Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/b5Nj8zrPA3qNnIasB2TVQVn6-gI.roa
File:                     b5Nj8zrPA3qNnIasB2TVQVn6-gI.roa (raw, json)
Hash identifier:          Nwm7xZshfwn7/nVZ/RDrl+vCD9VhA35U9qRn9XY2tL0=
Subject key identifier:   6F:93:63:F3:3A:CF:03:7A:8D:9C:86:AC:07:64:D5:41:59:FA:FA:02
Certificate issuer:       /CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820
Certificate serial:       018253BB58C674338C71CE343A2B7D686E9E
Authority key identifier: D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/b5Nj8zrPA3qNnIasB2TVQVn6-gI.roa
Signing time:             Sun 31 Jul 2022 10:09:23 +0000
ROA not before:           Sun 31 Jul 2022 10:09:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57535
IP address blocks:        91.232.210.0/24 maxlen: 24
                          91.232.211.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:53:bb:58:c6:74:33:8c:71:ce:34:3a:2b:7d:68:6e:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820
        Validity
            Not Before: Jul 31 10:09:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6f9363f33acf037a8d9c86ac0764d54159fafa02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:91:7e:64:de:7f:c1:25:73:51:30:8c:97:00:
                    64:a8:82:7a:64:24:24:d8:c8:6e:28:d1:ae:22:45:
                    c5:ce:4e:5b:03:07:52:0b:6d:5a:bf:dd:a7:4a:62:
                    3f:d4:7b:8d:57:e8:fb:77:81:bc:30:5d:ef:28:5f:
                    c3:5e:bb:a5:fc:70:58:33:ae:88:86:32:ad:97:d8:
                    12:06:5e:8b:93:4d:4e:c4:80:86:90:70:e2:5f:85:
                    99:d7:eb:f6:15:13:7e:9d:c7:55:1c:eb:ab:cc:46:
                    3e:23:32:9a:72:45:2e:37:37:65:65:0b:5b:1b:1e:
                    96:7f:7d:48:1d:e4:c3:79:48:15:a3:8a:36:69:e8:
                    2c:99:83:88:86:a3:b5:1a:25:7c:cf:0c:06:a2:f3:
                    f8:71:2f:54:f0:eb:10:4a:f2:8b:75:eb:67:31:e0:
                    40:60:e8:16:b3:b3:10:2c:67:f6:1d:92:fe:04:58:
                    8a:9b:cd:94:ff:a6:91:15:8f:87:dd:34:15:b8:a0:
                    d5:35:61:7f:33:8c:00:c9:57:18:23:a9:c7:ee:af:
                    f6:32:2d:6d:8b:fe:2b:2c:18:00:d3:12:e6:a0:0c:
                    cb:26:1d:b3:a8:e7:76:74:a6:05:00:21:ec:4c:44:
                    98:dc:0f:f6:49:d1:ea:0f:60:a9:66:1c:40:d1:c7:
                    b8:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:93:63:F3:3A:CF:03:7A:8D:9C:86:AC:07:64:D5:41:59:FA:FA:02
            X509v3 Authority Key Identifier:
                keyid:D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/b5Nj8zrPA3qNnIasB2TVQVn6-gI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         02:9c:4b:d5:ae:d8:5e:b2:d3:42:ba:f9:21:a3:91:5e:d9:41:
         18:28:3b:e7:a1:f2:9e:54:f7:9d:41:49:bf:55:cf:1f:40:02:
         9f:b3:71:58:4d:f4:93:02:9f:fe:c5:1e:aa:63:9b:71:1d:5d:
         ae:04:9e:5e:4d:fa:38:25:df:ad:00:b7:05:4c:e2:53:aa:74:
         79:80:d0:cb:c4:aa:4f:68:0a:9a:ae:ee:d2:64:00:bb:57:a6:
         e3:a3:03:a1:d3:9d:e4:56:29:45:ca:a2:ea:b9:3e:50:ec:ef:
         98:a2:cb:d6:a7:1f:70:26:53:9c:fc:de:7b:1c:70:cb:59:4a:
         af:26:17:b3:9a:d1:e9:b1:ec:0b:07:4a:ca:ae:d6:57:f6:67:
         44:88:11:b3:21:a6:fd:e8:3f:22:86:f7:e6:16:83:79:bb:48:
         a2:87:8b:4b:98:7c:0c:6c:20:0b:03:a5:9f:15:d4:22:dc:ec:
         82:a1:24:44:b9:48:bc:80:17:e5:fe:89:6b:11:54:66:b8:25:
         b8:f7:83:b1:20:a7:93:0e:92:59:68:ce:8f:7b:50:bf:d9:01:
         79:31:e9:f0:26:ea:df:55:6f:e8:41:14:e8:a3:4e:7c:63:19:
         a3:da:66:45:64:59:d6:b4:e7:fd:9b:3a:25:06:85:3d:b4:a1:
         20:0b:d4:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJTu1jGdDOMcc40Oit9aG6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmY4N2Y1MmUzN2I3NjZlY2JmNGIzZjljYjI2NTU4ZGQz
MDg4MjAwHhcNMjIwNzMxMTAwOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjkzNjNmMzNhY2YwMzdhOGQ5Yzg2YWMwNzY0ZDU0MTU5ZmFmYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JF+ZN5/wSVzUTCMlwBkqIJ6ZCQk
2MhuKNGuIkXFzk5bAwdSC21av92nSmI/1HuNV+j7d4G8MF3vKF/DXrul/HBYM66I
hjKtl9gSBl6Lk01OxICGkHDiX4WZ1+v2FRN+ncdVHOurzEY+IzKackUuNzdlZQtb
Gx6Wf31IHeTDeUgVo4o2aegsmYOIhqO1GiV8zwwGovP4cS9U8OsQSvKLdetnMeBA
YOgWs7MQLGf2HZL+BFiKm82U/6aRFY+H3TQVuKDVNWF/M4wAyVcYI6nH7q/2Mi1t
i/4rLBgA0xLmoAzLJh2zqOd2dKYFACHsTESY3A/2SdHqD2CpZhxA0ce4wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+TY/M6zwN6jZyGrAdk1UFZ+voCMB8GA1UdIwQY
MBaAFNn/h/UuN7dm7L9LP5yyZVjdMIggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMt
MWU3MzAwY2NkYTM2LzEvYjVOajh6clBBM3FObklhc0IyVFZRVm42LWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMtMWU3MzAwY2NkYTM2
LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+jSMA0G
CSqGSIb3DQEBCwUAA4IBAQACnEvVrthestNCuvkho5Fe2UEYKDvnofKeVPedQUm/
Vc8fQAKfs3FYTfSTAp/+xR6qY5txHV2uBJ5eTfo4Jd+tALcFTOJTqnR5gNDLxKpP
aAqaru7SZAC7V6bjowOh053kVilFyqLquT5Q7O+YosvWpx9wJlOc/N57HHDLWUqv
JhezmtHpsewLB0rKrtZX9mdEiBGzIab96D8ihvfmFoN5u0iih4tLmHwMbCALA6Wf
FdQi3OyCoSREuUi8gBfl/olrEVRmuCW494OxIKeTDpJZaM6Pe1C/2QF5MenwJurf
VW/oQRToo058Yxmj2mZFZFnWtOf9mzolBoU9tKEgC9SL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:45 2024 by rpki-client on console-fra.rpki-client.org