Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/62d33d-9df4-417e-aa30-dcbdf71ff347/1/Dr7cUQwbyzHWPjfkMJcJdxGgAm4.roa
File:                     Dr7cUQwbyzHWPjfkMJcJdxGgAm4.roa (raw, json)
Hash identifier:          BG73GHa7okcrfvf7fiFGjZY62qscjpPaLKlXbxX8KWY=
Subject key identifier:   0E:BE:DC:51:0C:1B:CB:31:D6:3E:37:E4:30:97:09:77:11:A0:02:6E
Certificate issuer:       /CN=eb4c5acd6fa1e6a91129ac424057a877558e8052
Certificate serial:       0184C8589BC81AAFFD24D558D95AD0D5C8D2
Authority key identifier: EB:4C:5A:CD:6F:A1:E6:A9:11:29:AC:42:40:57:A8:77:55:8E:80:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/60xazW-h5qkRKaxCQFeod1WOgFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/62d33d-9df4-417e-aa30-dcbdf71ff347/1/Dr7cUQwbyzHWPjfkMJcJdxGgAm4.roa
Signing time:             Wed 30 Nov 2022 11:42:40 +0000
ROA not before:           Wed 30 Nov 2022 11:42:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197928
IP address blocks:        91.229.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c8:58:9b:c8:1a:af:fd:24:d5:58:d9:5a:d0:d5:c8:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb4c5acd6fa1e6a91129ac424057a877558e8052
        Validity
            Not Before: Nov 30 11:42:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0ebedc510c1bcb31d63e37e43097097711a0026e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:af:a9:55:4a:67:c2:4b:c0:8a:ae:75:48:09:
                    01:b4:23:df:6d:33:8f:d0:d4:40:d8:5e:41:2e:7b:
                    c7:3a:9e:bd:a3:c0:3d:ff:be:42:74:ea:8b:5e:c3:
                    5b:48:83:9f:c6:0c:41:15:b4:43:7b:2c:32:44:68:
                    bb:83:96:58:fe:9d:f7:e2:e3:d5:f4:72:cb:15:e9:
                    b5:c2:ad:bf:64:65:38:53:61:bc:63:5c:a6:5a:a8:
                    8e:0b:4c:bc:7a:d3:12:e0:4a:9c:c0:17:eb:94:13:
                    29:24:3c:b5:9b:26:ea:3b:b3:d2:fd:40:1e:fe:98:
                    b3:d2:85:8d:99:9f:d8:68:b3:a0:4a:a0:94:98:b5:
                    25:4b:85:8b:8a:d0:6c:62:38:6e:66:62:c3:00:ff:
                    0b:2f:9e:b6:41:14:7e:d1:63:7f:7e:7e:5b:3d:a9:
                    87:37:31:b2:25:3f:9d:b3:57:a5:42:dd:c9:fc:47:
                    da:dc:94:51:2c:ce:28:61:16:a8:46:2d:65:21:57:
                    3d:3c:fc:72:81:3d:8b:11:06:13:97:75:a3:34:65:
                    6f:55:8b:54:6f:4b:6c:72:7a:9e:96:53:76:0e:87:
                    59:35:18:04:e7:cf:d8:10:f4:2d:cc:ab:cf:18:4b:
                    45:06:6c:f0:b0:22:27:28:1c:84:be:1b:9e:7b:18:
                    9e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:BE:DC:51:0C:1B:CB:31:D6:3E:37:E4:30:97:09:77:11:A0:02:6E
            X509v3 Authority Key Identifier:
