Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/G9eHGXhydUvLNWtaIo3AeeYFUEk.roa
File:                     G9eHGXhydUvLNWtaIo3AeeYFUEk.roa (raw, json)
Hash identifier:          /zry7SgbgqFGCdGljRU/HHQjt0uZa4iiDBe/7hZJDik=
Subject key identifier:   1B:D7:87:19:78:72:75:4B:CB:35:6B:5A:22:8D:C0:79:E6:05:50:49
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       05E70EA6
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/G9eHGXhydUvLNWtaIo3AeeYFUEk.roa
Signing time:             Sat 12 Feb 2022 22:16:31 +0000
ROA not before:           Sat 12 Feb 2022 22:16:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62206
IP address blocks:        91.228.15.0/24 maxlen: 24
                          91.228.14.0/24 maxlen: 24
                          91.228.13.0/24 maxlen: 24
                          91.228.12.0/24 maxlen: 24
                          94.154.38.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99028646 (0x5e70ea6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Feb 12 22:16:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1bd787197872754bcb356b5a228dc079e6055049
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9f:f0:e0:b4:22:e5:7e:cc:ca:88:b4:97:04:
                    5e:5a:4e:84:21:16:c1:b8:7b:b6:0a:f3:cc:ab:8b:
                    7d:76:71:52:95:ba:7c:d3:a3:9c:b6:f5:88:56:1f:
                    f6:c9:8a:90:00:ec:91:a1:1d:20:eb:5f:f9:36:68:
                    ee:06:a2:31:b8:2f:ae:48:3e:62:b3:ea:8c:6d:e3:
                    c6:69:06:19:44:e6:fd:81:0d:17:27:2e:c7:0b:9a:
                    70:f8:25:39:09:f3:4d:78:0e:3f:c5:83:d5:d3:6b:
                    1f:27:70:9f:c4:eb:06:26:19:cb:5f:d8:8b:6a:18:
                    64:30:b4:e6:84:fa:de:61:e7:67:71:5e:b0:e5:0e:
                    a1:4f:5d:45:a4:92:f9:02:df:77:04:df:67:1b:d1:
                    fe:19:4c:c0:80:e3:37:42:c1:9a:0a:a9:f8:5d:2a:
                    3d:4e:22:39:1a:0e:1f:f6:97:ca:48:b1:ff:d4:b9:
                    9f:f6:bd:1f:d4:eb:ef:c1:7d:99:a4:99:99:df:85:
                    11:82:47:fa:84:b8:98:15:a8:8f:b2:4f:06:bd:25:
                    da:d0:6c:8e:61:d8:df:b9:b5:44:4c:b9:e4:30:2b:
                    4e:73:5d:d3:44:b8:8c:ba:c4:e3:f5:51:37:93:07:
                    80:b6:b3:09:b1:85:a3:e9:a9:79:30:e6:6c:b9:38:
                    c6:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:D7:87:19:78:72:75:4B:CB:35:6B:5A:22:8D:C0:79:E6:05:50:49
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/G9eHGXhydUvLNWtaIo3AeeYFUEk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.12.0/22
                  94.154.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:ea:9e:d7:28:fe:62:d3:07:bf:ad:88:26:3f:ba:f9:cf:83:
         a6:20:4e:7e:b4:bc:24:d3:83:58:b2:ac:6f:59:6e:3d:df:f8:
         03:d1:fc:dc:c7:71:9d:c5:9e:a7:2b:37:f0:14:3d:fc:8f:67:
         a0:c0:af:f9:c9:dc:60:2b:7b:07:e6:b5:24:7e:b6:a9:7c:ac:
         99:48:7b:28:35:13:1f:05:d6:29:ba:27:b6:33:4e:05:69:0e:
         07:9c:e1:c1:a6:f0:d0:9c:39:b2:82:98:56:9d:22:a9:6f:d7:
         54:88:fb:4b:c2:4e:f8:91:4b:30:c9:e1:0f:cf:a4:44:a5:ca:
         05:12:23:4b:dd:3e:a2:c5:73:a9:9b:e7:e7:66:ec:da:f6:52:
         33:58:20:f3:03:eb:ca:15:e3:5c:9b:fc:c6:9a:35:84:ef:ab:
         fd:06:3d:7a:48:42:99:2b:ae:f9:ff:36:85:de:36:00:b0:99:
         bc:83:3e:e8:52:49:64:1f:87:10:fa:4b:ca:e1:6a:75:20:6d:
         f9:8a:be:3a:f5:00:b0:79:c2:0f:a3:89:21:a9:dd:22:52:14:
         7a:29:60:c2:e3:5f:a2:13:be:1d:90:59:c9:6c:01:c2:d3:77:
         57:3e:9f:6b:91:b9:f3:c8:c2:0e:ca:ff:b7:df:16:b5:f4:28:
         4c:24:e9:46
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBecOpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2NmMzg4NGI3ODAwN2EyNWRiZTJlMmNlZjBjYzczYjY5OTIxZjg4MB4XDTIyMDIx
MjIyMTYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJkNzg3MTk3ODcy
NzU0YmNiMzU2YjVhMjI4ZGMwNzllNjA1NTA0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOf8OC0IuV+zMqItJcEXlpOhCEWwbh7tgrzzKuLfXZxUpW6
fNOjnLb1iFYf9smKkADskaEdIOtf+TZo7gaiMbgvrkg+YrPqjG3jxmkGGUTm/YEN
FycuxwuacPglOQnzTXgOP8WD1dNrHydwn8TrBiYZy1/Yi2oYZDC05oT63mHnZ3Fe
sOUOoU9dRaSS+QLfdwTfZxvR/hlMwIDjN0LBmgqp+F0qPU4iORoOH/aXykix/9S5
n/a9H9Tr78F9maSZmd+FEYJH+oS4mBWoj7JPBr0l2tBsjmHY37m1REy55DArTnNd
00S4jLrE4/VRN5MHgLazCbGFo+mpeTDmbLk4xhECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQb14cZeHJ1S8s1a1oijcB55gVQSTAfBgNVHSMEGDAWgBTnzziEt4AHol2+
LizvDMc7aZIfiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU4ODRoTGVBQjZKZHZpNHM3d3pITzJtU0g0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNGU3YmM3LTI2MGUtNDdlNi04Mzg4LWExODRmMzU1NmU0My8x
L0c5ZUhHWGh5ZFV2TE5XdGFJbzNBZWVZRlVFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NGU3YmM3LTI2MGUtNDdlNi04Mzg4LWExODRmMzU1NmU0My8xLzU4ODRoTGVBQjZK
ZHZpNHM3d3pITzJtU0g0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvkDAMEAF6aJjANBgkqhkiG9w0B
AQsFAAOCAQEAreqe1yj+YtMHv62IJj+6+c+DpiBOfrS8JNODWLKsb1luPd/4A9H8
3MdxncWepys38BQ9/I9noMCv+cncYCt7B+a1JH62qXysmUh7KDUTHwXWKbontjNO
BWkOB5zhwabw0Jw5soKYVp0iqW/XVIj7S8JO+JFLMMnhD8+kRKXKBRIjS90+osVz
qZvn52bs2vZSM1gg8wPryhXjXJv8xpo1hO+r/QY9ekhCmSuu+f82hd42ALCZvIM+
6FJJZB+HEPpLyuFqdSBt+Yq+OvUAsHnCD6OJIandIlIUeilgwuNfohO+HZBZyWwB
wtN3Vz6fa5G588jCDsr/t98WtfQoTCTpRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org