43:6a:55:bf:e0:00:8e:b9:
         44:74:15:f2:c5:92:d5:86:0d:48:8e:1f:39:f1:89:70:7c:7b:
         af:cd:de:61:b2:c3:4e:86:3c:f2:83:68:a7:08:46:11:93:1c:
         25:d3:9d:ca:a2:24:bb:12:b3:31:81:14:60:3e:98:2c:95:a2:
         98:c6:ef:52:47:36:61:86:01:19:46:da:1d:dc:57:3b:7a:ef:
         f2:f8:83:8e:c7:d5:cc:d6:1d:9e:6d:00:0c:c7:08:91:11:b1:
         ce:3f:54:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5da2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjVjN2Q5Yzc0NDBlNWNiNGIwYTY3NjE1NjNjMGQ4NTBmMDgxMTFhMB4XDTIyMDEw
MTE1MDMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk5MTM5OGFlZTA0
MzBkOGZmODFhNWMzMmE5Yjk2ZjQ4ZDY4NmRmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9xrTFg6KLfdG+F/FcsH95m4M+3lxuO3dAM0uV0eXUhul2f
PZccwi9Zt4tbdYP0qUodAeCDmx79q08519CgxYZua5zNnU7mHrvFP/hmj009Ltx2
YogqderBsYwUGGnzaolMwi86T2gMYz3iT/eYCtpM3ZJ2q67q5CZia43UAQ6qC3F6
nd6btuwtaUh6c+SgajNeLFFcvmLUhPa+jOwg6X+NfZHzWOY6oecGjQoUCJDtB0n2
mW9PP+1k21WzkylLPhQor7crYCF3cGaQtuNvEyLavhsx6BuwN3ugXCZ5R5xMIqmE
O9Qd03N8NE22w4A39EfxSqBeDCPKGKQ2GV29ER8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTJkTmK7gQw2P+BpcMqm5b0jWht+zAfBgNVHSMEGDAWgBRLXH2cdEDly0sK
Z2FWPA2FDwgRGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MxeDluSFJBNWN0TENtZGhWandOaFE4SUVSby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvOWQ2NjYwLTc3NWEtNGYzZi05M2MyLWE1ZWViZDI4ZDQ5Ni8x
L3laRTVpdTRFTU5qX2dhWERLcHVXOUkxb2Jmcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
OWQ2NjYwLTc3NWEtNGYzZi05M2MyLWE1ZWViZDI4ZDQ5Ni8xL1MxeDluSFJBNWN0
TENtZGhWandOaFE4SUVSby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvKBzANBgkqhkiG9w0BAQsFAAOC
AQEAjpR/9G6hF2CbKSB2OoO8OEdtnTqeTeF6v7VxbVWbrYfLcZJIs6iZtXIQLzxR
IwjAWxTGl8D86RrgGRypmUcr3zsWXkTs/BeskqO4WRJy4ATjLWlidv2ptE/Cplt3
TArgBMDJREU4WAVkz0100fRsW+ileon49RoPPpz2kf3PCPkrGeQy2DP5c4eajIbt
E7hMuucSxmREgQ9iP0NqVb/gAI65RHQV8sWS1YYNSI4fOfGJcHx7r83eYbLDToY8
8oNopwhGEZMcJdOdyqIkuxKzMYEUYD6YLJWimMbvUkc2YYYBGUbaHdxXO3rv8viD
jsfVzNYdnm0ADMcIkRGxzj9U+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:14 2024 by rpki-client on console-ams.rpki-client.org