Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/zPkdzleBnkkGZ7RTDUtbuDFWbtw.roa
File:                     zPkdzleBnkkGZ7RTDUtbuDFWbtw.roa (raw, json)
Hash identifier:          CCiA+2TMcc8EDAPgyTXHVVNPlHQpf5VMXUBOdmB9wws=
Subject key identifier:   CC:F9:1D:CE:57:81:9E:49:06:67:B4:53:0D:4B:5B:B8:31:56:6E:DC
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       018422F28AA3E071D481916F40197FA33739
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/zPkdzleBnkkGZ7RTDUtbuDFWbtw.roa
Signing time:             Sat 29 Oct 2022 08:53:51 +0000
ROA not before:           Sat 29 Oct 2022 08:53:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        91.238.213.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:22:f2:8a:a3:e0:71:d4:81:91:6f:40:19:7f:a3:37:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Oct 29 08:53:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ccf91dce57819e490667b4530d4b5bb831566edc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:e4:a2:ec:22:f5:6e:29:21:cd:88:49:69:bb:
                    33:19:fc:0c:a8:df:74:20:f8:5b:b9:d3:f5:ba:ab:
                    ef:ae:35:d7:8a:26:15:4b:45:ef:17:1d:bd:0a:0e:
                    ba:7e:b8:8a:55:25:7e:ef:e0:5a:31:42:e6:17:0a:
                    e7:3d:f0:25:13:3b:1b:5e:03:0e:5f:48:21:70:f0:
                    9e:48:d1:46:2c:d5:ac:22:5c:76:49:d5:02:17:79:
                    cd:5e:08:5b:17:d7:1b:51:a9:63:6d:31:ad:df:82:
                    7b:04:1c:3b:aa:23:00:8a:54:22:74:a7:d4:e6:8c:
                    38:93:bd:88:5f:cf:92:06:8f:3f:55:26:7c:27:0c:
                    84:2e:49:aa:70:a9:f4:15:7f:d5:04:d8:9a:80:64:
                    72:a4:c2:88:60:7d:bf:89:92:ea:dc:a5:b4:09:7a:
                    38:81:7f:c5:86:ef:4f:bc:86:87:21:2f:7b:7e:98:
                    bb:e0:1f:84:cc:04:86:ff:51:46:9c:6b:0e:bd:81:
                    8c:71:dd:09:ee:ab:ff:7f:61:2c:6e:07:e1:86:d3:
                    00:18:68:13:3e:b4:94:a9:b1:01:fe:62:17:9a:40:
                    e4:f8:32:3e:b5:a1:9f:f6:b9:74:b8:aa:52:ff:90:
                    04:8a:6c:e5:a4:11:05:b3:6d:b5:24:c8:ea:34:83:
                    8a:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:F9:1D:CE:57:81:9E:49:06:67:B4:53:0D:4B:5B:B8:31:56:6E:DC
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/zPkdzleBnkkGZ7RTDUtbuDFWbtw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.238.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:b6:44:d8:7a:6c:f0:1e:c2:4c:2e:8b:fa:29:fc:96:c2:6d:
         e3:65:25:13:3a:da:f5:5e:7c:b5:0c:36:ff:4b:44:58:d4:bf:
         71:9e:72:54:9d:0a:bb:62:f0:ca:38:eb:74:05:72:e8:4e:c6:
         9a:30:9f:0b:56:7a:a3:dd:9d:3a:eb:60:5e:46:79:42:ac:4a:
         a0:cb:1e:0b:06:43:a9:52:31:d3:5c:db:e5:a0:a7:59:6d:a5:
         ab:69:c7:80:45:6d:5c:78:1b:ea:0f:87:af:0e:cc:7d:40:91:
         36:18:1c:31:df:77:72:fb:35:9b:93:31:99:02:1b:91:6b:fb:
         06:a6:01:bd:fd:4a:60:6c:84:0c:33:9b:a8:fa:9c:e3:b2:31:
         bd:36:fd:51:b8:12:f7:ba:b3:b5:a6:b1:32:e4:aa:76:e9:f7:
         4f:64:21:ba:f2:db:3c:bd:ac:88:46:48:44:db:99:7a:8a:ae:
         7c:b0:01:ee:e1:59:af:b2:8d:09:e8:d8:0a:cf:6b:9f:cb:ad:
         3a:28:6f:b2:60:66:12:1a:98:50:1b:df:b6:17:ba:b9:86:37:
         09:40:92:dc:b2:ee:d9:5d:a9:1b:5b:14:c1:40:da:9d:5d:0f:
         44:64:48:76:a0:d0:1e:78:f2:9d:62:10:c0:3b:b7:1b:9c:e7:
         0d:f6:4d:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQi8oqj4HHUgZFvQBl/ozc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjIxMDI5MDg1MzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2Y5MWRjZTU3ODE5ZTQ5MDY2N2I0NTMwZDRiNWJiODMxNTY2ZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+Si7CL1bikhzYhJabszGfwMqN90
IPhbudP1uqvvrjXXiiYVS0XvFx29Cg66friKVSV+7+BaMULmFwrnPfAlEzsbXgMO
X0ghcPCeSNFGLNWsIlx2SdUCF3nNXghbF9cbUaljbTGt34J7BBw7qiMAilQidKfU
5ow4k72IX8+SBo8/VSZ8JwyELkmqcKn0FX/VBNiagGRypMKIYH2/iZLq3KW0CXo4
gX/Fhu9PvIaHIS97fpi74B+EzASG/1FGnGsOvYGMcd0J7qv/f2EsbgfhhtMAGGgT
PrSUqbEB/mIXmkDk+DI+taGf9rl0uKpS/5AEimzlpBEFs221JMjqNIOKNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMz5Hc5XgZ5JBme0Uw1LW7gxVm7cMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvelBrZHpsZUJua2tHWjdSVERVdGJ1REZXYnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7VMA0G
CSqGSIb3DQEBCwUAA4IBAQCctkTYemzwHsJMLov6KfyWwm3jZSUTOtr1Xny1DDb/
S0RY1L9xnnJUnQq7YvDKOOt0BXLoTsaaMJ8LVnqj3Z0662BeRnlCrEqgyx4LBkOp
UjHTXNvloKdZbaWraceARW1ceBvqD4evDsx9QJE2GBwx33dy+zWbkzGZAhuRa/sG
pgG9/UpgbIQMM5uo+pzjsjG9Nv1RuBL3urO1prEy5Kp26fdPZCG68ts8vayIRkhE
25l6iq58sAHu4Vmvso0J6NgKz2ufy606KG+yYGYSGphQG9+2F7q5hjcJQJLcsu7Z
XakbWxTBQNqdXQ9EZEh2oNAeePKdYhDAO7cbnOcN9k2B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org