Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/ATnTXf9sPkL9AKwGYOcbNSLyQ5o.roa
File:                     ATnTXf9sPkL9AKwGYOcbNSLyQ5o.roa (raw, json)
Hash identifier:          96Jbb7TomRjjoPbSvPqKjV3I0CsS0gMvdQ83cFymfDA=
Subject key identifier:   01:39:D3:5D:FF:6C:3E:42:FD:00:AC:06:60:E7:1B:35:22:F2:43:9A
Certificate issuer:       /CN=769a0ed13591d4b84ca79a8eb577226076651a14
Certificate serial:       01856274CC7BA169413291D4E1F6EB42811F
Authority key identifier: 76:9A:0E:D1:35:91:D4:B8:4C:A7:9A:8E:B5:77:22:60:76:65:1A:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dpoO0TWR1LhMp5qOtXciYHZlGhQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/ATnTXf9sPkL9AKwGYOcbNSLyQ5o.roa
Signing time:             Fri 30 Dec 2022 09:54:59 +0000
ROA not before:           Fri 30 Dec 2022 09:54:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56743
IP address blocks:        91.223.179.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:62:74:cc:7b:a1:69:41:32:91:d4:e1:f6:eb:42:81:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=769a0ed13591d4b84ca79a8eb577226076651a14
        Validity
            Not Before: Dec 30 09:54:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0139d35dff6c3e42fd00ac0660e71b3522f2439a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ff:24:72:8c:db:f2:30:49:9b:1b:ba:1d:b7:
                    e6:38:93:b0:f1:ca:a3:9e:53:86:55:f0:d3:a6:b2:
                    f0:0a:c4:84:82:84:f7:e4:3a:11:aa:6f:bc:ad:84:
                    89:cb:85:90:e3:db:d2:30:03:80:fe:84:32:8f:11:
                    a8:81:05:11:6c:f4:f8:3b:a9:d7:f4:28:7c:f5:a2:
                    f7:94:12:ad:82:9a:08:d3:b5:39:4d:62:eb:23:6f:
                    f0:27:77:85:70:b4:f5:72:a1:3a:e9:95:01:bb:f2:
                    2a:1a:ea:53:fa:99:b7:6a:e4:be:9f:d5:53:f4:c2:
                    bc:c7:49:87:34:29:4a:62:92:ba:0f:b8:5f:53:58:
                    b5:59:e3:72:c3:7e:04:7d:9e:a5:13:d4:71:10:d2:
                    a0:b9:87:0a:90:f7:19:de:2d:ac:98:1c:65:17:7a:
                    da:75:fd:1d:d8:94:dc:03:f4:37:42:53:7a:8a:41:
                    d5:b0:78:08:73:cc:5f:ec:22:96:d2:04:93:d5:bc:
                    e0:7f:a0:f1:0d:9a:8b:e5:0f:8b:b1:58:b5:64:dd:
                    bd:ba:30:d3:8a:8b:2b:a0:e8:27:fc:fd:92:e8:78:
                    31:a4:a0:d8:c0:71:47:86:36:d3:16:be:b0:d3:96:
                    c1:23:e8:06:f5:ad:0a:1e:7d:76:25:55:db:61:58:
                    54:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:39:D3:5D:FF:6C:3E:42:FD:00:AC:06:60:E7:1B:35:22:F2:43:9A
            X509v3 Authority Key Identifier:
                keyid:76:9A:0E:D1:35:91:D4:B8:4C:A7:9A:8E:B5:77:22:60:76:65:1A:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dpoO0TWR1LhMp5qOtXciYHZlGhQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/ATnTXf9sPkL9AKwGYOcbNSLyQ5o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:23:2f:9e:3a:c5:77:b1:22:87:59:28:31:c1:0e:33:c8:69:
         04:7d:57:19:a3:6d:cc:b6:4f:5f:a4:50:15:f4:3b:d5:33:da:
         fe:9a:8b:7e:21:ce:b4:e4:20:0f:39:74:b9:15:e8:39:f2:86:
         23:ab:d9:a9:36:31:b0:f3:82:af:43:03:bf:a8:26:a4:d7:23:
         7e:67:d5:d4:a9:37:7b:71:ae:a0:65:df:1a:39:51:78:05:35:
         5e:dc:fb:66:9d:f3:0f:a8:30:ce:a3:b4:2d:aa:93:ca:b3:3d:
         a2:fd:47:b8:19:25:5d:b9:11:ca:cf:1f:da:8e:ad:25:4e:c2:
         3f:1e:2c:32:cf:be:41:8e:e0:0a:d3:23:82:7e:a6:bc:68:24:
         cb:be:d2:b4:a5:a0:e4:07:12:a3:e5:fe:bb:5c:98:bd:03:f0:
         f5:a2:80:7e:2e:90:fd:28:13:d4:30:34:cc:94:4e:26:43:29:
         4c:91:f3:e2:26:25:fc:86:99:2e:79:f9:9c:83:a0:67:43:e7:
         8e:fa:85:7d:f2:4f:f8:85:69:39:62:60:15:c4:ce:ce:ba:73:
         1f:cb:24:eb:b5:93:c1:d5:7c:ca:4c:4e:38:ca:f1:97:f2:bc:
         6e:df:83:8f:5e:13:96:6b:4c:56:f9:5f:03:e8:e8:f0:ad:1a:
         e4:85:e1:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVidMx7oWlBMpHU4fbrQoEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OWEwZWQxMzU5MWQ0Yjg0Y2E3OWE4ZWI1NzcyMjYwNzY2
NTFhMTQwHhcNMjIxMjMwMDk1NDU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTM5ZDM1ZGZmNmMzZTQyZmQwMGFjMDY2MGU3MWIzNTIyZjI0MzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/8kcozb8jBJmxu6HbfmOJOw8cqj
nlOGVfDTprLwCsSEgoT35DoRqm+8rYSJy4WQ49vSMAOA/oQyjxGogQURbPT4O6nX
9Ch89aL3lBKtgpoI07U5TWLrI2/wJ3eFcLT1cqE66ZUBu/IqGupT+pm3auS+n9VT
9MK8x0mHNClKYpK6D7hfU1i1WeNyw34EfZ6lE9RxENKguYcKkPcZ3i2smBxlF3ra
df0d2JTcA/Q3QlN6ikHVsHgIc8xf7CKW0gST1bzgf6DxDZqL5Q+LsVi1ZN29ujDT
iosroOgn/P2S6HgxpKDYwHFHhjbTFr6w05bBI+gG9a0KHn12JVXbYVhUCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAE5013/bD5C/QCsBmDnGzUi8kOaMB8GA1UdIwQY
MBaAFHaaDtE1kdS4TKeajrV3ImB2ZRoUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHBvTzBUV1IxTGhNcDVxT3RYY2lZSFpsR2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni82OGMwMDgtNjlkMy00MzZmLWFkMzMt
MmRiZTc4NTQyMmY4LzEvQVRuVFhmOXNQa0w5QUt3R1lPY2JOU0x5UTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni82OGMwMDgtNjlkMy00MzZmLWFkMzMtMmRiZTc4NTQyMmY4
LzEvZHBvTzBUV1IxTGhNcDVxT3RYY2lZSFpsR2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+zMA0G
CSqGSIb3DQEBCwUAA4IBAQBGIy+eOsV3sSKHWSgxwQ4zyGkEfVcZo23Mtk9fpFAV
9DvVM9r+mot+Ic605CAPOXS5Feg58oYjq9mpNjGw84KvQwO/qCak1yN+Z9XUqTd7
ca6gZd8aOVF4BTVe3PtmnfMPqDDOo7QtqpPKsz2i/Ue4GSVduRHKzx/ajq0lTsI/
Hiwyz75BjuAK0yOCfqa8aCTLvtK0paDkBxKj5f67XJi9A/D1ooB+LpD9KBPUMDTM
lE4mQylMkfPiJiX8hpkuefmcg6BnQ+eO+oV98k/4hWk5YmAVxM7OunMfyyTrtZPB
1XzKTE44yvGX8rxu34OPXhOWa0xW+V8D6OjwrRrkheHI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:10 2024 by rpki-client on console-ams.rpki-client.org