Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/H6HayJTarYycmkcoGjXaK0e5mQU.roa
File:                     H6HayJTarYycmkcoGjXaK0e5mQU.roa (raw, json)
Hash identifier:          vp9yOPIg0dGhFTOIc2Ly3BNU+BvoxS2pm93nOi2Muvs=
Subject key identifier:   1F:A1:DA:C8:94:DA:AD:8C:9C:9A:47:28:1A:35:DA:2B:47:B9:99:05
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       144FBD33
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/H6HayJTarYycmkcoGjXaK0e5mQU.roa
Signing time:             Fri 18 Mar 2022 18:06:53 +0000
ROA not before:           Fri 18 Mar 2022 18:06:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35346
IP address blocks:        91.242.108.0/22 maxlen: 22
                          91.242.112.0/20 maxlen: 24
                          91.242.112.0/21 maxlen: 24
                          194.114.144.0/24 maxlen: 25
                          91.242.64.0/18 maxlen: 24
                          2a07:5540::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 340770099 (0x144fbd33)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Mar 18 18:06:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1fa1dac894daad8c9c9a47281a35da2b47b99905
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:3e:3d:0e:71:6f:16:5c:e6:01:25:25:0c:98:
                    07:da:de:73:f9:46:2e:76:ed:de:33:23:b9:15:52:
                    b1:66:ac:b3:5f:d6:dc:45:9f:31:cd:13:1a:7c:e0:
                    8e:75:4c:4a:f1:49:ce:a4:d8:cb:58:31:4a:4d:11:
                    65:90:68:91:d5:26:fb:46:ce:fe:aa:fc:ab:8b:8d:
                    3b:74:c0:40:dd:be:cc:4d:e7:32:75:da:d4:57:c2:
                    c3:db:f7:2c:7a:97:d2:ce:f4:51:b9:12:0d:13:4a:
                    f4:17:fd:8c:c1:fa:6b:1c:bd:d4:be:6a:d5:0d:ac:
                    fe:45:ea:4c:04:4f:bb:71:9a:21:8b:2a:28:1c:e6:
                    4a:18:8b:15:fc:f3:31:25:30:34:95:27:97:61:8b:
                    73:02:06:ad:4e:01:19:cc:14:17:ea:a5:bc:1d:b6:
                    9c:4e:23:f0:f3:ba:e4:7a:b8:05:c8:bd:76:61:01:
                    73:0f:57:3e:72:38:1b:99:02:5e:5f:ca:bb:e5:86:
                    64:98:4e:40:83:d1:e6:f6:3d:75:ec:8b:ef:43:24:
                    ed:fb:fc:12:65:e1:c0:55:ad:df:0c:71:3f:b5:8f:
                    3a:01:3a:5c:1c:34:a1:7e:3b:bf:bf:60:5e:bd:42:
                    1e:22:8a:ba:6e:63:43:07:d6:f6:a1:8e:07:a6:bc:
                    d2:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:A1:DA:C8:94:DA:AD:8C:9C:9A:47:28:1A:35:DA:2B:47:B9:99:05
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/H6HayJTarYycmkcoGjXaK0e5mQU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.64.0/18
                  194.114.144.0/24
                IPv6:
                  2a07:5540::/29

    Signature Algorithm: sha256WithRSAEncryption
         3b:a2:89:63:17:73:1e:30:46:0b:24:60:fc:2e:09:f7:79:31:
         97:2c:f1:b1:66:b2:5c:9f:92:4f:d7:92:15:4f:cf:67:92:19:
         bc:6e:09:8f:18:cc:37:a7:6a:9a:7a:f8:c5:a9:7d:0a:e9:92:
         2c:19:ce:5a:7f:73:57:d6:ca:f7:8c:2c:3c:f6:e7:f4:81:4a:
         12:e9:fd:72:80:09:15:24:88:4a:af:8f:28:94:b1:be:7c:9a:
         22:f7:fc:2f:c3:09:62:dc:44:30:1f:0d:2b:d2:57:bf:e8:74:
         78:4a:d2:ea:b2:c1:a1:03:7a:c5:d9:39:5d:52:68:27:35:90:
         8b:88:20:16:48:64:f5:73:61:26:68:6e:4a:6f:e1:1b:97:2a:
         24:6d:1a:73:df:86:a2:de:b1:34:d8:16:02:08:dd:8c:de:c6:
         3c:85:2d:5a:a6:d4:45:8f:9f:00:11:69:87:54:4e:12:d2:a8:
         e6:b2:b7:c9:2d:ab:23:f3:fa:b1:e0:25:62:fb:85:c1:eb:57:
         1b:40:cf:96:1f:0c:3e:83:66:4c:59:8e:19:bf:f9:e6:ea:6a:
         e3:b0:dc:ea:c3:a3:a1:dd:1c:ad:cd:1b:35:06:3c:52:7b:0f:
         0a:e7:17:5b:39:75:37:72:55:1c:ce:fe:29:eb:54:5e:09:c1:
         06:de:9f:93
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEFE+9MzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDMx
ODE4MDY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZhMWRhYzg5NGRh
YWQ4YzljOWE0NzI4MWEzNWRhMmI0N2I5OTkwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANU+PQ5xbxZc5gElJQyYB9rec/lGLnbt3jMjuRVSsWass1/W
3EWfMc0TGnzgjnVMSvFJzqTYy1gxSk0RZZBokdUm+0bO/qr8q4uNO3TAQN2+zE3n
MnXa1FfCw9v3LHqX0s70UbkSDRNK9Bf9jMH6axy91L5q1Q2s/kXqTARPu3GaIYsq
KBzmShiLFfzzMSUwNJUnl2GLcwIGrU4BGcwUF+qlvB22nE4j8PO65Hq4Bci9dmEB
cw9XPnI4G5kCXl/Ku+WGZJhOQIPR5vY9deyL70Mk7fv8EmXhwFWt3wxxP7WPOgE6
XBw0oX47v79gXr1CHiKKum5jQwfW9qGOB6a80pECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQfodrIlNqtjJyaRygaNdorR7mZBTAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L0g2SGF5SlRhcll5Y21rY29HalhhSzBlNW1RVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBlvyQAMEAMJykDANBAIAAjAHAwUD
KgdVQDANBgkqhkiG9w0BAQsFAAOCAQEAO6KJYxdzHjBGCyRg/C4J93kxlyzxsWay
XJ+ST9eSFU/PZ5IZvG4JjxjMN6dqmnr4xal9CumSLBnOWn9zV9bK94wsPPbn9IFK
Eun9coAJFSSISq+PKJSxvnyaIvf8L8MJYtxEMB8NK9JXv+h0eErS6rLBoQN6xdk5
XVJoJzWQi4ggFkhk9XNhJmhuSm/hG5cqJG0ac9+Got6xNNgWAgjdjN7GPIUtWqbU
RY+fABFph1ROEtKo5rK3yS2rI/P6seAlYvuFwetXG0DPlh8MPoNmTFmOGb/55upq
47Dc6sOjod0crc0bNQY8UnsPCucXWzl1N3JVHM7+KetUXgnBBt6fkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org