Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/0_9644GcV7p0I1gVOSDpOc09g9c.roa
File:                     0_9644GcV7p0I1gVOSDpOc09g9c.roa (raw, json)
Hash identifier:          YWVP5RfL6vM6H/4177YZVjBU2crHTcytWRXcm38pNsc=
Subject key identifier:   D3:FF:7A:E3:81:9C:57:BA:74:23:58:15:39:20:E9:39:CD:3D:83:D7
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       0182EDC4B696B4AA7CEA6129ECA57450D2DF
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/0_9644GcV7p0I1gVOSDpOc09g9c.roa
Signing time:             Tue 30 Aug 2022 08:01:08 +0000
ROA not before:           Tue 30 Aug 2022 08:01:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        91.228.12.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ed:c4:b6:96:b4:aa:7c:ea:61:29:ec:a5:74:50:d2:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Aug 30 08:01:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3ff7ae3819c57ba742358153920e939cd3d83d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:24:ad:01:e3:08:48:23:96:b4:e3:27:d5:ac:
                    57:0a:da:bf:14:44:d2:3e:68:4b:e4:4a:af:68:d7:
                    1f:9b:ed:22:98:b0:fb:eb:a5:87:21:54:7b:f3:05:
                    68:9a:79:f8:1a:a1:ed:97:ad:8b:ef:dd:5c:54:ff:
                    3e:75:49:79:13:2e:28:5c:98:27:28:26:42:f3:b8:
                    86:20:7a:ca:b2:3a:b3:21:f1:50:2f:03:f8:f8:89:
                    0b:98:6b:1f:74:f6:c0:c3:1e:3c:92:07:60:ff:51:
                    5a:44:82:dd:f6:21:98:06:9f:40:6a:1b:1d:42:6e:
                    d9:94:93:ec:05:0d:3e:33:2c:f9:db:06:61:15:66:
                    19:1f:e6:41:c8:3a:15:86:de:e7:8b:b4:15:95:9d:
                    e5:17:61:1f:f6:22:64:86:54:e8:8d:20:06:af:77:
                    77:5b:ee:44:c0:ba:d1:43:78:43:d7:b8:9b:8f:09:
                    2f:f5:34:40:8f:cd:d8:85:cf:b7:8a:14:8b:32:75:
                    76:8f:0a:31:bf:5c:81:f1:2d:fd:b0:8f:41:68:01:
                    d3:fc:1e:1c:59:8e:48:0c:7c:92:eb:38:d1:a3:81:
                    28:52:06:ba:53:32:fe:cf:e3:c7:15:3a:bd:31:24:
                    3a:08:fe:cb:1b:ea:d3:54:ec:38:3e:04:46:d7:88:
                    b6:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:FF:7A:E3:81:9C:57:BA:74:23:58:15:39:20:E9:39:CD:3D:83:D7
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/0_9644GcV7p0I1gVOSDpOc09g9c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:65:90:5b:cd:e7:73:71:71:22:48:61:6d:70:b2:ad:81:14:
         12:b4:1a:26:75:b3:13:43:f8:76:d1:1c:73:84:e5:b3:9f:8f:
         e2:82:ed:f3:de:ea:e3:a5:73:28:83:50:be:7f:3f:4e:2f:6a:
         1d:d3:f6:ba:e6:c8:22:47:3c:f2:ee:90:b5:9b:dc:1a:71:18:
         0c:62:4d:cd:71:06:b4:cd:75:e5:e2:61:cf:c3:4b:c9:d3:d3:
         af:66:a9:aa:3c:a2:49:b3:04:dc:03:90:17:4a:5a:a1:db:4b:
         0c:37:bf:de:cb:a3:b1:b1:dc:bb:13:3b:a2:75:61:9e:59:37:
         9a:4f:78:da:4b:d4:b5:c6:90:fc:53:2a:9d:22:e9:ad:24:28:
         2d:f2:8d:c3:78:59:bc:69:b1:d4:b0:25:a9:ca:ac:92:7c:ef:
         a4:64:0c:a4:8b:55:53:c0:93:bf:74:f8:e3:fb:0e:14:c8:7f:
         0e:b5:f0:6a:a7:de:54:1a:8a:ae:95:ab:95:ee:06:38:d9:1d:
         0a:e9:99:8d:9c:32:91:5a:6f:a5:36:10:2d:5a:30:50:5c:85:
         2c:5a:de:13:60:98:9b:ee:10:df:cd:a4:48:4d:07:11:1b:0c:
         3c:ff:68:70:ce:30:d1:b3:09:84:eb:c9:05:cd:1f:6a:32:99:
         f1:cd:08:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLtxLaWtKp86mEp7KV0UNLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjIwODMwMDgwMTA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2ZmN2FlMzgxOWM1N2JhNzQyMzU4MTUzOTIwZTkzOWNkM2Q4M2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyStAeMISCOWtOMn1axXCtq/FETS
PmhL5EqvaNcfm+0imLD766WHIVR78wVomnn4GqHtl62L791cVP8+dUl5Ey4oXJgn
KCZC87iGIHrKsjqzIfFQLwP4+IkLmGsfdPbAwx48kgdg/1FaRILd9iGYBp9Aahsd
Qm7ZlJPsBQ0+Myz52wZhFWYZH+ZByDoVht7ni7QVlZ3lF2Ef9iJkhlTojSAGr3d3
W+5EwLrRQ3hD17ibjwkv9TRAj83Yhc+3ihSLMnV2jwoxv1yB8S39sI9BaAHT/B4c
WY5IDHyS6zjRo4EoUga6UzL+z+PHFTq9MSQ6CP7LG+rTVOw4PgRG14i2OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNP/euOBnFe6dCNYFTkg6TnNPYPXMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvMF85NjQ0R2NWN3AwSTFnVk9TRHBPYzA5ZzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+QMMA0G
CSqGSIb3DQEBCwUAA4IBAQB7ZZBbzedzcXEiSGFtcLKtgRQStBomdbMTQ/h20Rxz
hOWzn4/igu3z3urjpXMog1C+fz9OL2od0/a65sgiRzzy7pC1m9wacRgMYk3NcQa0
zXXl4mHPw0vJ09OvZqmqPKJJswTcA5AXSlqh20sMN7/ey6Oxsdy7EzuidWGeWTea
T3jaS9S1xpD8UyqdIumtJCgt8o3DeFm8abHUsCWpyqySfO+kZAyki1VTwJO/dPjj
+w4UyH8OtfBqp95UGoqulauV7gY42R0K6ZmNnDKRWm+lNhAtWjBQXIUsWt4TYJib
7hDfzaRITQcRGww8/2hwzjDRswmE68kFzR9qMpnxzQjY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org