Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/dxaDMnRYiTIsdkcPbJet-A4YDeU.roa
File:                     dxaDMnRYiTIsdkcPbJet-A4YDeU.roa (raw, json)
Hash identifier:          o6Guz7vRHGygX3DnlSBnNl9b8s2kOdN9fiqoDNpdCmM=
Subject key identifier:   77:16:83:32:74:58:89:32:2C:76:47:0F:6C:97:AD:F8:0E:18:0D:E5
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       066CADA5
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/dxaDMnRYiTIsdkcPbJet-A4YDeU.roa
Signing time:             Tue 05 Apr 2022 08:40:35 +0000
ROA not before:           Tue 05 Apr 2022 08:40:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        91.228.12.0/24 maxlen: 24
                          94.154.36.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107785637 (0x66cada5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Apr  5 08:40:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=77168332745889322c76470f6c97adf80e180de5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:99:6d:e9:b6:56:35:3f:a4:32:08:b0:b2:67:
                    c4:9d:04:3c:7b:c5:58:69:22:96:6b:ad:4a:88:6b:
                    ee:e9:4d:39:ba:d9:d8:44:d4:93:a9:61:5e:63:7b:
                    8e:6c:ef:b8:33:db:3e:4c:86:ec:60:2e:ca:14:ab:
                    a8:43:78:46:0f:52:61:7a:cc:c6:55:36:7c:7d:06:
                    e8:9c:e4:b1:dd:36:d0:da:fb:3b:6e:b5:35:33:34:
                    98:b4:ea:61:4f:98:38:06:3c:53:9e:4d:c7:2d:89:
                    4a:59:cf:7d:5d:4d:7a:63:b1:04:52:f0:ac:51:9e:
                    aa:60:3d:d6:87:89:a4:c6:f4:07:9c:de:37:eb:d2:
                    ad:0d:1a:0b:78:87:1d:27:ad:4b:b4:da:2e:7a:18:
                    d2:5c:ab:fa:bf:d9:89:37:a8:48:29:36:f2:dd:fd:
                    67:64:ab:d7:93:95:fd:d6:81:c5:81:4a:14:85:9b:
                    e6:ac:f7:34:76:2a:ce:32:cb:68:cc:25:99:0e:62:
                    61:c7:24:ef:24:59:e4:40:51:3c:db:cc:2b:f0:c8:
                    69:72:2a:5b:77:f9:b6:c3:83:c0:c5:99:d1:ad:b3:
                    f1:72:aa:2a:c3:b3:10:95:88:93:0d:ec:b3:78:54:
                    b7:d3:2c:ec:85:c0:92:4a:5b:44:e3:9a:20:79:01:
                    b8:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:16:83:32:74:58:89:32:2C:76:47:0F:6C:97:AD:F8:0E:18:0D:E5
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/dxaDMnRYiTIsdkcPbJet-A4YDeU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.12.0/24
                  94.154.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:5d:95:2d:4a:2e:5f:81:56:f9:f5:f0:d0:e6:c9:4e:42:54:
         e5:a4:35:e4:f0:94:e3:d6:53:4b:7b:e7:5b:cc:9d:e4:0c:a8:
         54:a1:d1:a4:76:10:aa:f2:e6:3a:84:b6:b2:25:79:09:03:7b:
         e7:a7:2a:dc:34:d2:a1:39:74:a1:5b:a5:df:77:35:d0:e5:1f:
         4c:79:c5:c8:dc:40:c5:8a:e2:de:1b:e7:1a:16:23:27:07:30:
         bb:22:a9:ca:f4:8b:a5:58:70:47:a7:e7:04:21:8a:03:74:eb:
         bd:43:1c:b9:03:3c:54:70:5d:82:ae:c8:4f:65:35:71:5f:55:
         dc:c0:27:90:48:4d:7b:7a:45:1c:f5:9f:a2:ec:2e:6c:11:32:
         8e:e1:98:90:8c:64:15:46:31:5a:7d:7e:71:62:bd:7e:00:e0:
         19:33:9a:bf:ad:52:44:7e:5f:8d:33:2e:86:02:24:a0:d7:92:
         50:de:d5:4f:09:57:6e:3f:cc:d6:fd:1d:32:b6:61:5b:29:73:
         42:18:ca:63:6f:e9:dc:f9:a8:d9:55:9f:03:a1:99:ce:a1:65:
         78:e3:04:52:1b:92:e3:ee:13:71:bb:87:62:b7:0d:a3:60:dd:
         ea:a6:2c:87:8e:d2:5e:fa:b3:ec:7b:93:a5:9e:10:9c:16:01:
         e5:fa:ad:45
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBmytpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2NmMzg4NGI3ODAwN2EyNWRiZTJlMmNlZjBjYzczYjY5OTIxZjg4MB4XDTIyMDQw
NTA4NDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzcxNjgzMzI3NDU4
ODkzMjJjNzY0NzBmNmM5N2FkZjgwZTE4MGRlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKZbem2VjU/pDIIsLJnxJ0EPHvFWGkilmutSohr7ulNObrZ
2ETUk6lhXmN7jmzvuDPbPkyG7GAuyhSrqEN4Rg9SYXrMxlU2fH0G6Jzksd020Nr7
O261NTM0mLTqYU+YOAY8U55Nxy2JSlnPfV1NemOxBFLwrFGeqmA91oeJpMb0B5ze
N+vSrQ0aC3iHHSetS7TaLnoY0lyr+r/ZiTeoSCk28t39Z2Sr15OV/daBxYFKFIWb
5qz3NHYqzjLLaMwlmQ5iYcck7yRZ5EBRPNvMK/DIaXIqW3f5tsODwMWZ0a2z8XKq
KsOzEJWIkw3ss3hUt9Ms7IXAkkpbROOaIHkBuDkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR3FoMydFiJMix2Rw9sl634DhgN5TAfBgNVHSMEGDAWgBTnzziEt4AHol2+
LizvDMc7aZIfiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU4ODRoTGVBQjZKZHZpNHM3d3pITzJtU0g0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNGU3YmM3LTI2MGUtNDdlNi04Mzg4LWExODRmMzU1NmU0My8x
L2R4YURNblJZaVRJc2RrY1BiSmV0LUE0WURlVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NGU3YmM3LTI2MGUtNDdlNi04Mzg4LWExODRmMzU1NmU0My8xLzU4ODRoTGVBQjZK
ZHZpNHM3d3pITzJtU0g0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvkDAMEAF6aJDANBgkqhkiG9w0B
AQsFAAOCAQEAJ12VLUouX4FW+fXw0ObJTkJU5aQ15PCU49ZTS3vnW8yd5AyoVKHR
pHYQqvLmOoS2siV5CQN756cq3DTSoTl0oVul33c10OUfTHnFyNxAxYri3hvnGhYj
JwcwuyKpyvSLpVhwR6fnBCGKA3TrvUMcuQM8VHBdgq7IT2U1cV9V3MAnkEhNe3pF
HPWfouwubBEyjuGYkIxkFUYxWn1+cWK9fgDgGTOav61SRH5fjTMuhgIkoNeSUN7V
TwlXbj/M1v0dMrZhWylzQhjKY2/p3Pmo2VWfA6GZzqFleOMEUhuS4+4TcbuHYrcN
o2Dd6qYsh47SXvqz7HuTpZ4QnBYB5fqtRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:26 2024 by rpki-client on console-ams.rpki-client.org