Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/p_NuscTWUqtTkj9joljAAFzy-Kk.roa
File:                     p_NuscTWUqtTkj9joljAAFzy-Kk.roa (raw, json)
Hash identifier:          QhUdryPZttySbe5W6XXskyactt1NCgvbOHeZLg78J5s=
Subject key identifier:   A7:F3:6E:B1:C4:D6:52:AB:53:92:3F:63:A2:58:C0:00:5C:F2:F8:A9
Certificate issuer:       /CN=22a776a6955c0163c9cf1a838c41dfee5da9db3d
Certificate serial:       02083DDB
Authority key identifier: 22:A7:76:A6:95:5C:01:63:C9:CF:1A:83:8C:41:DF:EE:5D:A9:DB:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/p_NuscTWUqtTkj9joljAAFzy-Kk.roa
Signing time:             Sat 01 Jan 2022 15:01:29 +0000
ROA not before:           Sat 01 Jan 2022 15:01:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47447
IP address blocks:        176.103.220.0/23 maxlen: 23
                          91.227.74.0/24 maxlen: 24
                          193.148.68.0/22 maxlen: 22
                          91.216.248.0/24 maxlen: 24
                          2a10:fc80::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34094555 (0x2083ddb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22a776a6955c0163c9cf1a838c41dfee5da9db3d
        Validity
            Not Before: Jan  1 15:01:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a7f36eb1c4d652ab53923f63a258c0005cf2f8a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:39:1c:cd:5d:c6:55:7d:79:a1:fe:5f:a0:93:
                    c9:ba:0f:fc:49:ad:ad:c9:1d:de:0c:4c:3d:69:cd:
                    f3:5d:25:25:04:51:2c:e5:8d:9d:98:28:f0:f6:cc:
                    6f:03:08:75:8b:cb:b8:82:14:cc:7e:ce:1c:f9:5e:
                    be:ae:7a:70:97:eb:51:fb:c8:57:f3:36:5e:97:53:
                    7c:7a:0d:0d:b8:fe:ab:a5:6d:49:5c:87:d8:c9:69:
                    08:d1:93:ed:b1:4a:be:e2:4b:50:15:af:87:4b:b1:
                    72:8f:3c:64:12:5e:4b:16:d1:4f:92:28:c4:30:28:
                    63:2d:f7:a4:9f:a0:ad:4a:ce:4b:7d:df:22:51:d8:
                    a3:85:91:7c:42:77:c2:d2:2d:60:63:62:03:d7:1a:
                    90:f5:9e:b3:76:21:55:b8:1b:f5:80:ed:16:b2:3c:
                    a4:91:d6:b0:30:b6:9b:3e:7a:c5:b2:76:5f:43:59:
                    da:3c:a4:fe:4f:be:76:57:27:69:cf:8a:c8:53:e8:
                    16:be:b5:aa:3e:25:0a:6d:80:d8:38:e4:74:33:06:
                    65:5f:4c:0c:5d:5b:3f:01:73:fe:95:0d:50:7e:c6:
                    17:b4:70:16:68:9b:5c:cf:4c:4f:87:f8:cb:e9:ea:
                    78:80:bb:22:a0:fa:56:1f:23:1a:85:1c:19:da:a5:
                    01:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:F3:6E:B1:C4:D6:52:AB:53:92:3F:63:A2:58:C0:00:5C:F2:F8:A9
            X509v3 Authority Key Identifier:
                keyid:22:A7:76:A6:95:5C:01:63:C9:CF:1A:83:8C:41:DF:EE:5D:A9:DB:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/p_NuscTWUqtTkj9joljAAFzy-Kk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.248.0/24
