Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/1_9ucCRZCrps4oxZmq04jyb2DW8.roa
File:                     1_9ucCRZCrps4oxZmq04jyb2DW8.roa (raw, json)
Hash identifier:          2fDUo4M3I50nEfmMS5xhdax9j/xynhOFlOx7RVr3xjY=
Subject key identifier:   D7:FF:6E:70:24:59:0A:BA:6C:E2:8C:59:9A:AD:38:8F:26:F6:0D:6F
Certificate issuer:       /CN=86c4112efc9bed84761d3678b87c483948d2a72f
Certificate serial:       03DDEF86
Authority key identifier: 86:C4:11:2E:FC:9B:ED:84:76:1D:36:78:B8:7C:48:39:48:D2:A7:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/1_9ucCRZCrps4oxZmq04jyb2DW8.roa
Signing time:             Sat 01 Jan 2022 06:56:16 +0000
ROA not before:           Sat 01 Jan 2022 06:56:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43773
IP address blocks:        91.225.137.0/24 maxlen: 24
                          91.225.136.0/24 maxlen: 24
                          91.225.139.0/24 maxlen: 24
                          91.225.138.0/24 maxlen: 24
                          91.200.42.0/24 maxlen: 24
                          91.200.41.0/24 maxlen: 24
                          91.200.40.0/24 maxlen: 24
                          91.200.43.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64876422 (0x3ddef86)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86c4112efc9bed84761d3678b87c483948d2a72f
        Validity
            Not Before: Jan  1 06:56:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d7ff6e7024590aba6ce28c599aad388f26f60d6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b3:a9:0c:0d:25:af:1e:4e:60:90:37:7b:08:
                    0f:58:2e:f1:f4:b3:7e:f9:ac:29:ad:06:80:f7:5f:
                    c9:ad:a2:cd:b9:64:ae:9a:cd:c8:3b:8c:11:d0:dd:
                    6d:48:2f:61:67:84:48:ce:1a:6f:9b:c0:45:ad:9e:
                    ab:40:c1:c7:77:e2:95:f3:32:8e:50:4e:33:b1:c2:
                    62:a8:1a:4b:29:c0:d6:6d:d4:5c:1b:5d:27:b7:df:
                    8c:5c:da:9a:ee:f4:54:67:da:0f:5e:b2:17:84:c0:
                    cf:f3:f3:48:f2:09:66:65:f1:58:99:6a:ff:48:15:
                    ba:a7:c6:b8:9a:3e:0d:cd:97:0d:5e:e4:69:c8:88:
                    7d:7c:5b:23:cb:1a:e9:e3:9b:dc:97:65:fc:59:6c:
                    b0:e6:fd:fc:db:e4:aa:f4:a8:82:c1:1f:6f:b9:24:
                    79:42:d4:08:58:14:7c:a7:6c:72:cc:b4:20:7e:62:
                    9e:78:71:ec:a3:ea:30:2f:1e:3d:9a:18:9a:e6:94:
                    8e:51:bc:8e:c9:a0:40:b5:8b:d6:e9:34:4e:6f:43:
                    5a:a8:7b:77:18:73:2f:38:be:c6:b7:d1:46:63:6c:
                    cf:1a:39:80:e6:52:22:63:3f:de:d1:23:f7:17:54:
                    c1:0b:ad:da:50:bf:64:0f:8d:e8:93:fd:84:fe:9f:
                    11:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:FF:6E:70:24:59:0A:BA:6C:E2:8C:59:9A:AD:38:8F:26:F6:0D:6F
            X509v3 Authority Key Identifier:
