Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/9knD-f2LcItKmWZX6hJ3ZJa9_yI.roa
File:                     9knD-f2LcItKmWZX6hJ3ZJa9_yI.roa (raw, json)
Hash identifier:          haDC8bnLTjpa64n3YdE6J6yhTRB1ZxbcO46aTh1wQRI=
Subject key identifier:   F6:49:C3:F9:FD:8B:70:8B:4A:99:66:57:EA:12:77:64:96:BD:FF:22
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       05D146F5
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/9knD-f2LcItKmWZX6hJ3ZJa9_yI.roa
Signing time:             Fri 04 Feb 2022 09:58:58 +0000
ROA not before:           Fri 04 Feb 2022 09:58:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        91.228.14.0/24 maxlen: 24
                          94.154.38.0/24 maxlen: 24
                          94.154.37.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 97601269 (0x5d146f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Feb  4 09:58:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f649c3f9fd8b708b4a996657ea12776496bdff22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:3a:13:5c:22:a8:b2:d0:e7:7a:61:15:de:45:
                    5c:ef:9a:01:61:b5:0a:8a:cc:c7:a9:94:56:5d:da:
                    5a:e5:5d:e9:40:88:6b:86:b9:4e:6d:6b:fe:0a:b1:
                    c5:f1:ca:1a:70:65:72:72:12:df:31:15:97:40:7c:
                    f8:56:97:5e:6d:1e:2c:f2:f8:6d:03:3a:e1:8d:22:
                    73:aa:1a:a5:d5:3f:b3:b4:fc:6f:7e:7d:0e:88:fa:
                    b9:cd:a0:f7:e6:65:bd:21:d1:ab:10:59:2e:46:fc:
                    d1:44:05:06:98:de:02:10:1f:1e:1a:50:3b:2d:74:
                    ac:fa:38:49:72:8a:4d:1c:0f:75:ab:ae:17:3b:2b:
                    47:2c:ee:99:76:d3:4b:a1:1c:c8:c8:79:45:9a:1a:
                    3a:68:c6:ad:33:c5:0b:b2:46:7f:81:8e:eb:cb:fc:
                    77:a8:82:8f:ff:67:5f:5a:83:a5:1d:e7:38:c7:7e:
                    3a:79:36:ae:20:d2:2a:02:b8:3d:e0:bc:4d:a0:fb:
                    6a:ca:49:a7:b5:8c:5a:0e:40:e3:a5:19:34:b1:70:
                    52:58:41:9f:72:57:79:d6:a2:c2:47:71:1f:7c:ee:
                    f2:29:d1:52:b0:14:ba:fe:3b:a1:66:7e:74:61:af:
                    56:61:51:92:f5:26:cc:62:e3:96:82:6b:7f:90:db:
                    3b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:49:C3:F9:FD:8B:70:8B:4A:99:66:57:EA:12:77:64:96:BD:FF:22
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/9knD-f2LcItKmWZX6hJ3ZJa9_yI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.14.0/24
                  94.154.37.0-94.154.38.255

    Signature Algorithm: sha256WithRSAEncryption
         0f:65:87:63:b1:41:08:7b:dd:06:bf:73:9b:1d:c1:43:a0:e5:
         dd:01:28:f1:87:0f:63:e0:23:98:ed:8c:f1:c6:83:7e:57:c8:
         09:e4:cd:df:f5:91:51:ee:b1:63:27:0f:f0:e9:f8:2f:92:7e:
         60:97:1f:dd:bd:d6:1b:f8:43:21:d0:3d:4b:20:da:a0:5a:c9:
         9c:f7:ef:73:49:78:75:3e:27:a1:c0:bb:f1:4e:a9:d4:3c:64:
         21:46:5e:53:bc:d6:e2:8e:77:4e:a1:10:f4:fd:1a:45:35:8d:
         f8:5c:cc:d8:33:10:82:c5:ac:d9:b2:16:5c:23:f7:69:83:92:
         28:4a:5d:97:2d:bf:9d:33:70:fd:78:4e:68:07:e5:3b:cc:e3:
         4f:1c:8e:bb:2a:b5:ea:7b:36:ff:9d:b0:f5:0b:66:20:a6:38:
         47:39:de:39:d7:63:a7:37:e2:94:44:8f:dd:d2:58:11:46:fe:
         a4:57:c3:76:1f:a4:d4:8a:a6:5c:c3:6a:10:73:5b:d7:e9:3d:
         b3:2b:2f:02:73:5f:7e:22:aa:a1:62:68:ea:d6:01:45:d7:73:
         1d:72:f5:7f:4f:c5:c1:48:9b:79:75:c5:f7:07:78:c8:0b:48:
         79:a2:9a:2a:bf:35:0d:17:f6:30:e7:c6:29:10:75:da:0d:f9:
         84:76:67:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBdFG9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2NmMzg4NGI3ODAwN2EyNWRiZTJlMmNlZjBjYzczYjY5OTIxZjg4MB4XDTIyMDIw
NDA5NTg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjY0OWMzZjlmZDhi
NzA4YjRhOTk2NjU3ZWExMjc3NjQ5NmJkZmYyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI6E1wiqLLQ53phFd5FXO+aAWG1CorMx6mUVl3aWuVd6UCI
a4a5Tm1r/gqxxfHKGnBlcnIS3zEVl0B8+FaXXm0eLPL4bQM64Y0ic6oapdU/s7T8
b359Doj6uc2g9+ZlvSHRqxBZLkb80UQFBpjeAhAfHhpQOy10rPo4SXKKTRwPdauu
FzsrRyzumXbTS6EcyMh5RZoaOmjGrTPFC7JGf4GO68v8d6iCj/9nX1qDpR3nOMd+
Onk2riDSKgK4PeC8TaD7aspJp7WMWg5A46UZNLFwUlhBn3JXedaiwkdxH3zu8inR
UrAUuv47oWZ+dGGvVmFRkvUmzGLjloJrf5DbO5UCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBT2ScP5/Ytwi0qZZlfqEndklr3/IjAfBgNVHSMEGDAWgBTnzziEt4AHol2+
LizvDMc7aZIfiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU4ODRoTGVBQjZKZHZpNHM3d3pITzJtU0g0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNGU3YmM3LTI2MGUtNDdlNi04Mzg4LWExODRmMzU1NmU0My8x
LzlrbkQtZjJMY0l0S21XWlg2aEozWkphOV95SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NGU3YmM3LTI2MGUtNDdlNi04Mzg4LWExODRmMzU1NmU0My8xLzU4ODRoTGVBQjZK
ZHZpNHM3d3pITzJtU0g0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAFvkDjAMAwQAXpolAwQAXpomMA0G
CSqGSIb3DQEBCwUAA4IBAQAPZYdjsUEIe90Gv3ObHcFDoOXdASjxhw9j4COY7Yzx
xoN+V8gJ5M3f9ZFR7rFjJw/w6fgvkn5glx/dvdYb+EMh0D1LINqgWsmc9+9zSXh1
PiehwLvxTqnUPGQhRl5TvNbijndOoRD0/RpFNY34XMzYMxCCxazZshZcI/dpg5Io
Sl2XLb+dM3D9eE5oB+U7zONPHI67KrXqezb/nbD1C2YgpjhHOd4512OnN+KURI/d
0lgRRv6kV8N2H6TUiqZcw2oQc1vX6T2zKy8Cc19+IqqhYmjq1gFF13MdcvV/T8XB
SJt5dcX3B3jIC0h5opoqvzUNF/Yw58YpEHXaDfmEdme9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org