Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c6ef8-543b-4886-829e-40a20dd2cfbe/1/h7aNOuLbVMp7hkRcoLGsJ3t5HV0.roa
File:                     h7aNOuLbVMp7hkRcoLGsJ3t5HV0.roa (raw, json)
Hash identifier:          7cKF6hY4mefD+v7OPrnKz4BENgowDdx3GCbmKzBSPMI=
Subject key identifier:   87:B6:8D:3A:E2:DB:54:CA:7B:86:44:5C:A0:B1:AC:27:7B:79:1D:5D
Certificate issuer:       /CN=044349ada95df44ad5b47e562ff862e5bd4398ad
Certificate serial:       0141E5
Authority key identifier: 04:43:49:AD:A9:5D:F4:4A:D5:B4:7E:56:2F:F8:62:E5:BD:43:98:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BENJrald9ErVtH5WL_hi5b1DmK0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c6ef8-543b-4886-829e-40a20dd2cfbe/1/h7aNOuLbVMp7hkRcoLGsJ3t5HV0.roa
Signing time:             Tue 28 Jun 2022 10:20:04 +0000
ROA not before:           Tue 28 Jun 2022 10:20:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198984
IP address blocks:        91.237.136.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82405 (0x141e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=044349ada95df44ad5b47e562ff862e5bd4398ad
        Validity
            Not Before: Jun 28 10:20:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=87b68d3ae2db54ca7b86445ca0b1ac277b791d5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:a6:59:45:23:12:df:43:08:ae:2b:1d:0b:14:
                    fe:99:a7:cf:1f:44:c9:21:c0:30:75:04:55:2a:50:
                    a9:84:1d:55:01:e2:31:cb:10:be:5f:f3:89:19:f1:
                    e0:7a:de:10:81:00:64:d3:30:1a:b0:2a:de:19:ed:
                    d3:ab:ee:ee:0e:ea:73:23:64:6a:07:87:ba:8f:34:
                    c2:36:f0:b7:1c:a6:c9:af:f9:58:e0:50:9d:02:df:
                    3d:9e:47:c5:18:4a:98:ee:43:dc:b9:21:56:30:4a:
                    ef:db:1f:46:eb:c7:e7:92:04:4f:85:1e:bf:76:28:
                    c0:93:48:5b:b8:c9:70:7e:88:f0:41:be:ce:a3:9a:
                    c8:dd:ac:21:ce:5f:77:eb:57:48:f0:86:58:c1:0f:
                    8c:ca:84:ee:df:68:41:f7:c3:ab:86:42:fa:8a:72:
                    0e:d4:4b:d3:03:8f:fa:07:7d:af:06:4d:bc:8c:49:
                    34:48:7c:25:91:a0:15:b3:97:de:5c:de:e3:16:b9:
                    4b:6e:b8:7c:57:cf:3d:4d:40:22:5e:c5:0f:d1:e2:
                    75:3c:cb:7e:a2:cb:f6:2e:45:87:00:ce:1a:df:72:
                    9f:40:f8:7c:46:dc:b2:33:fb:54:d3:ea:c4:a3:e1:
                    40:3c:8c:13:2a:f6:ec:f2:76:b9:54:74:3e:90:23:
                    41:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:B6:8D:3A:E2:DB:54:CA:7B:86:44:5C:A0:B1:AC:27:7B:79:1D:5D
            X509v3 Authority Key Identifier:
                keyid:04:43:49:AD:A9:5D:F4:4A:D5:B4:7E:56:2F:F8:62:E5:BD:43:98:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BENJrald9ErVtH5WL_hi5b1DmK0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c6ef8-543b-4886-829e-40a20dd2cfbe/1/h7aNOuLbVMp7hkRcoLGsJ3t5HV0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c6ef8-543b-4886-829e-40a20dd2cfbe/1/BENJrald9ErVtH5WL_hi5b1DmK0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b4:bc:f9:1e:1b:89:d7:9d:6b:2f:0c:5a:b7:89:30:14:0c:3d:
