Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/J7yegaFbRFM61HxcGOf0ai8HteI.roa
File:                     J7yegaFbRFM61HxcGOf0ai8HteI.roa (raw, json)
Hash identifier:          mMa2r2J6zRYAqEzut1gefeBy3CVacaNVWQxsTbonySc=
Subject key identifier:   27:BC:9E:81:A1:5B:44:53:3A:D4:7C:5C:18:E7:F4:6A:2F:07:B5:E2
Certificate issuer:       /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial:       04E421FF
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/J7yegaFbRFM61HxcGOf0ai8HteI.roa
Signing time:             Sat 01 Jan 2022 07:53:37 +0000
ROA not before:           Sat 01 Jan 2022 07:53:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        193.28.159.0/24 maxlen: 24
                          91.223.161.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82059775 (0x4e421ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
        Validity
            Not Before: Jan  1 07:53:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=27bc9e81a15b44533ad47c5c18e7f46a2f07b5e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:dc:df:d2:fc:ac:09:fd:80:9f:59:2d:c5:5f:
                    23:13:46:fb:26:e5:43:2a:f0:6a:1d:82:93:83:bd:
                    93:ff:ee:8c:41:cd:e3:84:3b:91:bd:f5:02:8f:ee:
                    08:09:ab:13:49:70:fa:5e:7e:36:b4:ab:90:ca:fa:
                    1e:b4:07:80:59:07:ec:73:f5:bb:bc:75:b4:ef:48:
                    8a:54:cf:0e:d7:b6:f7:0f:07:af:b5:5f:ca:e4:98:
                    28:a8:3b:4c:38:43:e2:0f:c9:83:d3:d8:e8:ab:24:
                    80:f7:06:2a:2c:02:8a:fd:e1:5d:c9:12:91:7e:3c:
                    38:d1:f6:29:ac:f5:76:d1:a7:ad:f3:06:08:b6:f5:
                    26:78:13:6a:bb:cc:63:ab:4d:c2:9f:71:e1:14:fb:
                    78:73:36:ce:c8:56:4e:08:c3:d6:6e:ae:5f:c4:38:
                    96:c8:a2:f7:f8:c9:a7:64:e5:35:23:fd:9d:a3:4f:
                    bd:62:5b:2d:48:0e:f4:b9:15:f7:90:f8:a8:ec:ca:
                    91:a8:41:c7:15:ac:4d:21:90:db:b4:3b:c0:11:3e:
                    2d:70:e7:67:3c:75:11:73:c4:d8:b8:fa:1d:2b:e1:
                    53:53:2f:ab:7f:7d:da:2a:21:29:f3:53:54:59:96:
                    90:6d:b5:89:88:4c:12:90:9b:6c:6c:95:57:0c:52:
                    2f:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:BC:9E:81:A1:5B:44:53:3A:D4:7C:5C:18:E7:F4:6A:2F:07:B5:E2
            X509v3 Authority Key Identifier:
                keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/J7yegaFbRFM61HxcGOf0ai8HteI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.161.0/24
                  193.28.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:52:47:30:94:62:1c:fa:d6:d6:dc:fa:31:e8:ea:c3:4c:b5:
         f3:73:8a:e8:af:f0:35:1d:04:4b:ae:db:6b:c7:f8:1c:2f:f9:
         68:25:00:b4:ac:35:17:1a:52:d6:94:d1:8e:c6:f4:40:04:8f:
         30:1c:0a:02:26:d0:ba:e8:8b:3f:71:ce:e2:8e:51:b2:30:80:
         aa:1c:c2:c8:c9:b9:d8:62:f4:b0:c1:5c:1f:5d:27:f6:46:e4:
         8f:91:bc:a1:e4:2b:a7:b9:9f:8a:fb:c6:7c:5a:0f:6a:e9:0c:
         21:e2:19:3e:ab:15:3a:dd:ec:3e:47:d7:c3:c4:ec:82:a4:07:
         af:a2:aa:59:46:b9:b1:70:b4:4f:b5:ff:3f:90:c7:d0:12:4b:
         19:53:fe:09:a8:b4:8f:87:cf:a6:ce:8d:99:e6:d1:a3:2e:c8:
         61:62:1e:ea:7e:af:b3:7b:03:e5:1e:2c:98:05:e0:88:aa:11:
         03:3f:af:06:8b:09:3d:df:24:e7:59:f9:00:28:19:c6:e1:64:
         32:90:f4:3f:b9:2a:5b:f0:27:52:71:0d:f9:60:db:7b:4f:59:
         27:40:f2:67:f5:9d:81:26:d0:f8:75:e4:52:08:ed:d8:20:27:
         a1:1d:11:f4:fd:f1:ce:82:41:1e:bd:0c:c1:94:f2:7d:ce:a9:
         8a:8b:a8:64
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBOQh/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NWIwYTg2NjU5ZWMzMTRmMTNhMDRlM2EwM2RiZGIxMjQ0YTBlMGE5MB4XDTIyMDEw
MTA3NTMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdiYzllODFhMTVi
NDQ1MzNhZDQ3YzVjMThlN2Y0NmEyZjA3YjVlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHc39L8rAn9gJ9ZLcVfIxNG+yblQyrwah2Ck4O9k//ujEHN
44Q7kb31Ao/uCAmrE0lw+l5+NrSrkMr6HrQHgFkH7HP1u7x1tO9IilTPDte29w8H
r7VfyuSYKKg7TDhD4g/Jg9PY6KskgPcGKiwCiv3hXckSkX48ONH2Kaz1dtGnrfMG
CLb1JngTarvMY6tNwp9x4RT7eHM2zshWTgjD1m6uX8Q4lsii9/jJp2TlNSP9naNP
vWJbLUgO9LkV95D4qOzKkahBxxWsTSGQ27Q7wBE+LXDnZzx1EXPE2Lj6HSvhU1Mv
q3992iohKfNTVFmWkG21iYhMEpCbbGyVVwxSLyECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQnvJ6BoVtEUzrUfFwY5/RqLwe14jAfBgNVHSMEGDAWgBS1sKhmWewxTxOg
TjoD29sSRKDgqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RiQ29abG5zTVU4VG9FNDZBOXZiRWtTZzRLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvMDQ0NDAyLWM0ZDQtNDI1OS05M2UyLTdmYmY1ZWUyOTBhYy8x
L0o3eWVnYUZiUkZNNjFIeGNHT2YwYWk4SHRlSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
MDQ0NDAyLWM0ZDQtNDI1OS05M2UyLTdmYmY1ZWUyOTBhYy8xL3RiQ29abG5zTVU4
VG9FNDZBOXZiRWtTZzRLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvfoQMEAMEcnzANBgkqhkiG9w0B
AQsFAAOCAQEAhFJHMJRiHPrW1tz6Mejqw0y183OK6K/wNR0ES67ba8f4HC/5aCUA
tKw1FxpS1pTRjsb0QASPMBwKAibQuuiLP3HO4o5RsjCAqhzCyMm52GL0sMFcH10n
9kbkj5G8oeQrp7mfivvGfFoPaukMIeIZPqsVOt3sPkfXw8TsgqQHr6KqWUa5sXC0
T7X/P5DH0BJLGVP+Cai0j4fPps6NmebRoy7IYWIe6n6vs3sD5R4smAXgiKoRAz+v
BosJPd8k51n5ACgZxuFkMpD0P7kqW/AnUnEN+WDbe09ZJ0DyZ/WdgSbQ+HXkUgjt
2CAnoR0R9P3xzoJBHr0MwZTyfc6piouoZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:51 2024 by rpki-client on console-fra.rpki-client.org