Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/NSqxl5vQeRutDHInHdXhXXHfUeY.roa
File:                     NSqxl5vQeRutDHInHdXhXXHfUeY.roa (raw, json)
Hash identifier:          /Z0oKetJGXEB3dgyDGHO6jEj2NVGEq81ullm3jiW3vU=
Subject key identifier:   35:2A:B1:97:9B:D0:79:1B:AD:0C:72:27:1D:D5:E1:5D:71:DF:51:E6
Certificate issuer:       /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial:       03162CA7
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/NSqxl5vQeRutDHInHdXhXXHfUeY.roa
Signing time:             Mon 24 Jan 2022 14:43:20 +0000
ROA not before:           Mon 24 Jan 2022 14:43:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        91.199.32.0/24 maxlen: 24
                          91.199.44.0/24 maxlen: 24
                          91.199.42.0/24 maxlen: 24
                          91.199.47.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51784871 (0x3162ca7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
        Validity
            Not Before: Jan 24 14:43:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=352ab1979bd0791bad0c72271dd5e15d71df51e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:05:ef:47:14:e5:4f:0b:f1:b5:b0:15:85:83:
                    4e:2b:fb:b1:27:d8:2a:1a:1e:e6:cc:60:de:bc:90:
                    dd:57:ef:dc:c9:c7:65:df:23:e2:92:3e:01:01:2a:
                    3e:44:f4:aa:b5:69:65:8b:e5:9c:8c:23:47:6c:c1:
                    db:6a:1a:96:a4:99:d9:37:3d:45:c4:b7:1c:12:af:
                    8d:3d:2e:d0:eb:cf:ef:21:7a:e8:b9:d4:67:43:03:
                    b8:fe:46:2d:9a:50:6d:a2:3f:f4:c8:fb:f9:51:d9:
                    6e:af:26:31:3f:3e:ed:b0:b0:6b:31:34:b2:d1:d0:
                    3e:34:9e:4f:76:b6:c7:f1:5d:16:14:cc:b6:5d:e6:
                    77:9e:a7:3b:01:09:35:b2:fa:40:46:15:ef:3f:22:
                    8c:7b:46:65:d7:0a:43:da:36:86:cc:7d:79:d8:a4:
                    6c:ab:15:b2:27:d4:3b:75:7c:76:2d:57:d7:e0:20:
                    8e:a7:aa:bf:76:01:8a:0e:8c:8d:1a:45:41:6a:c3:
                    a8:d7:8b:f9:9f:a6:9e:ed:96:47:c0:c5:32:35:7d:
                    f9:9b:d6:28:af:8c:23:f5:b7:94:34:f7:0d:ea:fa:
                    6f:d7:08:1e:c6:bd:e7:51:15:ea:a3:6d:8e:a4:ab:
                    84:e2:e7:1f:01:8d:be:ee:f7:a5:b9:54:d7:03:4c:
                    7a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:2A:B1:97:9B:D0:79:1B:AD:0C:72:27:1D:D5:E1:5D:71:DF:51:E6
            X509v3 Authority Key Identifier:
                keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/NSqxl5vQeRutDHInHdXhXXHfUeY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.32.0/24
                  91.199.42.0/24
                  91.199.44.0/24
