Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/uZdGaOLidkdv5KqwthosOveNyjM.roa
File:                     uZdGaOLidkdv5KqwthosOveNyjM.roa (raw, json)
Hash identifier:          AEuwB7DPJ6LlBwai6dPOM1dT4qfSVPot8jvHJFcmkHc=
Subject key identifier:   B9:97:46:68:E2:E2:76:47:6F:E4:AA:B0:B6:1A:2C:3A:F7:8D:CA:33
Certificate issuer:       /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial:       018332EB137E9A102CEE857101D24AFDB0F2
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/uZdGaOLidkdv5KqwthosOveNyjM.roa
Signing time:             Mon 12 Sep 2022 18:16:50 +0000
ROA not before:           Mon 12 Sep 2022 18:16:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        91.243.179.0/24 maxlen: 24
                          193.46.81.0/24 maxlen: 24
                          93.114.62.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:32:eb:13:7e:9a:10:2c:ee:85:71:01:d2:4a:fd:b0:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
        Validity
            Not Before: Sep 12 18:16:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b9974668e2e276476fe4aab0b61a2c3af78dca33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ca:27:ce:40:85:ca:d2:36:f8:83:15:13:39:
                    c3:1a:12:2f:14:d2:81:59:3b:7a:dc:a7:b5:76:6c:
                    09:eb:72:45:fd:ff:a8:12:03:9c:25:89:9a:9a:80:
                    2f:2c:b0:05:97:ea:07:a0:f6:0f:81:c3:b4:25:2e:
                    db:64:2c:4c:90:3b:0d:41:5c:f3:de:ba:fb:27:23:
                    99:ae:70:26:d2:49:1b:ff:2b:2d:1b:8b:76:11:be:
                    17:3a:07:83:a3:6c:24:2a:db:e5:fe:56:ed:a9:9e:
                    36:35:80:2f:25:19:20:a2:36:1d:eb:41:94:b8:32:
                    78:40:22:5b:fd:ef:98:83:fd:62:82:3f:2d:83:ad:
                    d6:ed:58:c4:00:87:e7:d9:27:cc:b9:e6:82:37:56:
                    19:bb:99:3e:11:fb:72:61:35:c3:96:30:66:8c:5f:
                    e6:3a:33:bd:2e:cd:3a:d7:ef:45:1d:e9:c6:8b:27:
                    a8:60:12:9e:99:a9:fc:bb:1d:e4:95:90:eb:81:1b:
                    ae:f6:43:26:66:61:38:8c:3f:0e:a5:98:f2:82:cd:
                    d7:87:3a:54:02:e5:fa:4d:ea:47:07:b3:67:5a:7e:
                    dc:85:a1:03:8c:78:4c:b6:dc:82:27:46:44:24:7d:
                    23:83:c7:ad:2b:c3:e0:69:b8:94:d6:d0:7a:c5:62:
                    23:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:97:46:68:E2:E2:76:47:6F:E4:AA:B0:B6:1A:2C:3A:F7:8D:CA:33
            X509v3 Authority Key Identifier:
                keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/uZdGaOLidkdv5KqwthosOveNyjM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.243.179.0/24
                  93.114.62.0/24
                  193.46.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:93:60:e2:29:da:fb:3f:69:ef:ca:a8:b9:de:f3:85:c6:1a:
         06:9f:54:cc:fe:7c:cf:ca:f4:b1:45:d8:20:cd:e7:30:80:d1:
         57:c4:4e:60:7c:a5:7e:60:f3:2d:80:96:7e:c4:ca:07:8a:e5:
         4e:e6:4b:cd:7c:d5:17:f3:db:bf:22:b8:90:66:ce:b3:3d:71:
         20:d6:65:5d:06:77:33:ae:8c:ff:6b:58:83:89:26:ae:8f:26:
         ab:b5:4e:ae:3a:98:68:4d:6f:61:f9:25:45:15:54:d2:e2:df:
         c0:60:96:91:9b:9b:44:0e:c6:37:15:aa:af:34:c7:15:73:58:
         87:5d:cb:0f:92:3f:8e:5f:22:71:3f:6e:ba:07:ba:bd:ff:dc:
         ad:61:a4:7d:aa:ed:d4:f4:a4:12:d9:45:b0:0d:48:28:01:f5:
         91:e5:f3:fe:16:b9:15:5d:5b:ff:e7:9e:04:d6:d7:cc:d4:fc:
         b4:b9:06:13:18:cc:eb:82:72:ff:3e:7f:a8:88:00:08:37:68:
         11:51:d4:cc:fe:04:e9:66:09:2a:12:e0:53:a0:40:29:9a:29:
         2c:85:7e:6e:a3:df:aa:8f:d7:c4:5c:03:95:89:bd:e6:37:d0:
         2d:ce:66:14:f3:88:64:36:17:3c:65:53:b2:dc:68:3f:d2:db:
         a4:ab:c3:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMy6xN+mhAs7oVxAdJK/bDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjIwOTEyMTgxNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTk3NDY2OGUyZTI3NjQ3NmZlNGFhYjBiNjFhMmMzYWY3OGRjYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuconzkCFytI2+IMVEznDGhIvFNKB
WTt63Ke1dmwJ63JF/f+oEgOcJYmamoAvLLAFl+oHoPYPgcO0JS7bZCxMkDsNQVzz
3rr7JyOZrnAm0kkb/ystG4t2Eb4XOgeDo2wkKtvl/lbtqZ42NYAvJRkgojYd60GU
uDJ4QCJb/e+Yg/1igj8tg63W7VjEAIfn2SfMueaCN1YZu5k+EftyYTXDljBmjF/m
OjO9Ls061+9FHenGiyeoYBKeman8ux3klZDrgRuu9kMmZmE4jD8OpZjygs3XhzpU
AuX6TepHB7NnWn7chaEDjHhMttyCJ0ZEJH0jg8etK8PgabiU1tB6xWIj0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLmXRmji4nZHb+SqsLYaLDr3jcozMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvdVpkR2FPTGlka2R2NUtxd3Rob3NPdmVOeWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/OzAwQA
XXI+AwQAwS5RMA0GCSqGSIb3DQEBCwUAA4IBAQBhk2DiKdr7P2nvyqi53vOFxhoG
n1TM/nzPyvSxRdggzecwgNFXxE5gfKV+YPMtgJZ+xMoHiuVO5kvNfNUX89u/IriQ
Zs6zPXEg1mVdBnczroz/a1iDiSaujyartU6uOphoTW9h+SVFFVTS4t/AYJaRm5tE
DsY3FaqvNMcVc1iHXcsPkj+OXyJxP266B7q9/9ytYaR9qu3U9KQS2UWwDUgoAfWR
5fP+FrkVXVv/554E1tfM1Py0uQYTGMzrgnL/Pn+oiAAIN2gRUdTM/gTpZgkqEuBT
oEApmikshX5uo9+qj9fEXAOVib3mN9AtzmYU84hkNhc8ZVOy3Gg/0tukq8PS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:55 2024 by rpki-client on console-fra.rpki-client.org