                keyid:86:C4:11:2E:FC:9B:ED:84:76:1D:36:78:B8:7C:48:39:48:D2:A7:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/1_9ucCRZCrps4oxZmq04jyb2DW8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.200.40.0/22
                  91.225.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:3e:d8:da:4a:30:a5:bd:99:1a:c2:c6:c1:03:9b:91:d4:d1:
         e1:ff:41:13:68:8a:9b:c6:cc:07:54:dd:f9:a9:45:5c:ba:ad:
         d5:b6:85:21:48:bc:ac:e2:16:78:c2:c3:74:76:ec:d7:62:43:
         8b:10:64:8f:d6:e7:a2:7e:cc:2d:32:db:4a:cd:8c:ad:c7:ef:
         fa:f6:45:ce:86:91:79:55:3b:c2:c9:f8:ea:3f:b3:11:70:54:
         b1:34:28:00:a4:03:46:c7:fa:79:18:51:fe:08:d4:98:9f:91:
         5b:ec:9b:db:53:b8:23:5e:ea:83:f6:69:81:89:5c:2c:86:8a:
         fc:4d:a6:b2:d7:cc:a9:7e:e4:c9:c9:c7:4e:11:ee:ba:bf:46:
         99:a1:99:41:a7:ec:17:08:61:d7:10:96:01:c5:2f:6b:26:21:
         e6:4d:0d:ab:3e:8c:1c:c4:12:c6:a1:4f:d2:4b:f8:ed:13:45:
         8f:85:39:f6:25:77:2d:b8:63:a3:73:82:15:11:d9:25:34:cc:
         0e:98:0c:7c:55:d4:f3:2d:e6:26:dd:91:52:4d:e7:a3:78:71:
         49:43:54:88:03:8d:fe:36:37:86:c6:2a:6f:df:fb:5f:94:a6:
         5f:bc:a6:0a:ed:62:b8:d7:c6:92:76:32:68:50:b7:04:02:71:
         eb:b4:fb:db
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA93vhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmM0MTEyZWZjOWJlZDg0NzYxZDM2NzhiODdjNDgzOTQ4ZDJhNzJmMB4XDTIyMDEw
MTA2NTYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDdmZjZlNzAyNDU5
MGFiYTZjZTI4YzU5OWFhZDM4OGYyNmY2MGQ2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGzqQwNJa8eTmCQN3sID1gu8fSzfvmsKa0GgPdfya2izblk
rprNyDuMEdDdbUgvYWeESM4ab5vARa2eq0DBx3filfMyjlBOM7HCYqgaSynA1m3U
XBtdJ7ffjFzamu70VGfaD16yF4TAz/PzSPIJZmXxWJlq/0gVuqfGuJo+Dc2XDV7k
aciIfXxbI8sa6eOb3Jdl/FlssOb9/NvkqvSogsEfb7kkeULUCFgUfKdscsy0IH5i
nnhx7KPqMC8ePZoYmuaUjlG8jsmgQLWL1uk0Tm9DWqh7dxhzLzi+xrfRRmNszxo5
gOZSImM/3tEj9xdUwQut2lC/ZA+N6JP9hP6fEXMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTX/25wJFkKumzijFmarTiPJvYNbzAfBgNVHSMEGDAWgBSGxBEu/JvthHYd
Nni4fEg5SNKnLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hzUVJMdnliN1lSMkhUWjR1SHhJT1VqU3B5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvNDVlYmRhLWMyYzctNGMyNy05NWQ0LTAwYjk2ZDc0ZDhiMC8x
LzFfOXVjQ1JaQ3JwczRveFptcTA0anliMkRXOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
NDVlYmRhLWMyYzctNGMyNy05NWQ0LTAwYjk2ZDc0ZDhiMC8xL2hzUVJMdnliN1lS
MkhUWjR1SHhJT1VqU3B5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvIKAMEAlvhiDANBgkqhkiG9w0B
AQsFAAOCAQEAIj7Y2kowpb2ZGsLGwQObkdTR4f9BE2iKm8bMB1Td+alFXLqt1baF
IUi8rOIWeMLDdHbs12JDixBkj9bnon7MLTLbSs2Mrcfv+vZFzoaReVU7wsn46j+z
EXBUsTQoAKQDRsf6eRhR/gjUmJ+RW+yb21O4I17qg/ZpgYlcLIaK/E2mstfMqX7k
ycnHThHuur9GmaGZQafsFwhh1xCWAcUvayYh5k0Nqz6MHMQSxqFP0kv47RNFj4U5
9iV3Lbhjo3OCFRHZJTTMDpgMfFXU8y3mJt2RUk3no3hxSUNUiAON/jY3hsYqb9/7
X5SmX7ymCu1iuNfGknYyaFC3BAJx67T72w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:22 2024 by rpki-client on console-ams.rpki-client.org