Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/0snk9i-B1WBqRKB22kvj0rwr7cs.roa
File:                     0snk9i-B1WBqRKB22kvj0rwr7cs.roa (raw, json)
Hash identifier:          ay+ulJYKnkogLQFIs1QJzdG35R4ufwRAmonOAxouugE=
Subject key identifier:   D2:C9:E4:F6:2F:81:D5:60:6A:44:A0:76:DA:4B:E3:D2:BC:2B:ED:CB
Certificate issuer:       /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial:       04E3B516
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/0snk9i-B1WBqRKB22kvj0rwr7cs.roa
Signing time:             Sat 01 Jan 2022 07:53:36 +0000
ROA not before:           Sat 01 Jan 2022 07:53:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14537
IP address blocks:        91.206.144.0/23 maxlen: 24
                          193.28.159.0/24 maxlen: 24
                          91.223.161.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82031894 (0x4e3b516)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
        Validity
            Not Before: Jan  1 07:53:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d2c9e4f62f81d5606a44a076da4be3d2bc2bedcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:98:91:c7:90:d6:1a:f1:70:72:48:20:30:48:
                    32:ee:c8:5a:fe:b3:75:de:e4:c2:53:57:6b:1f:a9:
                    fa:52:5c:6e:39:76:3f:25:e8:03:cd:58:1c:fa:54:
                    2c:8e:46:98:d4:d8:cc:25:fb:fe:37:1b:94:4a:31:
                    af:6e:28:30:0e:ab:3d:8b:7d:be:65:fd:24:a8:22:
                    3a:f2:f6:77:17:b7:59:37:9a:d1:23:d9:ea:7a:a4:
                    03:4b:b3:7d:d3:64:ea:10:80:10:85:3b:3f:79:f7:
                    22:a3:cf:9e:60:80:b5:c2:28:e3:c8:9e:ea:c8:0d:
                    af:81:5c:2b:74:bc:fe:bb:03:5b:17:f7:bb:6a:03:
                    46:1e:d4:08:24:f1:26:6e:b7:d2:bc:67:46:c5:ec:
                    6c:d6:09:01:42:69:da:bd:95:59:81:f6:c9:b2:0c:
                    12:dc:29:2e:b3:e4:18:eb:0d:d2:4d:01:38:c7:8a:
                    2d:d0:3e:ce:05:16:d0:a6:ca:2f:db:79:55:37:88:
                    96:fb:f1:c7:e2:66:88:4b:27:86:44:39:b0:e2:f0:
                    12:e4:bb:aa:12:c6:05:eb:0f:47:61:e0:03:66:59:
                    ea:18:74:f0:67:e5:2a:19:c3:6b:5e:bf:77:97:4f:
                    a1:78:a0:b8:e8:db:f0:88:1c:08:6c:84:9e:35:49:
                    84:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:C9:E4:F6:2F:81:D5:60:6A:44:A0:76:DA:4B:E3:D2:BC:2B:ED:CB
            X509v3 Authority Key Identifier:
                keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/0snk9i-B1WBqRKB22kvj0rwr7cs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.144.0/23
                  91.223.161.0/24
