Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1-z8Cv55a8gnf8mqHmVeunKv_CLE.roa
File:                     1-z8Cv55a8gnf8mqHmVeunKv_CLE.roa (raw, json)
Hash identifier:          /M2THuP6FLDhwenyOJwvaItybX/HTlNG0t71amRPp8I=
Subject key identifier:   FB:3F:02:BF:9E:5A:F2:09:DF:F2:6A:87:99:57:AE:9C:AB:FF:08:B1
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       1D3E967C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1-z8Cv55a8gnf8mqHmVeunKv_CLE.roa
Signing time:             Wed 11 May 2022 10:49:02 +0000
ROA not before:           Wed 11 May 2022 10:49:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203464
IP address blocks:        91.232.55.0/24 maxlen: 24
                          91.238.38.0/24 maxlen: 24
                          176.116.230.0/23 maxlen: 24
                          91.223.117.0/24 maxlen: 24
                          91.237.193.0/24 maxlen: 24
                          91.231.227.0/24 maxlen: 24
                          91.233.201.0/24 maxlen: 24
                          91.240.154.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 490641020 (0x1d3e967c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: May 11 10:49:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb3f02bf9e5af209dff26a879957ae9cabff08b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:70:e1:b1:51:42:58:16:a2:f5:8b:55:b7:85:
                    50:85:c4:75:29:c8:1a:54:af:43:bd:28:2a:cc:53:
                    65:37:e7:c0:d9:8e:c5:21:d4:3d:ab:28:3a:89:5b:
                    80:07:37:6f:7c:27:28:fa:5c:c7:82:87:e9:30:98:
                    a6:72:30:f7:05:13:69:e5:db:ee:b3:9b:90:3b:a5:
                    0c:af:43:ad:30:54:d1:aa:f9:04:31:56:f5:16:5d:
                    31:86:95:46:f8:db:12:9e:e7:bc:0b:43:58:50:be:
                    3f:34:e7:54:4e:1f:6e:dd:4e:cd:ea:6b:ba:e1:3f:
                    67:ba:1d:6d:39:09:9b:3d:cd:a4:c2:24:e1:9c:e0:
                    df:69:ea:02:81:7e:6b:4a:35:11:43:4c:e4:73:f4:
                    bc:8f:e0:31:f9:5b:dd:d8:a6:98:0c:75:e3:71:0b:
                    53:12:23:4c:85:00:fb:35:bd:96:26:d7:0f:f4:1c:
                    2b:9d:42:32:8a:10:fc:5f:0c:ce:d7:48:b7:a6:66:
                    44:10:f9:b5:8c:4e:95:c3:0b:f5:3e:ee:28:aa:d6:
                    18:2e:bc:a3:84:29:65:3d:e0:aa:90:7a:ea:29:25:
                    28:3e:be:d2:ed:eb:7d:7b:01:7a:04:2d:8c:56:d6:
                    9c:e0:74:dd:10:e5:c1:29:dd:c2:35:df:99:c5:6a:
                    25:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:3F:02:BF:9E:5A:F2:09:DF:F2:6A:87:99:57:AE:9C:AB:FF:08:B1
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1-z8Cv55a8gnf8mqHmVeunKv_CLE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.117.0/24
                  91.231.227.0/24
                  91.232.55.0/24
                  91.233.201.0/24
                  91.237.193.0/24
                  91.238.38.0/24
                  91.240.154.0/24
                  176.116.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:aa:07:60:30:2d:7d:66:bc:57:0f:df:5f:ce:50:61:69:b3:
         75:85:47:c6:9c:3b:ff:f1:75:e7:ef:eb:e1:54:28:b0:55:2a:
         dd:67:05:5b:21:da:58:36:95:98:25:77:64:65:88:9a:23:58:
         f1:cb:3e:4e:74:99:66:66:6a:be:7c:23:d2:8a:80:25:9e:34:
         57:14:40:64:a8:00:aa:89:56:50:87:2c:c4:b4:79:3a:ab:05:
         4a:e4:88:4b:27:e5:b5:f7:54:c3:ba:c4:be:ad:e3:2a:29:ee:
         d2:45:fc:80:51:e5:cd:fe:8a:8c:08:44:94:f5:f8:e4:c1:0d:
         5b:bb:69:f9:dd:a2:c3:ef:a8:a0:e5:56:57:6f:92:74:07:9e:
         54:41:34:4f:84:00:28:e7:5b:80:ba:5f:d0:d7:62:0f:ab:dd:
         d8:69:16:19:d4:3c:3f:30:87:f5:41:dc:b8:0c:a5:c3:f0:a3:
         a1:ea:c8:36:ce:5e:8a:b2:e6:e7:2b:49:ef:02:e6:aa:d1:ba:
         fb:57:f7:1a:67:c3:c8:11:3e:55:dd:0d:39:ac:bf:36:49:44:
         1e:58:b2:de:3f:12:66:fa:85:e4:20:28:10:12:ba:7d:dd:8e:
         a2:2b:2f:9b:81:46:0a:1d:9c:ba:f3:95:59:1c:f4:da:a8:2e:
         1a:8d:80:7b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEHT6WfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDUx
MTEwNDkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIzZjAyYmY5ZTVh
ZjIwOWRmZjI2YTg3OTk1N2FlOWNhYmZmMDhiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBw4bFRQlgWovWLVbeFUIXEdSnIGlSvQ70oKsxTZTfnwNmO
xSHUPasoOolbgAc3b3wnKPpcx4KH6TCYpnIw9wUTaeXb7rObkDulDK9DrTBU0ar5
BDFW9RZdMYaVRvjbEp7nvAtDWFC+PzTnVE4fbt1OzepruuE/Z7odbTkJmz3NpMIk
4Zzg32nqAoF+a0o1EUNM5HP0vI/gMflb3dimmAx143ELUxIjTIUA+zW9libXD/Qc
K51CMooQ/F8MztdIt6ZmRBD5tYxOlcML9T7uKKrWGC68o4QpZT3gqpB66iklKD6+
0u3rfXsBegQtjFbWnOB03RDlwSndwjXfmcVqJTcCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBT7PwK/nlryCd/yaoeZV66cq/8IsTAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
LzEtejhDdjU1YThnbmY4bXFIbVZldW5Ldl9DTEUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJk
L2NkZjVmNi0yZjE4LTQyYzctOTMwZS1kYzA2ZGQ4MDU5NjAvMS9OSnk3MWNMUFFa
WE1ic2Z5SDJCMWdhQWlUYW8uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
SQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABb33UDBABb5+MDBABb6DcDBABb
6ckDBABb7cEDBABb7iYDBABb8JoDBAGwdOYwDQYJKoZIhvcNAQELBQADggEBADqq
B2AwLX1mvFcP31/OUGFps3WFR8acO//xdefv6+FUKLBVKt1nBVsh2lg2lZgld2Rl
iJojWPHLPk50mWZmar58I9KKgCWeNFcUQGSoAKqJVlCHLMS0eTqrBUrkiEsn5bX3
VMO6xL6t4yop7tJF/IBR5c3+iowIRJT1+OTBDVu7afndosPvqKDlVldvknQHnlRB
NE+EACjnW4C6X9DXYg+r3dhpFhnUPD8wh/VB3LgMpcPwo6HqyDbOXoqy5ucrSe8C
5qrRuvtX9xpnw8gRPlXdDTmsvzZJRB5Yst4/Emb6heQgKBASun3djqIrL5uBRgod
nLrzlVkc9NqoLhqNgHs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:56 2024 by rpki-client on console-fra.rpki-client.org