         1f:1e:5b:9c:bb:1e:c2:a7:dc:7c:77:9b:21:ff:f1:e7:e0:a3:
         6c:a5:d6:dc:0a:5e:b6:d3:9d:a2:56:20:08:22:42:5d:19:e1:
         09:48:1b:9a:52:38:c1:0c:4a:f2:3e:66:c9:35:36:1f:b0:25:
         c7:ff:02:d0:43:19:7d:ce:f1:47:d0:ee:af:ad:11:9e:20:4e:
         94:20:ea:03:98:06:7d:79:4d:ff:e0:52:97:3d:bb:4d:ae:b0:
         6f:a5:b0:dd:26:d9:71:b9:53:27:26:c4:cd:1e:13:b0:3e:c3:
         60:d6:f1:05:00:e2:12:8d:8b:2c:24:e8:f7:2b:d7:62:74:8c:
         53:24:ec:1f:09:8c:6f:c3:4f:f5:66:35:9d:fa:c8:47:66:46:
         b0:09:c6:86:02:13:6f:fc:35:da:be:d2:2a:63:24:c0:93:43:
         ed:9e:45:58:48:41:4d:39:9a:c8:a5:eb:b5:19:9d:f3:20:e0:
         32:5f:76:9e:b0:26:fa:4a:2c:2e:c8:b4:9f:94:b2:cd:ed:61:
         93:a2:6f:7f:28:33:3b:44:f9:c0:81:bb:7e:a8:ab:1d:62:03:
         38:dd:01:e3:f4:c8:b4:91:3b:e3:f0:4f:a4:d8:c9:21:b8:0f:
         80:fe:2b:9e
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAUHlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA0
NDM0OWFkYTk1ZGY0NGFkNWI0N2U1NjJmZjg2MmU1YmQ0Mzk4YWQwHhcNMjIwNjI4
MTAyMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4N2I2OGQzYWUyZGI1
NGNhN2I4NjQ0NWNhMGIxYWMyNzdiNzkxZDVkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsqZZRSMS30MIrisdCxT+mafPH0TJIcAwdQRVKlCphB1VAeIx
yxC+X/OJGfHget4QgQBk0zAasCreGe3Tq+7uDupzI2RqB4e6jzTCNvC3HKbJr/lY
4FCdAt89nkfFGEqY7kPcuSFWMErv2x9G68fnkgRPhR6/dijAk0hbuMlwfojwQb7O
o5rI3awhzl9361dI8IZYwQ+MyoTu32hB98OrhkL6inIO1EvTA4/6B32vBk28jEk0
SHwlkaAVs5feXN7jFrlLbrh8V889TUAiXsUP0eJ1PMt+osv2LkWHAM4a33KfQPh8
RtyyM/tU0+rEo+FAPIwTKvbs8na5VHQ+kCNBnQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIe2jTri21TKe4ZEXKCxrCd7eR1dMB8GA1UdIwQYMBaAFARDSa2pXfRK1bR+
Vi/4YuW9Q5itMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
QkVOSnJhbGQ5RXJWdEg1V0xfaGk1YjFEbUswLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zMC8yYzZlZjgtNTQzYi00ODg2LTgyOWUtNDBhMjBkZDJjZmJlLzEv
aDdhTk91TGJWTXA3aGtSY29MR3NKM3Q1SFYwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8y
YzZlZjgtNTQzYi00ODg2LTgyOWUtNDBhMjBkZDJjZmJlLzEvQkVOSnJhbGQ5RXJW
dEg1V0xfaGk1YjFEbUswLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+2IMA0GCSqGSIb3DQEBCwUAA4IB
AQC0vPkeG4nXnWsvDFq3iTAUDD0fHlucux7Cp9x8d5sh//Hn4KNspdbcCl62052i
ViAIIkJdGeEJSBuaUjjBDEryPmbJNTYfsCXH/wLQQxl9zvFH0O6vrRGeIE6UIOoD
mAZ9eU3/4FKXPbtNrrBvpbDdJtlxuVMnJsTNHhOwPsNg1vEFAOISjYssJOj3K9di
dIxTJOwfCYxvw0/1ZjWd+shHZkawCcaGAhNv/DXavtIqYyTAk0PtnkVYSEFNOZrI
peu1GZ3zIOAyX3aesCb6SiwuyLSflLLN7WGTom9/KDM7RPnAgbt+qKsdYgM43QHj
9Mi0kTvj8E+k2MkhuA+A/iue
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:24 2024 by rpki-client on console-ams.rpki-client.org