                  91.199.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:fc:e2:2d:35:ee:3b:dc:62:d0:85:22:4f:a1:69:dd:dc:ee:
         0e:78:ca:f8:c2:ed:35:19:b6:e2:55:2b:aa:e0:7f:ab:c1:66:
         a0:b4:bd:02:73:79:37:93:74:21:6c:04:8b:d2:50:65:a3:72:
         e6:23:94:6e:b1:94:1e:43:00:c5:dd:a4:02:d3:46:fa:1c:aa:
         fb:23:0d:92:ef:0a:9c:61:3c:db:6f:dc:0c:1c:18:2f:cd:63:
         6c:e4:63:b1:6e:fa:5b:da:84:1e:24:95:94:bb:c4:b4:67:58:
         30:88:cb:75:4e:e0:d2:54:61:82:93:c2:70:55:95:0e:45:e8:
         75:10:9a:51:f7:cd:d3:b9:24:9b:f1:59:88:47:80:23:74:2c:
         d5:a0:26:55:83:33:ac:1e:7f:02:4a:cd:87:34:0f:80:5c:c6:
         be:68:ab:56:05:80:e8:33:fa:50:03:86:b0:e7:05:e4:08:d4:
         92:58:c8:6a:5c:73:66:f6:ad:2b:26:4f:d8:f2:b1:2c:c3:d4:
         81:f2:c6:7d:6c:d6:2e:a8:3c:d0:0a:be:fe:72:29:a5:1a:48:
         0a:80:9f:0a:48:ae:49:1c:91:3a:ea:cb:45:98:dc:55:c7:2c:
         03:53:bf:e4:73:7f:ae:4c:eb:6e:ac:98:61:c9:94:5f:12:52:
         56:3a:16:0e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAxYspzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
N2YyMzEzNjU5ODU4MjhkNWE5NjYzZWQxYjQ0MDYyNGIyNGZlYzEzMB4XDTIyMDEy
NDE0NDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUyYWIxOTc5YmQw
NzkxYmFkMGM3MjI3MWRkNWUxNWQ3MWRmNTFlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUF70cU5U8L8bWwFYWDTiv7sSfYKhoe5sxg3ryQ3Vfv3MnH
Zd8j4pI+AQEqPkT0qrVpZYvlnIwjR2zB22oalqSZ2Tc9RcS3HBKvjT0u0OvP7yF6
6LnUZ0MDuP5GLZpQbaI/9Mj7+VHZbq8mMT8+7bCwazE0stHQPjSeT3a2x/FdFhTM
tl3md56nOwEJNbL6QEYV7z8ijHtGZdcKQ9o2hsx9edikbKsVsifUO3V8di1X1+Ag
jqeqv3YBig6MjRpFQWrDqNeL+Z+mnu2WR8DFMjV9+ZvWKK+MI/W3lDT3Der6b9cI
Hsa951EV6qNtjqSrhOLnHwGNvu73pblU1wNMekcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ1KrGXm9B5G60Mcicd1eFdcd9R5jAfBgNVHSMEGDAWgBQH8jE2WYWCjVqW
Y+0bRAYksk/sEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JfSXhObG1GZ28xYWxtUHRHMFFHSkxKUDdCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvZWY1ZmIzLTNlNTYtNGI3Ny1hYWM3LTA4NWZhMGE1NjA1Mi8x
L05TcXhsNXZRZVJ1dERISW5IZFhoWFhIZlVlWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
ZWY1ZmIzLTNlNTYtNGI3Ny1hYWM3LTA4NWZhMGE1NjA1Mi8xL0JfSXhObG1GZ28x
YWxtUHRHMFFHSkxKUDdCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFvHIAMEAFvHKgMEAFvHLAMEAFvH
LzANBgkqhkiG9w0BAQsFAAOCAQEAefziLTXuO9xi0IUiT6Fp3dzuDnjK+MLtNRm2
4lUrquB/q8FmoLS9AnN5N5N0IWwEi9JQZaNy5iOUbrGUHkMAxd2kAtNG+hyq+yMN
ku8KnGE822/cDBwYL81jbORjsW76W9qEHiSVlLvEtGdYMIjLdU7g0lRhgpPCcFWV
DkXodRCaUffN07kkm/FZiEeAI3Qs1aAmVYMzrB5/AkrNhzQPgFzGvmirVgWA6DP6
UAOGsOcF5AjUkljIalxzZvatKyZP2PKxLMPUgfLGfWzWLqg80Aq+/nIppRpICoCf
CkiuSRyROurLRZjcVccsA1O/5HN/rkzrbqyYYcmUXxJSVjoWDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:19 2024 by rpki-client on console-ams.rpki-client.org