Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/9ulfcho0xee37Kx3tbmXyi7K-70.roa
File:                     9ulfcho0xee37Kx3tbmXyi7K-70.roa (raw, json)
Hash identifier:          k52LE+LIDQbwLpaUK+671lmxxaftAV4PVoFjiHPOC0g=
Subject key identifier:   F6:E9:5F:72:1A:34:C5:E7:B7:EC:AC:77:B5:B9:97:CA:2E:CA:FB:BD
Certificate issuer:       /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial:       018225DA0C07F18EBE905CE0F43CAF155C34
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/9ulfcho0xee37Kx3tbmXyi7K-70.roa
Signing time:             Fri 22 Jul 2022 12:20:23 +0000
ROA not before:           Fri 22 Jul 2022 12:20:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47856
IP address blocks:        91.206.144.0/23 maxlen: 24
                          193.28.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:25:da:0c:07:f1:8e:be:90:5c:e0:f4:3c:af:15:5c:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
        Validity
            Not Before: Jul 22 12:20:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f6e95f721a34c5e7b7ecac77b5b997ca2ecafbbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:74:67:ad:32:f1:13:9d:32:54:be:a8:a5:01:
                    9f:7b:18:ac:d1:0a:48:56:5f:b4:9b:55:d1:9f:05:
                    16:15:0e:35:c1:12:ff:e3:3a:5d:6c:3b:89:25:b7:
                    ea:36:f5:d1:26:33:ac:9f:c3:c3:ae:a2:9a:73:6f:
                    32:41:f4:4b:3d:32:ca:00:ab:15:83:28:b9:77:0c:
                    30:e1:23:2e:91:2c:83:69:af:89:4a:f4:02:23:63:
                    f1:da:8d:65:ef:bb:2c:83:36:2f:3a:db:fd:68:68:
                    ab:7d:bf:73:0e:10:46:da:26:5d:b2:7d:6a:22:46:
                    52:08:78:5e:19:cb:76:d5:bf:06:b0:40:32:7c:7d:
                    2f:67:95:b8:27:46:bd:7f:2e:8d:20:ed:5f:e5:15:
                    3e:c3:65:a3:7a:e3:ce:dc:49:64:e2:79:26:3c:29:
                    d0:77:d7:61:94:55:75:ad:01:2a:70:ca:18:1b:1c:
                    23:17:fc:8f:a5:af:a0:46:0a:d9:a0:71:38:c6:3f:
                    2d:db:57:af:1a:0e:ce:ed:2b:b3:4d:95:ef:40:20:
                    b3:b4:4d:0f:7c:14:f0:50:71:3e:66:43:b4:4e:f4:
                    d4:37:23:0c:f5:fe:af:e0:eb:ef:a0:8f:3d:e0:fa:
                    d5:f1:a4:1e:25:0b:25:dc:e2:96:4e:cb:b6:07:47:
                    91:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:E9:5F:72:1A:34:C5:E7:B7:EC:AC:77:B5:B9:97:CA:2E:CA:FB:BD
            X509v3 Authority Key Identifier:
                keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/9ulfcho0xee37Kx3tbmXyi7K-70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.144.0/23
                  193.28.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:30:39:df:3a:66:80:f7:ae:9e:ed:04:42:53:e1:38:b2:eb:
         26:8b:9b:09:90:67:b7:f3:61:ec:e2:07:62:58:83:3b:30:29:
         74:90:15:3a:57:ec:0b:59:b5:6f:fd:9b:32:6b:0b:5a:36:0c:
         17:a0:64:f4:3d:fd:04:68:cf:e7:9f:ae:ca:42:26:93:e2:4f:
         ee:06:20:cb:1a:f6:98:3b:c4:d6:e9:5b:53:df:04:59:36:4b:
         eb:20:7b:aa:25:da:c7:c3:35:2d:38:6b:da:58:0d:ac:15:8f:
         87:68:98:5e:60:18:76:aa:f1:f3:10:7e:e7:6c:20:d7:fd:53:
         3c:71:b8:01:22:10:6c:1b:f9:de:c8:01:68:6e:a7:d3:0f:92:
         98:0f:65:db:fd:e5:f2:af:9a:40:fc:67:f1:b5:e8:ab:43:3e:
         fa:25:87:66:b6:01:25:d9:e7:65:31:f6:3f:9c:fa:f3:55:05:
         2a:98:77:14:5b:e0:a0:ee:7a:50:ce:da:2d:5a:f5:34:65:51:
         f7:dc:d5:be:35:f0:fd:48:e8:6f:d3:f0:1a:d1:20:83:3b:88:
         8a:99:f1:42:92:69:c4:65:63:c1:8a:cd:67:7a:ae:a8:22:fc:
         8c:52:70:13:fa:9f:c3:0b:92:fd:6e:88:66:ff:ab:4e:9b:73:
         53:8b:b2:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIl2gwH8Y6+kFzg9DyvFVw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjIwNzIyMTIyMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmU5NWY3MjFhMzRjNWU3YjdlY2FjNzdiNWI5OTdjYTJlY2FmYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nRnrTLxE50yVL6opQGfexis0QpI
Vl+0m1XRnwUWFQ41wRL/4zpdbDuJJbfqNvXRJjOsn8PDrqKac28yQfRLPTLKAKsV
gyi5dwww4SMukSyDaa+JSvQCI2Px2o1l77ssgzYvOtv9aGirfb9zDhBG2iZdsn1q
IkZSCHheGct21b8GsEAyfH0vZ5W4J0a9fy6NIO1f5RU+w2WjeuPO3Elk4nkmPCnQ
d9dhlFV1rQEqcMoYGxwjF/yPpa+gRgrZoHE4xj8t21evGg7O7SuzTZXvQCCztE0P
fBTwUHE+ZkO0TvTUNyMM9f6v4OvvoI894PrV8aQeJQsl3OKWTsu2B0eRsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPbpX3IaNMXnt+ysd7W5l8ouyvu9MB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvOXVsZmNobzB4ZWUzN0t4M3RibVh5aTdLLTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW86QAwQA
wRyfMA0GCSqGSIb3DQEBCwUAA4IBAQChMDnfOmaA966e7QRCU+E4susmi5sJkGe3
82Hs4gdiWIM7MCl0kBU6V+wLWbVv/ZsyawtaNgwXoGT0Pf0EaM/nn67KQiaT4k/u
BiDLGvaYO8TW6VtT3wRZNkvrIHuqJdrHwzUtOGvaWA2sFY+HaJheYBh2qvHzEH7n
bCDX/VM8cbgBIhBsG/neyAFobqfTD5KYD2Xb/eXyr5pA/GfxteirQz76JYdmtgEl
2edlMfY/nPrzVQUqmHcUW+Cg7npQztotWvU0ZVH33NW+NfD9SOhv0/Aa0SCDO4iK
mfFCkmnEZWPBis1neq6oIvyMUnAT+p/DC5L9bohm/6tOm3NTi7J/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:09 2024 by rpki-client on console-ams.rpki-client.org