Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/Y0aLL9qLE9RHuEffLMTj6_BcPgY.roa
File:                     Y0aLL9qLE9RHuEffLMTj6_BcPgY.roa (raw, json)
Hash identifier:          NetSjJXkxfrSnG7ovy5BrL7sidno00/wF/Foai/O490=
Subject key identifier:   63:46:8B:2F:DA:8B:13:D4:47:B8:47:DF:2C:C4:E3:EB:F0:5C:3E:06
Certificate issuer:       /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial:       018225AF8C70C5DC7507313FDE618C0E148F
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/Y0aLL9qLE9RHuEffLMTj6_BcPgY.roa
Signing time:             Fri 22 Jul 2022 11:33:57 +0000
ROA not before:           Fri 22 Jul 2022 11:33:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47856
IP address blocks:        91.206.144.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:25:af:8c:70:c5:dc:75:07:31:3f:de:61:8c:0e:14:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
        Validity
            Not Before: Jul 22 11:33:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=63468b2fda8b13d447b847df2cc4e3ebf05c3e06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:3b:b4:45:f1:12:31:42:95:3d:55:c4:ef:1b:
                    ff:9d:ee:a8:54:36:7b:95:05:5f:78:97:b8:a3:17:
                    2f:f4:4e:84:48:e7:ab:b0:6e:45:6d:fa:53:54:d8:
                    0a:10:b0:6e:74:d0:aa:e0:7e:5d:77:a6:ad:9b:43:
                    6a:10:1e:ea:31:e7:9c:13:43:8d:12:6f:76:98:f7:
                    5c:2d:81:7c:74:2d:cc:3b:86:ce:3f:6e:17:d0:b0:
                    c4:ec:24:6f:17:31:42:51:7e:5f:fd:52:57:2b:a7:
                    74:71:96:40:b7:e8:64:ee:30:c2:42:bc:f4:b9:f6:
                    19:2d:fe:0e:2d:30:dc:f1:0b:6f:cc:19:83:c8:a9:
                    78:1e:69:fa:f8:e0:fe:8c:ef:47:85:ff:bf:d3:8e:
                    e9:d6:97:50:78:41:58:61:c1:d0:34:a8:2f:67:e1:
                    46:ab:ee:7b:3b:0d:ac:cf:97:0c:a3:84:7a:ec:71:
                    01:3b:85:60:60:a6:36:b1:2b:e0:5d:22:96:64:31:
                    d0:7e:ad:76:22:9e:9f:17:57:9a:33:fc:0a:e7:89:
                    30:c6:15:d3:64:2d:a6:24:c9:9e:af:33:18:ca:07:
                    51:b6:97:8f:0b:40:89:84:1c:ff:71:8b:aa:b7:14:
                    aa:3c:8c:20:41:41:a9:59:ff:5a:e7:86:7e:0d:ed:
                    c7:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:46:8B:2F:DA:8B:13:D4:47:B8:47:DF:2C:C4:E3:EB:F0:5C:3E:06
            X509v3 Authority Key Identifier:
                keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/Y0aLL9qLE9RHuEffLMTj6_BcPgY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:ad:34:cf:56:db:e4:1b:01:63:82:78:4c:42:b1:c7:f4:a8:
         a7:9c:2a:ba:d6:d6:90:50:67:23:9e:04:bb:91:96:d6:d6:fd:
         40:b1:9a:ef:54:73:90:36:28:46:eb:74:90:93:73:5e:e3:1a:
         79:84:8f:3c:32:66:6f:a7:f0:a5:92:27:41:53:58:08:be:6f:
         b8:80:68:65:de:f9:7d:2d:e9:5e:7d:69:ad:71:0b:e7:33:98:
         d3:f8:2a:ee:4a:31:a4:ef:2e:5b:20:c1:c5:63:99:e9:bc:e7:
         36:5e:fe:79:8b:c5:44:38:7e:64:1a:78:a0:dd:b0:7f:f5:72:
         b4:27:92:5a:89:87:8b:e0:b5:5e:37:e4:95:59:1a:8f:36:92:
         18:bc:f6:a7:c6:0f:82:60:38:7d:da:38:be:43:44:92:0a:80:
         c0:15:90:46:a6:d8:29:f5:56:a9:4a:2f:e0:ab:1a:fc:76:6b:
         da:2c:c4:e1:53:2c:a1:f1:a1:7e:79:37:24:40:0e:6b:53:bd:
         3f:08:7c:52:a1:4a:27:c4:1c:9d:21:94:5a:b9:01:a2:f1:37:
         c8:44:3b:b8:6a:b6:b5:be:07:33:31:90:5a:08:bf:cb:71:36:
         9a:09:e4:d5:4d:ef:c2:0c:6e:7f:37:98:e8:1c:24:aa:50:14:
         35:27:74:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIlr4xwxdx1BzE/3mGMDhSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjIwNzIyMTEzMzU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQ2OGIyZmRhOGIxM2Q0NDdiODQ3ZGYyY2M0ZTNlYmYwNWMzZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzu0RfESMUKVPVXE7xv/ne6oVDZ7
lQVfeJe4oxcv9E6ESOersG5FbfpTVNgKELBudNCq4H5dd6atm0NqEB7qMeecE0ON
Em92mPdcLYF8dC3MO4bOP24X0LDE7CRvFzFCUX5f/VJXK6d0cZZAt+hk7jDCQrz0
ufYZLf4OLTDc8QtvzBmDyKl4Hmn6+OD+jO9Hhf+/047p1pdQeEFYYcHQNKgvZ+FG
q+57Ow2sz5cMo4R67HEBO4VgYKY2sSvgXSKWZDHQfq12Ip6fF1eaM/wK54kwxhXT
ZC2mJMmerzMYygdRtpePC0CJhBz/cYuqtxSqPIwgQUGpWf9a54Z+De3HSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNGiy/aixPUR7hH3yzE4+vwXD4GMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvWTBhTEw5cUxFOVJIdUVmZkxNVGo2X0JjUGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW86QMA0G
CSqGSIb3DQEBCwUAA4IBAQAJrTTPVtvkGwFjgnhMQrHH9KinnCq61taQUGcjngS7
kZbW1v1AsZrvVHOQNihG63SQk3Ne4xp5hI88MmZvp/ClkidBU1gIvm+4gGhl3vl9
LelefWmtcQvnM5jT+CruSjGk7y5bIMHFY5npvOc2Xv55i8VEOH5kGnig3bB/9XK0
J5JaiYeL4LVeN+SVWRqPNpIYvPanxg+CYDh92ji+Q0SSCoDAFZBGptgp9VapSi/g
qxr8dmvaLMThUyyh8aF+eTckQA5rU70/CHxSoUonxBydIZRauQGi8TfIRDu4ara1
vgczMZBaCL/LcTaaCeTVTe/CDG5/N5joHCSqUBQ1J3R6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:09 2024 by rpki-client on console-ams.rpki-client.org