Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/5H9sGWupOrVo7ozBSq7hg5rwkn4.roa
File:                     5H9sGWupOrVo7ozBSq7hg5rwkn4.roa (raw, json)
Hash identifier:          A4SS/HGmZ1J+ICzwu/B9Wjw/K+V0Lz2P0FQfPqDBHVE=
Subject key identifier:   E4:7F:6C:19:6B:A9:3A:B5:68:EE:8C:C1:4A:AE:E1:83:9A:F0:92:7E
Certificate issuer:       /CN=f4f7ab4587e69022e5e2bc24107b501d031c3720
Certificate serial:       081D9BD4
Authority key identifier: F4:F7:AB:45:87:E6:90:22:E5:E2:BC:24:10:7B:50:1D:03:1C:37:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9PerRYfmkCLl4rwkEHtQHQMcNyA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/5H9sGWupOrVo7ozBSq7hg5rwkn4.roa
Signing time:             Sat 01 Jan 2022 14:05:42 +0000
ROA not before:           Sat 01 Jan 2022 14:05:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203397
IP address blocks:        91.226.85.0/24 maxlen: 24
                          91.226.84.0/22 maxlen: 22
                          91.226.84.0/24 maxlen: 24
                          91.226.87.0/24 maxlen: 24
                          91.226.86.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136158164 (0x81d9bd4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4f7ab4587e69022e5e2bc24107b501d031c3720
        Validity
            Not Before: Jan  1 14:05:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e47f6c196ba93ab568ee8cc14aaee1839af0927e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:30:be:43:bb:01:69:62:96:ba:af:bc:22:97:
                    e7:27:5e:d1:ee:97:b7:df:20:bd:d1:6e:dc:fb:25:
                    b3:2d:77:0b:73:3c:50:2f:ec:41:d7:7d:d0:dc:eb:
                    a0:09:e1:27:d3:ba:99:9b:f5:69:8d:0f:db:00:61:
                    f8:39:6b:ba:78:b5:e7:78:b0:16:d2:bd:18:d9:35:
                    ed:f8:ef:86:58:27:cf:76:d7:3a:6c:d3:50:37:03:
                    a9:a2:16:e6:a8:09:ea:29:3f:34:da:51:9b:64:ca:
                    b0:6e:60:c4:67:67:65:95:56:d8:cc:ee:61:2a:b2:
                    93:83:ea:7f:f4:06:d7:7c:31:42:79:b7:7a:4d:4a:
                    ef:56:3c:6a:16:12:de:b7:dd:1c:7d:75:8b:70:2b:
                    75:ca:db:cb:02:ef:20:3a:01:7b:68:1c:13:d6:08:
                    70:e6:d0:67:c8:8b:5d:59:13:54:b5:68:73:c4:c2:
                    82:52:db:fd:b4:da:89:77:16:1b:11:7e:4f:a1:25:
                    70:22:0f:21:d7:f3:3c:c4:75:a4:79:71:7d:a4:2b:
                    a9:a1:c0:fb:b2:ae:20:8d:2d:8a:00:3c:5b:3f:99:
                    11:60:59:4a:ca:7d:6f:ec:76:8c:f1:6d:d2:12:cb:
                    9a:8d:92:7d:ea:5a:af:df:12:8c:30:03:13:4c:2e:
                    87:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:7F:6C:19:6B:A9:3A:B5:68:EE:8C:C1:4A:AE:E1:83:9A:F0:92:7E
            X509v3 Authority Key Identifier:
                keyid:F4:F7:AB:45:87:E6:90:22:E5:E2:BC:24:10:7B:50:1D:03:1C:37:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PerRYfmkCLl4rwkEHtQHQMcNyA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/5H9sGWupOrVo7ozBSq7hg5rwkn4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/77f4f0-b833-47b7-a3c7-ef710ec7b2fe/1/9PerRYfmkCLl4rwkEHtQHQMcNyA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.226.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:e1:6e:ee:53:08:30:c0:bc:d6:7e:b4:9e:8d:96:7f:34:87:
         e5:9f:42:ee:f9:a9:c9:65:65:43:24:5f:5f:15:99:a0:9b:e7:
         91:d4:05:86:c7:c0:44:28:6d:15:37:64:30:3c:89:fc:8c:c1:
         99:7c:ce:2f:e9:26:c5:53:ba:ed:99:11:be:89:e2:47:d6:e4:
         bd:88:38:b5:cc:2e:2f:d3:2a:4b:58:7a:5d:e5:ef:c8:06:fe:
         a4:3a:1a:b5:64:2d:fd:87:b2:f9:4b:3e:36:dd:e1:2b:7c:e0:
         f8:fc:61:9d:ac:ac:13:e2:b4:18:4a:06:54:e7:79:b5:7b:b8:
         51:40:aa:09:9d:b0:4e:47:63:33:da:4f:e5:bf:05:3d:f7:89:
         37:2b:91:50:70:a7:f8:d7:e8:81:1e:e1:66:53:e9:a7:bf:d2:
         c6:b4:22:89:3f:b6:3a:ec:5c:62:d5:54:14:34:4b:ea:99:85:
         bf:42:25:81:26:d7:81:c3:64:92:c2:8d:99:a6:75:39:08:41:
         51:d2:3d:6e:9f:54:9b:63:43:fa:5b:55:97:a4:9a:f2:9b:0e:
         75:cc:73:fb:38:be:f8:5d:80:df:d6:83:0b:14:97:2c:47:91:
         26:bf:58:ee:38:42:4d:50:68:0f:5a:b7:fd:e7:4b:45:03:34:
         be:90:fb:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECB2b1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGY3YWI0NTg3ZTY5MDIyZTVlMmJjMjQxMDdiNTAxZDAzMWMzNzIwMB4XDTIyMDEw
MTE0MDU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ3ZjZjMTk2YmE5
M2FiNTY4ZWU4Y2MxNGFhZWUxODM5YWYwOTI3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcwvkO7AWlilrqvvCKX5yde0e6Xt98gvdFu3Pslsy13C3M8
UC/sQdd90NzroAnhJ9O6mZv1aY0P2wBh+Dlruni153iwFtK9GNk17fjvhlgnz3bX
OmzTUDcDqaIW5qgJ6ik/NNpRm2TKsG5gxGdnZZVW2MzuYSqyk4Pqf/QG13wxQnm3
ek1K71Y8ahYS3rfdHH11i3ArdcrbywLvIDoBe2gcE9YIcObQZ8iLXVkTVLVoc8TC
glLb/bTaiXcWGxF+T6ElcCIPIdfzPMR1pHlxfaQrqaHA+7KuII0tigA8Wz+ZEWBZ
Ssp9b+x2jPFt0hLLmo2Sfepar98SjDADE0wuhysCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTkf2wZa6k6tWjujMFKruGDmvCSfjAfBgNVHSMEGDAWgBT096tFh+aQIuXi
vCQQe1AdAxw3IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlQZXJSWWZta0NMbDRyd2tFSHRRSFFNY055QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvNzdmNGYwLWI4MzMtNDdiNy1hM2M3LWVmNzEwZWM3YjJmZS8x
LzVIOXNHV3VwT3JWbzdvekJTcTdoZzVyd2tuNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
NzdmNGYwLWI4MzMtNDdiNy1hM2M3LWVmNzEwZWM3YjJmZS8xLzlQZXJSWWZta0NM
bDRyd2tFSHRRSFFNY055QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlviVDANBgkqhkiG9w0BAQsFAAOC
AQEAKOFu7lMIMMC81n60no2WfzSH5Z9C7vmpyWVlQyRfXxWZoJvnkdQFhsfARCht
FTdkMDyJ/IzBmXzOL+kmxVO67ZkRvoniR9bkvYg4tcwuL9MqS1h6XeXvyAb+pDoa
tWQt/Yey+Us+Nt3hK3zg+PxhnaysE+K0GEoGVOd5tXu4UUCqCZ2wTkdjM9pP5b8F
PfeJNyuRUHCn+NfogR7hZlPpp7/SxrQiiT+2OuxcYtVUFDRL6pmFv0IlgSbXgcNk
ksKNmaZ1OQhBUdI9bp9Um2ND+ltVl6Sa8psOdcxz+zi++F2A39aDCxSXLEeRJr9Y
7jhCTVBoD1q3/edLRQM0vpD7qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:54 2024 by rpki-client on console-ams.rpki-client.org