Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/R5VtvLizp9jjHl2KHVDkZ36evXs.roa
File:                     R5VtvLizp9jjHl2KHVDkZ36evXs.roa (raw, json)
Hash identifier:          ItYdYQIUtSLaA8AAT4epeWGhZVsgceVyAuTanstbrjw=
Subject key identifier:   47:95:6D:BC:B8:B3:A7:D8:E3:1E:5D:8A:1D:50:E4:67:7E:9E:BD:7B
Certificate issuer:       /CN=d2b36ad28e521edab4b4dea349a27772d4b2a7be
Certificate serial:       03D9BB7B
Authority key identifier: D2:B3:6A:D2:8E:52:1E:DA:B4:B4:DE:A3:49:A2:77:72:D4:B2:A7:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0rNq0o5SHtq0tN6jSaJ3ctSyp74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/R5VtvLizp9jjHl2KHVDkZ36evXs.roa
Signing time:             Sat 01 Jan 2022 04:56:02 +0000
ROA not before:           Sat 01 Jan 2022 04:56:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43487
IP address blocks:        91.240.182.0/24 maxlen: 24
                          91.240.181.0/24 maxlen: 24
                          91.240.180.0/22 maxlen: 22
                          91.240.180.0/24 maxlen: 24
                          91.240.183.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64600955 (0x3d9bb7b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2b36ad28e521edab4b4dea349a27772d4b2a7be
        Validity
            Not Before: Jan  1 04:56:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=47956dbcb8b3a7d8e31e5d8a1d50e4677e9ebd7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:09:06:f0:2e:29:df:2f:69:43:ee:8b:af:bc:
                    25:97:a1:01:68:28:94:ad:c9:9f:bf:03:de:ad:0a:
                    31:70:7e:7f:70:c4:8c:d9:57:38:71:ce:7f:f7:2c:
                    6b:7f:3d:b7:f5:b4:75:0c:80:28:a2:db:53:25:e2:
                    a7:2a:24:e3:24:14:4c:83:4d:a1:ba:38:61:62:13:
                    12:4e:a5:bd:da:d4:cf:ab:ea:47:8e:62:30:75:5c:
                    54:37:60:a4:03:30:af:ef:5e:98:5d:83:3a:ee:61:
                    af:38:aa:42:d3:b1:e1:1a:4c:87:e9:de:6a:10:bf:
                    35:a4:4d:4e:10:fc:b4:05:ef:18:a8:75:a2:5c:7a:
                    35:bc:15:2d:81:0a:99:29:3d:77:80:11:d1:26:74:
                    9d:39:9c:66:1e:f1:14:7d:81:10:4c:57:cf:3a:4a:
                    f0:c7:48:e0:e0:bc:30:0d:bf:18:2a:bb:c5:fd:80:
                    29:83:92:ba:8e:44:51:c0:0a:e1:fb:4b:a8:e4:52:
                    f1:fc:9e:e2:98:e2:b7:ec:f7:f0:0b:3b:a9:c6:8d:
                    8c:e4:56:ea:4f:59:f6:84:22:b4:d7:22:e5:40:24:
                    f3:fb:4c:8f:2c:f1:70:fb:78:73:bd:a5:18:e7:f0:
                    c0:7d:0a:70:e3:95:a8:e6:7c:4f:96:46:d4:7f:2c:
                    58:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:95:6D:BC:B8:B3:A7:D8:E3:1E:5D:8A:1D:50:E4:67:7E:9E:BD:7B
            X509v3 Authority Key Identifier:
                keyid:D2:B3:6A:D2:8E:52:1E:DA:B4:B4:DE:A3:49:A2:77:72:D4:B2:A7:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0rNq0o5SHtq0tN6jSaJ3ctSyp74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/R5VtvLizp9jjHl2KHVDkZ36evXs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.240.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         08:e1:14:24:b6:d1:0a:cb:37:cf:55:a2:dd:1b:db:4a:97:2d:
         f6:71:a0:dc:ac:5b:39:3d:b7:b1:9b:d6:48:73:fe:71:4d:aa:
         99:f8:53:36:59:b3:53:85:e3:17:84:29:2c:ef:17:99:3b:5c:
         2e:af:26:0a:62:42:86:f5:c7:f9:25:90:de:a9:fa:68:cb:ab:
         c1:c1:58:2e:bf:76:be:fc:fd:9f:c0:05:4c:10:c9:d8:bc:de:
         55:4a:71:66:92:30:d4:8a:be:33:16:b0:b3:6e:70:67:41:8b:
         7b:53:a5:8d:11:a9:72:ad:9a:58:27:fc:77:d7:26:33:89:9d:
         90:d9:a7:13:bc:05:db:c7:83:89:da:cc:62:c6:9e:46:d0:b7:
         45:7c:ba:45:96:a0:cb:c8:aa:82:58:c1:7b:a2:a4:ff:09:48:
         64:07:f8:ba:f6:08:77:c1:92:b4:fd:78:01:3e:b6:38:90:34:
         67:4c:51:4d:a1:f1:c4:d2:ef:34:1c:7d:4b:d1:c9:1d:c3:eb:
         cf:ba:85:b7:81:06:6d:3d:a8:ee:cb:72:db:17:24:67:93:82:
         c1:36:27:1f:f4:18:dc:55:58:6e:a3:5c:84:d8:cc:42:c2:30:
         88:ba:dc:e4:4d:eb:f1:98:c6:9f:bb:f6:f7:f0:9a:6e:da:29:
         9a:e0:0b:fc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9m7ezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmIzNmFkMjhlNTIxZWRhYjRiNGRlYTM0OWEyNzc3MmQ0YjJhN2JlMB4XDTIyMDEw
MTA0NTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc5NTZkYmNiOGIz
YTdkOGUzMWU1ZDhhMWQ1MGU0Njc3ZTllYmQ3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8JBvAuKd8vaUPui6+8JZehAWgolK3Jn78D3q0KMXB+f3DE
jNlXOHHOf/csa389t/W0dQyAKKLbUyXipyok4yQUTINNobo4YWITEk6lvdrUz6vq
R45iMHVcVDdgpAMwr+9emF2DOu5hrziqQtOx4RpMh+neahC/NaRNThD8tAXvGKh1
olx6NbwVLYEKmSk9d4AR0SZ0nTmcZh7xFH2BEExXzzpK8MdI4OC8MA2/GCq7xf2A
KYOSuo5EUcAK4ftLqORS8fye4pjit+z38As7qcaNjORW6k9Z9oQitNci5UAk8/tM
jyzxcPt4c72lGOfwwH0KcOOVqOZ8T5ZG1H8sWHkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRHlW28uLOn2OMeXYodUORnfp69ezAfBgNVHSMEGDAWgBTSs2rSjlIe2rS0
3qNJondy1LKnvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzByTnEwbzVTSHRxMHRONmpTYUozY3RTeXA3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvM2E5YTBiLWQ0MjQtNGVjYS1hOTM4LTkyYTg3N2JiMTlmNy8x
L1I1VnR2TGl6cDlqakhsMktIVkRrWjM2ZXZYcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
M2E5YTBiLWQ0MjQtNGVjYS1hOTM4LTkyYTg3N2JiMTlmNy8xLzByTnEwbzVTSHRx
MHRONmpTYUozY3RTeXA3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvwtDANBgkqhkiG9w0BAQsFAAOC
AQEACOEUJLbRCss3z1Wi3RvbSpct9nGg3KxbOT23sZvWSHP+cU2qmfhTNlmzU4Xj
F4QpLO8XmTtcLq8mCmJChvXH+SWQ3qn6aMurwcFYLr92vvz9n8AFTBDJ2LzeVUpx
ZpIw1Iq+Mxaws25wZ0GLe1OljRGpcq2aWCf8d9cmM4mdkNmnE7wF28eDidrMYsae
RtC3RXy6RZagy8iqgljBe6Kk/wlIZAf4uvYId8GStP14AT62OJA0Z0xRTaHxxNLv
NBx9S9HJHcPrz7qFt4EGbT2o7sty2xckZ5OCwTYnH/QY3FVYbqNchNjMQsIwiLrc
5E3r8ZjGn7v29/CabtopmuAL/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:39 2024 by rpki-client on console-fra.rpki-client.org