Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/hv0Yj-sB1VsRjH5BmVEJLOO3c4A.roa
File:                     hv0Yj-sB1VsRjH5BmVEJLOO3c4A.roa (raw, json)
Hash identifier:          pO2azmhXAVlmLs+0ADHXb/+0kU1EY+yQjzGf9cTHPJM=
Subject key identifier:   86:FD:18:8F:EB:01:D5:5B:11:8C:7E:41:99:51:09:2C:E3:B7:73:80
Certificate issuer:       /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial:       04E46F9F
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/hv0Yj-sB1VsRjH5BmVEJLOO3c4A.roa
Signing time:             Sat 01 Jan 2022 07:53:37 +0000
ROA not before:           Sat 01 Jan 2022 07:53:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        193.28.159.0/24 maxlen: 24
                          91.223.161.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82079647 (0x4e46f9f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
        Validity
            Not Before: Jan  1 07:53:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=86fd188feb01d55b118c7e419951092ce3b77380
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:3c:19:30:57:f9:00:1b:77:9f:f3:33:8e:fd:
                    a9:e8:41:59:53:f8:9f:0b:0d:ad:11:91:86:b0:da:
                    0e:20:54:6f:c1:34:a3:20:01:79:08:2d:e6:90:1c:
                    cb:23:c0:d7:d6:e7:df:a8:37:bb:d9:e8:2d:46:13:
                    f1:01:b4:a9:2b:e3:f6:4e:fb:2e:d5:5c:13:78:59:
                    c3:e6:40:37:fb:e9:0e:bc:f1:2c:81:bd:e3:f5:74:
                    68:0c:c8:1b:8b:bf:1f:c8:d5:c5:c5:eb:fc:5c:aa:
                    8c:d7:84:f5:c7:0d:6e:d2:1c:8b:bf:e6:de:f8:be:
                    f5:49:79:b7:b8:c9:cc:76:77:17:d9:46:3d:42:6e:
                    b3:96:1f:53:a8:74:38:9f:65:e7:dd:30:2f:80:ad:
                    a7:32:d5:69:72:4a:ab:11:f2:ee:d2:f6:49:36:09:
                    55:aa:36:3d:15:7f:29:05:87:4d:48:0e:37:69:4f:
                    58:9d:7e:69:66:f4:09:7d:bf:a4:87:cc:47:3d:a2:
                    8a:d0:ab:98:e1:c6:56:08:30:8c:d5:3f:e5:65:80:
                    66:63:d2:1f:a9:be:4e:29:9c:76:e0:12:a6:5a:ef:
                    41:84:0a:52:34:56:be:16:86:3e:b3:c6:76:50:7c:
                    eb:b2:97:1b:a9:d3:20:80:ac:71:9f:70:7b:eb:32:
                    f9:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:FD:18:8F:EB:01:D5:5B:11:8C:7E:41:99:51:09:2C:E3:B7:73:80
            X509v3 Authority Key Identifier:
                keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/hv0Yj-sB1VsRjH5BmVEJLOO3c4A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.161.0/24
                  193.28.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:93:e7:db:a8:59:dd:85:32:05:c7:5a:68:6b:26:25:46:2e:
         3a:15:b8:ac:f8:77:19:d9:b2:24:45:85:a5:4f:8c:92:e7:0c:
         3d:76:24:db:77:c8:65:74:25:f6:04:72:d7:0d:0b:1b:ca:15:
         95:81:11:dd:f5:83:41:1e:f6:b1:26:e7:2c:42:ec:85:f1:4c:
         4a:14:1e:89:50:ce:75:b8:b3:60:91:d3:f6:a0:2d:51:7d:b0:
         2a:e8:0e:34:35:d0:cb:92:98:84:b0:0f:a5:5b:69:88:b0:6d:
         29:b4:4b:25:8c:8a:d0:c5:14:fa:62:09:b0:aa:05:4a:ec:45:
         fc:de:7c:d3:ae:29:ca:bd:cc:6a:da:94:b4:78:07:af:dc:0c:
         14:09:f1:9a:dd:db:78:a4:fd:cc:c6:1b:3e:07:56:f0:a3:f7:
         69:25:a0:24:9e:0d:2e:cf:5f:6a:d0:24:0b:02:f1:f7:28:ac:
         3b:a2:e3:b4:56:f0:8f:2e:08:f8:62:95:2e:d7:08:7c:e9:3b:
         f9:a4:6c:37:77:49:f4:a1:13:78:e6:9f:7e:b4:43:44:ac:17:
         c0:78:35:66:09:71:1f:3a:e5:15:1f:ab:42:df:a5:07:2e:e0:
         8a:01:a9:95:a5:26:80:e2:bc:3e:fd:0b:20:0d:35:e8:1d:f8:
         35:a0:d0:76
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBORvnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NWIwYTg2NjU5ZWMzMTRmMTNhMDRlM2EwM2RiZGIxMjQ0YTBlMGE5MB4XDTIyMDEw
MTA3NTMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZmZDE4OGZlYjAx
ZDU1YjExOGM3ZTQxOTk1MTA5MmNlM2I3NzM4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALw8GTBX+QAbd5/zM479qehBWVP4nwsNrRGRhrDaDiBUb8E0
oyABeQgt5pAcyyPA19bn36g3u9noLUYT8QG0qSvj9k77LtVcE3hZw+ZAN/vpDrzx
LIG94/V0aAzIG4u/H8jVxcXr/FyqjNeE9ccNbtIci7/m3vi+9Ul5t7jJzHZ3F9lG
PUJus5YfU6h0OJ9l590wL4CtpzLVaXJKqxHy7tL2STYJVao2PRV/KQWHTUgON2lP
WJ1+aWb0CX2/pIfMRz2iitCrmOHGVggwjNU/5WWAZmPSH6m+TimcduASplrvQYQK
UjRWvhaGPrPGdlB867KXG6nTIICscZ9we+sy+T0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSG/RiP6wHVWxGMfkGZUQks47dzgDAfBgNVHSMEGDAWgBS1sKhmWewxTxOg
TjoD29sSRKDgqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RiQ29abG5zTVU4VG9FNDZBOXZiRWtTZzRLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvMDQ0NDAyLWM0ZDQtNDI1OS05M2UyLTdmYmY1ZWUyOTBhYy8x
L2h2MFlqLXNCMVZzUmpINUJtVkVKTE9PM2M0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
MDQ0NDAyLWM0ZDQtNDI1OS05M2UyLTdmYmY1ZWUyOTBhYy8xL3RiQ29abG5zTVU4
VG9FNDZBOXZiRWtTZzRLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvfoQMEAMEcnzANBgkqhkiG9w0B
AQsFAAOCAQEAMZPn26hZ3YUyBcdaaGsmJUYuOhW4rPh3GdmyJEWFpU+MkucMPXYk
23fIZXQl9gRy1w0LG8oVlYER3fWDQR72sSbnLELshfFMShQeiVDOdbizYJHT9qAt
UX2wKugONDXQy5KYhLAPpVtpiLBtKbRLJYyK0MUU+mIJsKoFSuxF/N58064pyr3M
atqUtHgHr9wMFAnxmt3beKT9zMYbPgdW8KP3aSWgJJ4NLs9fatAkCwLx9yisO6Lj
tFbwjy4I+GKVLtcIfOk7+aRsN3dJ9KETeOaffrRDRKwXwHg1ZglxHzrlFR+rQt+l
By7gigGplaUmgOK8Pv0LIA016B34NaDQdg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:51 2024 by rpki-client on console-fra.rpki-client.org