Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/deSNymnYMu8KQJpKXYbbzHDtbyI.roa
File:                     deSNymnYMu8KQJpKXYbbzHDtbyI.roa (raw, json)
Hash identifier:          3fAVdNYzLhzYacoUpDnO14sl6a8HqE5amggWz1cnguA=
Subject key identifier:   75:E4:8D:CA:69:D8:32:EF:0A:40:9A:4A:5D:86:DB:CC:70:ED:6F:22
Certificate issuer:       /CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
Certificate serial:       0181FD49EF0B88F0EB24EB621D5AF612F613
Authority key identifier: D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/deSNymnYMu8KQJpKXYbbzHDtbyI.roa
Signing time:             Thu 14 Jul 2022 15:18:09 +0000
ROA not before:           Thu 14 Jul 2022 15:18:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51480
IP address blocks:        91.217.187.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:fd:49:ef:0b:88:f0:eb:24:eb:62:1d:5a:f6:12:f6:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d68b6cfb720a7c92a180ca614bdb0eda1f1ebe9d
        Validity
            Not Before: Jul 14 15:18:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75e48dca69d832ef0a409a4a5d86dbcc70ed6f22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:cf:8b:8e:af:17:fb:47:42:50:f7:b0:33:95:
                    98:f3:93:68:75:7a:5f:78:6f:91:f4:d8:58:be:89:
                    5b:79:de:f6:fc:c9:5a:27:13:95:5a:a1:2f:a7:c0:
                    e9:c6:8a:09:16:0d:08:c7:15:36:f8:a7:24:7f:c7:
                    2b:31:d8:f7:63:bc:c6:96:07:9f:c3:fd:8b:79:ef:
                    52:22:52:c8:a7:45:51:86:b7:c8:50:aa:71:7a:b3:
                    b6:21:ca:5d:27:c3:98:62:fe:11:c6:c4:32:cb:e8:
                    32:fa:73:1b:ed:d6:67:2b:e3:0a:41:32:5b:e3:5e:
                    50:f7:d9:44:15:ea:2d:70:99:e8:4c:66:4c:37:52:
                    02:1b:5b:80:14:84:da:60:22:af:42:6b:bf:de:8d:
                    5f:96:01:b3:03:60:84:74:8a:35:05:2c:5b:63:60:
                    a7:53:cd:e0:d5:8f:c0:c1:68:c4:44:c1:69:e9:c0:
                    bd:84:83:9b:48:e6:e7:09:3f:b4:ae:65:15:e6:e6:
                    c3:3b:75:79:e8:c9:7e:cc:96:6b:7f:8b:44:25:e8:
                    96:12:89:45:68:8d:80:d2:b8:a4:b5:be:73:61:22:
                    66:b8:fe:41:59:fe:d6:10:45:b3:ed:64:7f:d0:cc:
                    ed:ba:f8:b1:e9:ff:94:ef:e8:c0:f8:2e:4c:de:8a:
                    b3:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:E4:8D:CA:69:D8:32:EF:0A:40:9A:4A:5D:86:DB:CC:70:ED:6F:22
            X509v3 Authority Key Identifier:
                keyid:D6:8B:6C:FB:72:0A:7C:92:A1:80:CA:61:4B:DB:0E:DA:1F:1E:BE:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ots-3IKfJKhgMphS9sO2h8evp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/deSNymnYMu8KQJpKXYbbzHDtbyI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b5945d-4915-4bd7-91c1-33e319a454ef/1/1ots-3IKfJKhgMphS9sO2h8evp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:87:5c:33:28:23:13:12:00:95:ad:5a:10:ba:b4:40:1d:58:
         4f:7c:80:9c:43:ad:7e:5c:64:05:cb:bb:c7:d3:54:e4:a3:ed:
         3d:8e:9d:c2:89:07:14:e3:72:f6:58:e2:89:18:bd:c6:a5:51:
         8a:00:a2:bf:3a:8e:42:0b:d6:0c:ad:75:17:a2:2f:d3:18:e5:
         5d:a5:30:4d:af:a3:35:ad:9a:1b:47:5c:10:eb:8e:74:bc:7b:
         eb:01:64:18:da:90:93:bb:ac:84:47:41:4b:d3:db:b3:ad:ab:
         9c:ad:de:dc:62:7b:99:a6:d5:f6:2e:19:85:c2:87:f3:d6:36:
         2f:a7:bb:0e:50:03:3f:61:74:55:01:84:c2:24:52:3c:24:18:
         9a:20:2a:f9:c7:a7:b4:9b:56:a9:2c:3f:c5:58:da:10:0c:1c:
         23:6b:88:0e:32:22:36:70:8c:ff:16:27:5e:81:b9:50:c8:c3:
         4a:6c:e1:e8:52:c4:1d:77:ac:5b:28:9b:56:88:61:d3:0d:94:
         8a:3c:03:ce:5a:27:96:20:ca:5c:51:cb:4e:a6:a1:7e:65:30:
         bb:c3:ae:63:8d:44:84:f4:56:f9:b8:e7:d8:77:f6:8f:b9:a6:
         fa:cc:a2:7b:13:04:b8:6e:28:c5:14:8c:b9:51:6e:25:09:f0:
         93:3f:f3:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH9Se8LiPDrJOtiHVr2EvYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OGI2Y2ZiNzIwYTdjOTJhMTgwY2E2MTRiZGIwZWRhMWYx
ZWJlOWQwHhcNMjIwNzE0MTUxODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWU0OGRjYTY5ZDgzMmVmMGE0MDlhNGE1ZDg2ZGJjYzcwZWQ2ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM+Ljq8X+0dCUPewM5WY85NodXpf
eG+R9NhYvolbed72/MlaJxOVWqEvp8DpxooJFg0IxxU2+Kckf8crMdj3Y7zGlgef
w/2Lee9SIlLIp0VRhrfIUKpxerO2IcpdJ8OYYv4RxsQyy+gy+nMb7dZnK+MKQTJb
415Q99lEFeotcJnoTGZMN1ICG1uAFITaYCKvQmu/3o1flgGzA2CEdIo1BSxbY2Cn
U83g1Y/AwWjERMFp6cC9hIObSObnCT+0rmUV5ubDO3V56Ml+zJZrf4tEJeiWEolF
aI2A0riktb5zYSJmuP5BWf7WEEWz7WR/0Mztuvix6f+U7+jA+C5M3oqz8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXkjcpp2DLvCkCaSl2G28xw7W8iMB8GA1UdIwQY
MBaAFNaLbPtyCnySoYDKYUvbDtofHr6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEt
MzNlMzE5YTQ1NGVmLzEvZGVTTnltbllNdThLUUpwS1hZYmJ6SER0YnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNTk0NWQtNDkxNS00YmQ3LTkxYzEtMzNlMzE5YTQ1NGVm
LzEvMW90cy0zSUtmSktoZ01waFM5c08yaDhldnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9m7MA0G
CSqGSIb3DQEBCwUAA4IBAQB7h1wzKCMTEgCVrVoQurRAHVhPfICcQ61+XGQFy7vH
01Tko+09jp3CiQcU43L2WOKJGL3GpVGKAKK/Oo5CC9YMrXUXoi/TGOVdpTBNr6M1
rZobR1wQ6450vHvrAWQY2pCTu6yER0FL09uzraucrd7cYnuZptX2LhmFwofz1jYv
p7sOUAM/YXRVAYTCJFI8JBiaICr5x6e0m1apLD/FWNoQDBwja4gOMiI2cIz/Fide
gblQyMNKbOHoUsQdd6xbKJtWiGHTDZSKPAPOWieWIMpcUctOpqF+ZTC7w65jjUSE
9Fb5uOfYd/aPuab6zKJ7EwS4bijFFIy5UW4lCfCTP/Px
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:04 2024 by rpki-client on console-fra.rpki-client.org