                  193.28.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:78:72:67:5f:8d:28:7b:ef:08:84:86:cf:bc:49:30:1d:00:
         51:f9:9a:0c:63:3e:d2:ae:62:ed:45:e5:4a:75:a1:98:24:73:
         8a:86:2b:f1:2f:01:fe:55:89:36:f7:ed:9d:4f:17:d5:9a:e7:
         fc:0c:50:42:c2:44:40:0b:cc:90:ec:c8:47:34:31:8d:e2:40:
         9b:38:ef:c3:df:d5:90:9e:5d:3f:28:54:67:67:14:93:43:bb:
         78:72:d5:0c:e7:2a:d4:d0:7d:7d:32:56:08:fd:58:d6:d0:83:
         70:c5:b1:be:b0:a8:8b:12:be:47:97:b6:96:98:1f:b0:54:60:
         35:e1:cc:6d:23:93:cc:35:74:9d:0f:fd:29:8c:2f:5e:52:7e:
         b2:3c:e7:cd:55:81:3f:2f:d5:3a:6c:71:2a:cd:23:d2:55:e8:
         d9:ae:b1:1e:f6:5e:e4:de:3c:a6:97:c5:53:e8:3e:2c:94:44:
         21:0b:4e:0a:28:e6:b4:c5:28:a8:cc:3f:ff:95:58:b1:45:8e:
         b1:f6:f5:c9:8e:cf:8a:d4:70:12:54:3f:fa:2a:20:8f:a7:3f:
         40:a1:0b:6d:0c:89:09:0b:57:d8:62:00:32:10:56:f5:f4:74:
         83:a7:9c:a5:09:e6:b7:00:31:4c:ca:fd:24:ab:c8:f3:8d:c3:
         91:41:c4:5f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBOO1FjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NWIwYTg2NjU5ZWMzMTRmMTNhMDRlM2EwM2RiZGIxMjQ0YTBlMGE5MB4XDTIyMDEw
MTA3NTMzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJjOWU0ZjYyZjgx
ZDU2MDZhNDRhMDc2ZGE0YmUzZDJiYzJiZWRjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmYkceQ1hrxcHJIIDBIMu7IWv6zdd7kwlNXax+p+lJcbjl2
PyXoA81YHPpULI5GmNTYzCX7/jcblEoxr24oMA6rPYt9vmX9JKgiOvL2dxe3WTea
0SPZ6nqkA0uzfdNk6hCAEIU7P3n3IqPPnmCAtcIo48ie6sgNr4FcK3S8/rsDWxf3
u2oDRh7UCCTxJm630rxnRsXsbNYJAUJp2r2VWYH2ybIMEtwpLrPkGOsN0k0BOMeK
LdA+zgUW0KbKL9t5VTeIlvvxx+JmiEsnhkQ5sOLwEuS7qhLGBesPR2HgA2ZZ6hh0
8GflKhnDa16/d5dPoXiguOjb8IgcCGyEnjVJhEMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTSyeT2L4HVYGpEoHbaS+PSvCvtyzAfBgNVHSMEGDAWgBS1sKhmWewxTxOg
TjoD29sSRKDgqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RiQ29abG5zTVU4VG9FNDZBOXZiRWtTZzRLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvMDQ0NDAyLWM0ZDQtNDI1OS05M2UyLTdmYmY1ZWUyOTBhYy8x
LzBzbms5aS1CMVdCcVJLQjIya3ZqMHJ3cjdjcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
MDQ0NDAyLWM0ZDQtNDI1OS05M2UyLTdmYmY1ZWUyOTBhYy8xL3RiQ29abG5zTVU4
VG9FNDZBOXZiRWtTZzRLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVvOkAMEAFvfoQMEAMEcnzANBgkq
hkiG9w0BAQsFAAOCAQEAlXhyZ1+NKHvvCISGz7xJMB0AUfmaDGM+0q5i7UXlSnWh
mCRzioYr8S8B/lWJNvftnU8X1Zrn/AxQQsJEQAvMkOzIRzQxjeJAmzjvw9/VkJ5d
PyhUZ2cUk0O7eHLVDOcq1NB9fTJWCP1Y1tCDcMWxvrCoixK+R5e2lpgfsFRgNeHM
bSOTzDV0nQ/9KYwvXlJ+sjznzVWBPy/VOmxxKs0j0lXo2a6xHvZe5N48ppfFU+g+
LJREIQtOCijmtMUoqMw//5VYsUWOsfb1yY7PitRwElQ/+iogj6c/QKELbQyJCQtX
2GIAMhBW9fR0g6ecpQnmtwAxTMr9JKvI843DkUHEXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:09 2024 by rpki-client on console-ams.rpki-client.org