                keyid:EB:4C:5A:CD:6F:A1:E6:A9:11:29:AC:42:40:57:A8:77:55:8E:80:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/60xazW-h5qkRKaxCQFeod1WOgFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/62d33d-9df4-417e-aa30-dcbdf71ff347/1/Dr7cUQwbyzHWPjfkMJcJdxGgAm4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/62d33d-9df4-417e-aa30-dcbdf71ff347/1/60xazW-h5qkRKaxCQFeod1WOgFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.229.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:f1:7f:a5:e9:91:b2:d5:d4:52:ab:35:5f:88:24:16:ee:d3:
         c6:5c:ba:59:0c:08:ff:3c:86:ff:42:4f:1d:49:3f:93:0d:23:
         b5:b3:27:d5:86:d0:a6:00:2c:83:77:ba:1a:a9:ae:23:22:fc:
         12:99:af:1b:47:dd:9e:20:cd:27:8b:7c:02:8d:e6:6c:f8:97:
         40:15:d4:49:9b:2a:27:75:13:c8:f0:f9:29:cb:dd:95:a0:7f:
         bf:33:3a:91:20:65:ac:b2:12:b2:34:a5:f0:53:3c:8d:94:a9:
         5d:15:54:80:bc:7b:b8:6b:c7:40:77:a4:43:12:81:25:aa:c5:
         96:49:96:08:e6:51:c3:c9:00:e6:bc:d8:33:33:bc:2c:18:f8:
         9b:1c:67:9c:63:e2:66:a9:a1:4b:b0:6a:58:a0:e6:56:e8:3b:
         72:3b:71:7c:2e:4b:3e:70:af:63:ac:0b:ed:3a:a3:f1:ad:2f:
         9c:5d:2e:c8:62:f9:c5:26:ad:12:b3:f0:d8:8f:29:94:d7:9d:
         eb:5d:cd:43:87:dc:46:aa:b6:09:77:0f:d8:a1:eb:10:f8:55:
         51:93:4a:c2:a0:99:27:04:c6:d6:92:d5:ab:27:35:2a:c3:c5:
         5c:eb:95:d3:b3:be:55:ec:01:93:91:4e:ed:97:0c:f3:24:13:
         1d:c3:59:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTIWJvIGq/9JNVY2VrQ1cjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNGM1YWNkNmZhMWU2YTkxMTI5YWM0MjQwNTdhODc3NTU4
ZTgwNTIwHhcNMjIxMTMwMTE0MjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWJlZGM1MTBjMWJjYjMxZDYzZTM3ZTQzMDk3MDk3NzExYTAwMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq+pVUpnwkvAiq51SAkBtCPfbTOP
0NRA2F5BLnvHOp69o8A9/75CdOqLXsNbSIOfxgxBFbRDeywyRGi7g5ZY/p334uPV
9HLLFem1wq2/ZGU4U2G8Y1ymWqiOC0y8etMS4EqcwBfrlBMpJDy1mybqO7PS/UAe
/piz0oWNmZ/YaLOgSqCUmLUlS4WLitBsYjhuZmLDAP8LL562QRR+0WN/fn5bPamH
NzGyJT+ds1elQt3J/Efa3JRRLM4oYRaoRi1lIVc9PPxygT2LEQYTl3WjNGVvVYtU
b0tscnqellN2DodZNRgE58/YEPQtzKvPGEtFBmzwsCInKByEvhueexiexwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA6+3FEMG8sx1j435DCXCXcRoAJuMB8GA1UdIwQY
MBaAFOtMWs1voeapESmsQkBXqHdVjoBSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjB4YXpXLWg1cWtSS2F4Q1FGZW9kMVdPZ0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi82MmQzM2QtOWRmNC00MTdlLWFhMzAt
ZGNiZGY3MWZmMzQ3LzEvRHI3Y1VRd2J5ekhXUGpma01KY0pkeEdnQW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi82MmQzM2QtOWRmNC00MTdlLWFhMzAtZGNiZGY3MWZmMzQ3
LzEvNjB4YXpXLWg1cWtSS2F4Q1FGZW9kMVdPZ0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+XuMA0G
CSqGSIb3DQEBCwUAA4IBAQCe8X+l6ZGy1dRSqzVfiCQW7tPGXLpZDAj/PIb/Qk8d
ST+TDSO1syfVhtCmACyDd7oaqa4jIvwSma8bR92eIM0ni3wCjeZs+JdAFdRJmyon
dRPI8Pkpy92VoH+/MzqRIGWsshKyNKXwUzyNlKldFVSAvHu4a8dAd6RDEoElqsWW
SZYI5lHDyQDmvNgzM7wsGPibHGecY+JmqaFLsGpYoOZW6DtyO3F8Lks+cK9jrAvt
OqPxrS+cXS7IYvnFJq0Ss/DYjymU153rXc1Dh9xGqrYJdw/YoesQ+FVRk0rCoJkn
BMbWktWrJzUqw8Vc65XTs75V7AGTkU7tlwzzJBMdw1lq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:42 2024 by rpki-client on console-fra.rpki-client.org