Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4a05f0-7abb-4e1f-8c27-215cd570e409/1/OEbMxBASNYk6ESN1i9fbsP-2OAo.roa
File:                     OEbMxBASNYk6ESN1i9fbsP-2OAo.roa (raw, json)
Hash identifier:          exilRG9Re6cU10TUFYl8N5iLucmxV7iL238vJHAw6TU=
Subject key identifier:   38:46:CC:C4:10:12:35:89:3A:11:23:75:8B:D7:DB:B0:FF:B6:38:0A
Certificate issuer:       /CN=cea179e4f353ea9dcaf02f37a72b750ecfa1c354
Certificate serial:       5FADAD
Authority key identifier: CE:A1:79:E4:F3:53:EA:9D:CA:F0:2F:37:A7:2B:75:0E:CF:A1:C3:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zqF55PNT6p3K8C83pyt1Ds-hw1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/4a05f0-7abb-4e1f-8c27-215cd570e409/1/OEbMxBASNYk6ESN1i9fbsP-2OAo.roa
Signing time:             Sat 01 Jan 2022 01:51:37 +0000
ROA not before:           Sat 01 Jan 2022 01:51:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48666
IP address blocks:        91.223.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6270381 (0x5fadad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cea179e4f353ea9dcaf02f37a72b750ecfa1c354
        Validity
            Not Before: Jan  1 01:51:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3846ccc4101235893a1123758bd7dbb0ffb6380a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:7e:f4:a0:c4:3e:7f:50:90:5b:90:4c:9f:a8:
                    27:82:64:1e:9e:8a:ed:51:d9:95:13:52:6b:0a:3b:
                    80:d3:9d:ce:eb:63:4b:22:a3:a8:a7:4a:e2:cc:3b:
                    9f:4a:68:8c:07:79:96:4e:10:7a:45:21:7a:08:6d:
                    b4:a4:b8:94:e5:68:5c:91:58:0a:7f:96:0e:d3:2d:
                    c1:9d:ce:0d:2a:68:13:df:d3:50:05:cb:65:1f:dd:
                    b0:3b:5e:51:f7:41:53:2c:e3:ba:ad:8c:41:88:c2:
                    f6:d2:2a:c5:92:b6:36:52:b7:7c:02:32:1a:1b:48:
                    a3:99:89:c6:2e:fc:12:cf:86:03:40:cc:a9:b4:1d:
                    5b:b0:4e:fe:6b:80:1b:87:83:a6:62:f1:13:7b:80:
                    88:5a:6d:80:40:82:97:ca:b1:0c:fe:36:13:13:51:
                    cd:f0:ff:a8:5e:6a:18:e5:57:9c:56:02:e9:2d:4c:
                    6e:66:17:48:3b:a8:8b:1c:0c:ae:56:3c:06:70:3b:
                    db:f3:ca:6a:c5:2d:48:c1:a1:12:3c:10:77:08:b2:
                    ce:4d:3e:4a:d6:7e:45:16:a3:89:3f:b6:b6:bf:51:
                    15:4a:a9:ff:44:f2:bb:a7:12:91:c1:a6:ae:0d:f5:
                    e5:92:d1:a0:41:ca:dc:d9:23:70:a4:04:2e:ae:32:
                    1f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:46:CC:C4:10:12:35:89:3A:11:23:75:8B:D7:DB:B0:FF:B6:38:0A
            X509v3 Authority Key Identifier:
                keyid:CE:A1:79:E4:F3:53:EA:9D:CA:F0:2F:37:A7:2B:75:0E:CF:A1:C3:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zqF55PNT6p3K8C83pyt1Ds-hw1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4a05f0-7abb-4e1f-8c27-215cd570e409/1/OEbMxBASNYk6ESN1i9fbsP-2OAo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4a05f0-7abb-4e1f-8c27-215cd570e409/1/zqF55PNT6p3K8C83pyt1Ds-hw1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:52:2c:38:a2:a1:97:ef:19:6e:2a:d2:96:e5:55:16:74:a7:
         97:51:c1:62:e7:aa:91:4f:9c:bb:c8:2d:21:a3:1d:92:16:ec:
         1b:29:da:3f:8c:be:9c:50:88:b2:47:54:02:6c:28:2d:73:da:
         2c:cc:56:cc:b4:03:84:5c:17:f8:61:0e:bc:11:49:c6:9e:ea:
         2f:be:69:82:f2:6c:5f:90:39:b8:0c:14:39:79:58:5b:0e:46:
         5b:66:57:47:bc:ed:60:89:69:46:43:28:9f:38:bf:1d:08:88:
         69:58:12:72:25:92:8b:b9:80:2c:39:45:f6:3d:57:09:a6:9d:
         dd:56:e3:d6:1a:96:6c:ef:4e:7a:a9:86:08:2b:9f:29:2d:9f:
         4a:25:1e:3d:7e:c9:9d:2a:3a:9d:40:ed:1c:1f:92:01:3e:e2:
         88:94:a9:9c:d1:29:78:2e:33:e1:53:da:9c:32:ee:c1:cf:fd:
         8d:20:90:b9:08:75:9e:ac:bc:8b:86:f4:70:63:4b:01:11:09:
         28:5e:94:52:4c:53:2e:4e:d0:9b:0c:cb:fa:8d:50:44:6b:63:
         b4:a9:bf:65:d2:76:8c:87:a9:cd:4c:3e:39:c4:a4:e4:d5:cd:
         58:42:8a:a6:d7:eb:ce:b1:7c:d8:c5:c4:e8:57:0a:71:fc:e0:
         ef:8b:1e:a2
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDX62tMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
YTE3OWU0ZjM1M2VhOWRjYWYwMmYzN2E3MmI3NTBlY2ZhMWMzNTQwHhcNMjIwMTAx
MDE1MTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzODQ2Y2NjNDEwMTIz
NTg5M2ExMTIzNzU4YmQ3ZGJiMGZmYjYzODBhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAin70oMQ+f1CQW5BMn6gngmQenortUdmVE1JrCjuA053O62NL
IqOop0rizDufSmiMB3mWThB6RSF6CG20pLiU5WhckVgKf5YO0y3Bnc4NKmgT39NQ
BctlH92wO15R90FTLOO6rYxBiML20irFkrY2Urd8AjIaG0ijmYnGLvwSz4YDQMyp
tB1bsE7+a4Abh4OmYvETe4CIWm2AQIKXyrEM/jYTE1HN8P+oXmoY5VecVgLpLUxu
ZhdIO6iLHAyuVjwGcDvb88pqxS1IwaESPBB3CLLOTT5K1n5FFqOJP7a2v1EVSqn/
RPK7pxKRwaauDfXlktGgQcrc2SNwpAQurjIfPwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDhGzMQQEjWJOhEjdYvX27D/tjgKMB8GA1UdIwQYMBaAFM6heeTzU+qdyvAv
N6crdQ7PocNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
enFGNTVQTlQ2cDNLOEM4M3B5dDFEcy1odzFRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy80YTA1ZjAtN2FiYi00ZTFmLThjMjctMjE1Y2Q1NzBlNDA5LzEv
T0ViTXhCQVNOWWs2RVNOMWk5ZmJzUC0yT0FvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80
YTA1ZjAtN2FiYi00ZTFmLThjMjctMjE1Y2Q1NzBlNDA5LzEvenFGNTVQTlQ2cDNL
OEM4M3B5dDFEcy1odzFRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+QMA0GCSqGSIb3DQEBCwUAA4IB
AQBbUiw4oqGX7xluKtKW5VUWdKeXUcFi56qRT5y7yC0hox2SFuwbKdo/jL6cUIiy
R1QCbCgtc9oszFbMtAOEXBf4YQ68EUnGnuovvmmC8mxfkDm4DBQ5eVhbDkZbZldH
vO1giWlGQyifOL8dCIhpWBJyJZKLuYAsOUX2PVcJpp3dVuPWGpZs7056qYYIK58p
LZ9KJR49fsmdKjqdQO0cH5IBPuKIlKmc0Sl4LjPhU9qcMu7Bz/2NIJC5CHWerLyL
hvRwY0sBEQkoXpRSTFMuTtCbDMv6jVBEa2O0qb9l0naMh6nNTD45xKTk1c1YQoqm
1+vOsXzYxcToVwpx/ODvix6i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:13 2024 by rpki-client on console-fra.rpki-client.org