Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/rJ08jv2UoT4URPRwmsdUjTMtNSg.roa
File:                     rJ08jv2UoT4URPRwmsdUjTMtNSg.roa (raw, json)
Hash identifier:          cqPCxLwvsSYfUP1RT7EOjxTwEVmztepFpuKuizY/dcM=
Subject key identifier:   AC:9D:3C:8E:FD:94:A1:3E:14:44:F4:70:9A:C7:54:8D:33:2D:35:28
Certificate issuer:       /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
Certificate serial:       065C6D7E
Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/rJ08jv2UoT4URPRwmsdUjTMtNSg.roa
Signing time:             Sat 01 Jan 2022 08:03:41 +0000
ROA not before:           Sat 01 Jan 2022 08:03:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8283
IP address blocks:        91.208.34.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 106720638 (0x65c6d7e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
        Validity
            Not Before: Jan  1 08:03:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ac9d3c8efd94a13e1444f4709ac7548d332d3528
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:65:91:58:77:a4:8e:cb:9c:31:58:d5:67:30:
                    f1:e7:9d:7c:a4:2f:e6:50:22:71:02:6c:c9:8f:e2:
                    56:c7:e0:c7:e2:05:61:24:91:e3:18:64:82:1a:ff:
                    51:cc:d1:98:84:45:02:52:49:c1:b9:dd:c3:6a:48:
                    89:00:5f:f0:64:6e:6b:d7:8f:75:f0:d5:2b:4d:7f:
                    ee:57:12:e3:b0:08:4d:d4:62:4a:ad:fb:bb:4c:51:
                    9f:fc:ec:f6:c6:6d:fd:e7:43:2d:bf:5d:cd:98:14:
                    1e:9d:05:2a:86:d2:f2:93:e0:d5:5b:fe:ee:0e:55:
                    d3:ac:41:f2:d9:68:5b:69:59:d5:c8:25:d1:12:d2:
                    f8:20:1c:95:34:1a:bc:69:7d:1d:c0:c3:28:26:53:
                    06:5a:16:f8:d3:b8:e0:3d:cc:e5:56:6a:fb:93:b9:
                    2f:a0:7b:82:58:05:79:f8:09:51:29:9a:d9:3d:0a:
                    23:d2:5b:85:cd:a7:1f:d2:91:b5:8e:66:18:5e:a9:
                    bb:28:89:91:76:6b:8c:61:5e:ec:fa:7d:9c:87:d5:
                    0d:f9:bb:52:81:f1:af:f4:95:7b:e8:d9:75:80:6c:
                    f3:cb:ef:86:47:5c:3a:09:94:08:cd:44:36:c8:97:
                    01:53:40:8a:17:bb:90:d0:d1:21:34:d3:6b:0f:0a:
                    d2:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:9D:3C:8E:FD:94:A1:3E:14:44:F4:70:9A:C7:54:8D:33:2D:35:28
            X509v3 Authority Key Identifier:
                keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/rJ08jv2UoT4URPRwmsdUjTMtNSg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:89:c1:7b:18:22:02:c8:0f:a2:1f:11:b5:19:92:5c:b7:81:
         6e:87:e0:43:b4:f7:b3:74:ce:d5:56:b3:05:14:f6:b2:41:da:
         fa:be:ec:e9:91:f4:80:3d:22:75:ab:16:1d:30:d4:6c:92:6b:
         8b:99:17:b5:6a:93:48:63:76:81:65:ba:b8:e3:05:95:3a:b9:
         54:cc:9c:3b:9d:43:78:7a:6a:1a:7b:78:3b:99:f6:33:a2:13:
         f2:e7:55:6a:1d:fb:cc:70:f3:d5:91:23:d9:1d:ad:24:f2:64:
         ce:6e:15:ef:cc:8c:dc:96:c4:d7:ba:6c:9d:fa:f9:1d:37:b5:
         65:2e:25:55:54:74:ee:e3:c1:85:31:2b:ad:42:72:16:3c:bb:
         58:1e:29:ae:a3:5b:df:37:24:61:4b:2c:c5:1a:6c:de:50:75:
         27:d7:2b:0f:80:6e:d0:c1:45:d9:58:48:a2:97:a2:5d:1f:c5:
         ea:15:12:2a:c6:d9:00:9a:10:a7:87:4a:00:a4:4c:0f:52:ca:
         61:cc:e0:2c:e8:06:60:f1:d1:b5:0c:f4:8b:d3:5f:7e:a3:97:
         52:a6:5c:5f:b1:53:aa:57:67:f8:3e:2a:d1:d8:03:89:34:2e:
         76:c2:22:b5:e9:ad:77:88:0e:f3:54:7b:80:82:4c:6e:29:be:
         b0:7b:7f:26
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBlxtfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NWEwMTljYjU0ZDcwMGExYjFjNTBlOGY5MGViZWUyYTVlZWE1N2JiMB4XDTIyMDEw
MTA4MDM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM5ZDNjOGVmZDk0
YTEzZTE0NDRmNDcwOWFjNzU0OGQzMzJkMzUyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBlkVh3pI7LnDFY1Wcw8eedfKQv5lAicQJsyY/iVsfgx+IF
YSSR4xhkghr/UczRmIRFAlJJwbndw2pIiQBf8GRua9ePdfDVK01/7lcS47AITdRi
Sq37u0xRn/zs9sZt/edDLb9dzZgUHp0FKobS8pPg1Vv+7g5V06xB8tloW2lZ1cgl
0RLS+CAclTQavGl9HcDDKCZTBloW+NO44D3M5VZq+5O5L6B7glgFefgJUSma2T0K
I9Jbhc2nH9KRtY5mGF6puyiJkXZrjGFe7Pp9nIfVDfm7UoHxr/SVe+jZdYBs88vv
hkdcOgmUCM1ENsiXAVNAihe7kNDRITTTaw8K0oUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSsnTyO/ZShPhRE9HCax1SNMy01KDAfBgNVHSMEGDAWgBTFoBnLVNcAobHF
Do+Q6+4qXupXuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hhQVp5MVRYQUtHeHhRNlBrT3Z1S2w3cVY3cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvMjQzNGY4LTA1NjYtNDVmYy1iNzE0LTMxYTNlY2YxYmRiNi8x
L3JKMDhqdjJVb1Q0VVJQUndtc2RValRNdE5TZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
MjQzNGY4LTA1NjYtNDVmYy1iNzE0LTMxYTNlY2YxYmRiNi8xL3hhQVp5MVRYQUtH
eHhRNlBrT3Z1S2w3cVY3cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvQIjANBgkqhkiG9w0BAQsFAAOC
AQEAJInBexgiAsgPoh8RtRmSXLeBbofgQ7T3s3TO1VazBRT2skHa+r7s6ZH0gD0i
dasWHTDUbJJri5kXtWqTSGN2gWW6uOMFlTq5VMycO51DeHpqGnt4O5n2M6IT8udV
ah37zHDz1ZEj2R2tJPJkzm4V78yM3JbE17psnfr5HTe1ZS4lVVR07uPBhTErrUJy
Fjy7WB4prqNb3zckYUssxRps3lB1J9crD4Bu0MFF2VhIopeiXR/F6hUSKsbZAJoQ
p4dKAKRMD1LKYczgLOgGYPHRtQz0i9NffqOXUqZcX7FTqldn+D4q0dgDiTQudsIi
temtd4gO81R7gIJMbim+sHt/Jg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:32 2023 by rpki-client on console-ams.rpki-client.org