Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1c1gUe9UQmzBzHIDz70z4-4GROg.roa
File:                     1c1gUe9UQmzBzHIDz70z4-4GROg.roa (raw, json)
Hash identifier:          XvJvT1d89/RBe0j58ewkgj3wnsY1MQFGkbfSqeXAvq8=
Subject key identifier:   D5:CD:60:51:EF:54:42:6C:C1:CC:72:03:CF:BD:33:E3:EE:06:44:E8
Certificate issuer:       /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial:       012C14AD
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1c1gUe9UQmzBzHIDz70z4-4GROg.roa
Signing time:             Sun 29 May 2022 10:28:07 +0000
ROA not before:           Sun 29 May 2022 10:28:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205960
IP address blocks:        91.204.224.0/24 maxlen: 24
                          91.204.226.0/24 maxlen: 24
                          91.204.225.0/24 maxlen: 24
                          91.204.227.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19666093 (0x12c14ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
        Validity
            Not Before: May 29 10:28:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d5cd6051ef54426cc1cc7203cfbd33e3ee0644e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:e9:66:d1:53:5c:34:d8:a1:29:fc:7f:7b:c9:
                    5d:ac:be:1e:c4:bc:dc:f4:68:35:78:9b:45:93:be:
                    3e:b6:88:a5:b8:6c:ba:e1:33:2e:b9:b4:3f:bb:b7:
                    0f:01:79:d4:65:92:49:c7:05:71:bc:b4:4e:2b:48:
                    9a:8d:99:57:9c:04:6a:6d:bb:9c:6c:60:1d:99:63:
                    13:e6:a5:2a:e1:ad:52:b3:f4:96:55:52:d1:f0:ea:
                    53:be:7e:4a:2c:7c:be:e0:69:21:05:27:b5:d0:45:
                    5f:de:50:d8:ce:e1:50:ba:9b:90:0b:f1:8b:fe:49:
                    c9:11:c0:b4:19:bd:a4:3c:58:a1:72:b1:bc:b2:73:
                    70:79:1e:d5:cf:26:f4:a1:eb:4a:77:98:d4:8e:af:
                    15:db:58:a0:a4:30:86:e7:11:76:d6:e7:d4:6d:57:
                    44:a5:02:59:b5:24:f8:fc:33:cf:ea:1a:57:45:96:
                    75:48:b3:e0:7e:ba:e8:d9:51:b1:42:6e:f5:d2:fb:
                    97:03:3b:3b:ca:92:fa:19:fc:17:59:7e:ec:a7:df:
                    ff:a0:b2:2d:77:9a:cc:55:3f:bd:a2:cb:63:c0:34:
                    b8:c1:11:5a:2b:86:ff:73:b2:a0:91:a1:4e:51:5d:
                    17:f1:75:c6:81:5b:bd:f0:21:6f:ae:cc:6e:30:fd:
                    77:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:CD:60:51:EF:54:42:6C:C1:CC:72:03:CF:BD:33:E3:EE:06:44:E8
            X509v3 Authority Key Identifier:
                keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/1c1gUe9UQmzBzHIDz70z4-4GROg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.204.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         26:13:8d:93:13:0d:00:69:d2:65:82:12:66:5b:c7:8f:da:a0:
         ed:ce:39:3e:29:52:a3:71:8d:1d:8d:65:f7:11:12:35:c8:f3:
         aa:b7:15:2a:fa:fd:2f:b6:aa:00:cf:01:39:39:97:bb:98:97:
         c4:94:04:fa:c8:40:63:6a:9f:4f:a4:38:9c:5e:c7:ca:9f:ed:
         9b:15:b4:ca:66:27:ea:71:7c:45:00:36:63:d4:a2:a1:75:b4:
         72:6e:66:06:6f:be:60:61:2f:0e:b0:a9:f1:71:8a:20:24:db:
         fc:14:85:13:f3:e4:4f:1e:c8:81:0f:fb:87:0e:21:33:6a:90:
         d7:8e:3f:00:33:7f:1a:c2:41:50:ea:a9:04:0a:0b:ac:ae:09:
         a5:2b:a1:c4:d2:c2:c7:53:fa:3e:72:bc:72:05:dd:9a:08:1d:
         7d:5c:8b:a1:01:9a:c6:c8:b4:fc:6b:4c:a5:29:29:51:68:d2:
         2b:84:80:06:59:f3:f4:6f:af:08:5e:14:48:24:26:62:9b:68:
         6a:76:1b:99:54:25:a0:b5:fd:22:c3:5b:20:d7:8b:f2:1e:62:
         a1:f9:cd:45:67:11:a1:03:79:58:8f:ad:d8:5a:01:ec:f3:92:
         55:28:ad:0a:99:f7:09:5b:75:f9:43:42:6c:5c:71:44:5b:00:
         ac:17:18:78
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASwUrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDEwOGMyMjVmMjQ3OGNkNDIzMDE3OTg5MGQwNzI4NGJlMTYzNmNkMB4XDTIyMDUy
OTEwMjgwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVjZDYwNTFlZjU0
NDI2Y2MxY2M3MjAzY2ZiZDMzZTNlZTA2NDRlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzpZtFTXDTYoSn8f3vJXay+HsS83PRoNXibRZO+PraIpbhs
uuEzLrm0P7u3DwF51GWSSccFcby0TitImo2ZV5wEam27nGxgHZljE+alKuGtUrP0
llVS0fDqU75+Six8vuBpIQUntdBFX95Q2M7hULqbkAvxi/5JyRHAtBm9pDxYoXKx
vLJzcHke1c8m9KHrSneY1I6vFdtYoKQwhucRdtbn1G1XRKUCWbUk+Pwzz+oaV0WW
dUiz4H666NlRsUJu9dL7lwM7O8qS+hn8F1l+7Kff/6CyLXeazFU/vaLLY8A0uMER
WiuG/3OyoJGhTlFdF/F1xoFbvfAhb67MbjD9d5cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTVzWBR71RCbMHMcgPPvTPj7gZE6DAfBgNVHSMEGDAWgBTNEIwiXyR4zUIw
F5iQ0HKEvhY2zTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pSQ01JbDhrZU0xQ01CZVlrTkJ5aEw0V05zMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvMzQ4Y2U1LWNhMjAtNDg0OC04ODQ0LWFlNTAyNzM2ODFhNy8x
LzFjMWdVZTlVUW16QnpISUR6NzB6NC00R1JPZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
MzQ4Y2U1LWNhMjAtNDg0OC04ODQ0LWFlNTAyNzM2ODFhNy8xL3pSQ01JbDhrZU0x
Q01CZVlrTkJ5aEw0V05zMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvM4DANBgkqhkiG9w0BAQsFAAOC
AQEAJhONkxMNAGnSZYISZlvHj9qg7c45PilSo3GNHY1l9xESNcjzqrcVKvr9L7aq
AM8BOTmXu5iXxJQE+shAY2qfT6Q4nF7Hyp/tmxW0ymYn6nF8RQA2Y9SioXW0cm5m
Bm++YGEvDrCp8XGKICTb/BSFE/PkTx7IgQ/7hw4hM2qQ144/ADN/GsJBUOqpBAoL
rK4JpSuhxNLCx1P6PnK8cgXdmggdfVyLoQGaxsi0/GtMpSkpUWjSK4SABlnz9G+v
CF4USCQmYptoanYbmVQloLX9IsNbINeL8h5iofnNRWcRoQN5WI+t2FoB7POSVSit
Cpn3CVt1+UNCbFxxRFsArBcYeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org