                  91.227.74.0/24
                  176.103.220.0/23
                  193.148.68.0/22
                IPv6:
                  2a10:fc80::/29

    Signature Algorithm: sha256WithRSAEncryption
         04:24:37:0f:1d:54:e3:c1:20:b1:07:8c:7b:b3:b2:70:63:6f:
         ba:85:7b:15:ac:14:95:e2:16:98:b6:19:6d:07:dc:e5:29:1c:
         71:b2:8c:09:e5:a9:05:52:6c:c0:95:33:5e:d2:63:22:67:68:
         d1:27:b0:6d:0c:c1:ec:0f:86:2b:f7:e9:f4:3a:14:3f:ad:38:
         8e:90:25:f5:86:5d:1e:8f:6f:6d:e2:69:cd:a8:59:ed:cf:02:
         73:99:d5:3f:2b:8f:53:4e:ef:9c:64:2f:5d:93:86:f0:3a:0b:
         6c:2e:71:9d:ba:98:f0:ba:e8:de:57:fe:08:49:97:fa:a6:45:
         82:b7:53:8f:0c:8a:f4:c4:a6:6b:24:aa:a3:19:b9:50:4f:59:
         31:6d:44:8c:22:f1:74:62:30:0f:04:10:d5:e3:d3:b7:ae:4c:
         26:eb:8e:c8:cc:0a:b7:b5:97:65:e6:26:bf:f7:44:36:e1:68:
         8a:92:4b:c8:5a:b2:7d:8b:33:b8:98:99:97:2c:b9:fe:b6:02:
         d6:a9:16:f7:0e:be:0f:60:2a:1e:0d:11:e6:a5:fc:7d:95:f1:
         3b:0d:e6:ac:00:27:6c:e4:8d:d3:96:3c:15:b6:13:99:24:15:
         22:ff:08:c8:72:5f:bb:58:72:e4:44:fe:f0:c7:52:93:5f:65:
         f2:8f:3e:02
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEAgg92zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmE3NzZhNjk1NWMwMTYzYzljZjFhODM4YzQxZGZlZTVkYTlkYjNkMB4XDTIyMDEw
MTE1MDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTdmMzZlYjFjNGQ2
NTJhYjUzOTIzZjYzYTI1OGMwMDA1Y2YyZjhhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL05HM1dxlV9eaH+X6CTyboP/Emtrckd3gxMPWnN810lJQRR
LOWNnZgo8PbMbwMIdYvLuIIUzH7OHPlevq56cJfrUfvIV/M2XpdTfHoNDbj+q6Vt
SVyH2MlpCNGT7bFKvuJLUBWvh0uxco88ZBJeSxbRT5IoxDAoYy33pJ+grUrOS33f
IlHYo4WRfEJ3wtItYGNiA9cakPWes3YhVbgb9YDtFrI8pJHWsDC2mz56xbJ2X0NZ
2jyk/k++dlcnac+KyFPoFr61qj4lCm2A2DjkdDMGZV9MDF1bPwFz/pUNUH7GF7Rw
FmibXM9MT4f4y+nqeIC7IqD6Vh8jGoUcGdqlAZECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSn826xxNZSq1OSP2OiWMAAXPL4qTAfBgNVHSMEGDAWgBQip3amlVwBY8nP
GoOMQd/uXanbPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lxZDJwcFZjQVdQSnp4cURqRUhmN2wycDJ6MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvNWNlZDhmLWQwMjQtNDViYi05MjJjLWFmMWRlM2QwZjIxNy8x
L3BfTnVzY1RXVXF0VGtqOWpvbGpBQUZ6eS1Lay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
NWNlZDhmLWQwMjQtNDViYi05MjJjLWFmMWRlM2QwZjIxNy8xL0lxZDJwcFZjQVdQ
Snp4cURqRUhmN2wycDJ6MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAFvY+AMEAFvjSgMEAbBn3AMEAsGU
RDANBAIAAjAHAwUDKhD8gDANBgkqhkiG9w0BAQsFAAOCAQEABCQ3Dx1U48EgsQeM
e7OycGNvuoV7FawUleIWmLYZbQfc5SkccbKMCeWpBVJswJUzXtJjImdo0SewbQzB
7A+GK/fp9DoUP604jpAl9YZdHo9vbeJpzahZ7c8Cc5nVPyuPU07vnGQvXZOG8DoL
bC5xnbqY8Lro3lf+CEmX+qZFgrdTjwyK9MSmaySqoxm5UE9ZMW1EjCLxdGIwDwQQ
1ePTt65MJuuOyMwKt7WXZeYmv/dENuFoipJLyFqyfYszuJiZlyy5/rYC1qkW9w6+
D2AqHg0R5qX8fZXxOw3mrAAnbOSN05Y8FbYTmSQVIv8IyHJfu1hy5ET+8MdSk19l
8o8+Ag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:01 2024 by rpki-client on console-fra.rpki-client.org