Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/NRgd8ZNe5UdIjtCgKuqmNdSPtE0.roa
File:                     NRgd8ZNe5UdIjtCgKuqmNdSPtE0.roa (raw, json)
Hash identifier:          fPD/n7Fnr2pq0TQ4vXFXJkranGuDgyd8wb+sB0Z8wLc=
Subject key identifier:   35:18:1D:F1:93:5E:E5:47:48:8E:D0:A0:2A:EA:A6:35:D4:8F:B4:4D
Certificate issuer:       /CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Certificate serial:       04E3D3EB
Authority key identifier: 21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/NRgd8ZNe5UdIjtCgKuqmNdSPtE0.roa
Signing time:             Sat 01 Jan 2022 02:55:21 +0000
ROA not before:           Sat 01 Jan 2022 02:55:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8075
IP address blocks:        91.225.248.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82039787 (0x4e3d3eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21e86ff9973c93abe6398f031966c29d75a3ba86
        Validity
            Not Before: Jan  1 02:55:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=35181df1935ee547488ed0a02aeaa635d48fb44d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:6e:55:39:48:8b:c0:96:7e:df:54:c1:91:0c:
                    43:73:c9:e7:16:6d:8f:87:87:79:f0:7e:53:3f:32:
                    a5:d8:9c:2f:4f:30:7d:b4:67:a8:8a:76:c9:85:43:
                    ee:31:08:1e:09:66:4d:7b:6a:d9:f9:1a:a5:5e:bf:
                    00:29:0d:d7:ad:b9:80:ea:20:24:e6:89:88:dd:e3:
                    bb:b9:a0:60:e1:38:d8:2e:1b:73:d8:2a:cc:2a:2e:
                    12:e0:e6:cb:8c:72:02:22:28:db:e6:a0:ef:52:a0:
                    b5:25:c3:49:80:8a:d6:48:bd:0c:9b:2f:31:af:47:
                    56:b6:cb:a3:e2:27:0a:5e:dd:72:94:24:c3:bc:d2:
                    a1:f6:ec:df:fa:42:df:61:04:84:2a:c3:4e:bf:8b:
                    92:65:49:ec:18:fd:c8:f7:3a:9d:73:aa:30:3d:72:
                    6e:92:a2:0d:67:2f:d9:59:24:4a:ef:6c:2c:d8:43:
                    9c:12:2e:c7:16:42:be:2b:7d:51:86:a9:77:d8:26:
                    2a:ad:ba:d0:f9:72:a7:8b:f3:ef:b1:0b:0a:fd:87:
                    6b:d7:f6:da:0a:f2:df:e6:a3:07:27:e6:54:5f:30:
                    7f:3e:0b:49:2f:00:b7:46:cb:53:f1:72:ab:7f:1d:
                    19:69:89:27:2e:65:24:fe:b9:ad:65:e1:2a:3d:54:
                    0a:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:18:1D:F1:93:5E:E5:47:48:8E:D0:A0:2A:EA:A6:35:D4:8F:B4:4D
            X509v3 Authority Key Identifier:
                keyid:21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/NRgd8ZNe5UdIjtCgKuqmNdSPtE0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:d8:08:53:3e:4d:7d:bd:41:4d:36:59:95:7a:36:3d:cf:c0:
         1f:4a:10:f8:2a:e9:d0:7d:57:11:12:ef:da:33:cd:69:04:4e:
         51:cb:04:76:fc:0f:5c:a1:77:3c:54:9e:9b:5b:8a:1f:69:ce:
         c2:f8:17:ed:bc:f4:b4:d5:67:35:d8:86:bc:7e:71:1f:a9:46:
         b4:12:6e:65:a6:b6:9e:51:a9:fc:98:02:a3:ca:94:71:c5:2f:
         4a:3c:38:10:65:0b:d3:b2:1b:f0:61:68:4e:7a:d0:c1:a3:1d:
         fd:d2:3e:d9:80:73:b6:b2:90:c5:66:67:7e:1c:5a:60:4e:7c:
         8b:e7:38:08:59:c8:17:9c:65:ae:8b:64:b7:89:0c:8c:a7:a0:
         9c:c2:c9:8d:f8:24:49:ca:32:bb:85:99:d5:dc:ce:2c:05:28:
         c5:f2:30:00:85:ac:99:8c:05:d6:ff:89:c0:d2:87:0e:21:2b:
         ad:2e:3b:b4:93:59:e0:68:80:0f:f5:bc:9f:fd:1b:d3:b8:1a:
         be:ab:66:8d:3c:a4:1d:72:15:9e:bf:a8:50:e2:ac:d0:d4:bd:
         9d:4c:7b:51:f0:a9:8f:a1:8b:43:95:f5:65:9c:f2:e9:50:a3:
         07:15:47:fa:23:c5:e5:a3:3c:c2:0b:29:6b:cf:1d:2c:0f:46:
         69:14:36:0e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBOPT6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWU4NmZmOTk3M2M5M2FiZTYzOThmMDMxOTY2YzI5ZDc1YTNiYTg2MB4XDTIyMDEw
MTAyNTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUxODFkZjE5MzVl
ZTU0NzQ4OGVkMGEwMmFlYWE2MzVkNDhmYjQ0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOBuVTlIi8CWft9UwZEMQ3PJ5xZtj4eHefB+Uz8ypdicL08w
fbRnqIp2yYVD7jEIHglmTXtq2fkapV6/ACkN1625gOogJOaJiN3ju7mgYOE42C4b
c9gqzCouEuDmy4xyAiIo2+ag71KgtSXDSYCK1ki9DJsvMa9HVrbLo+InCl7dcpQk
w7zSofbs3/pC32EEhCrDTr+LkmVJ7Bj9yPc6nXOqMD1ybpKiDWcv2VkkSu9sLNhD
nBIuxxZCvit9UYapd9gmKq260Plyp4vz77ELCv2Ha9f22gry3+ajByfmVF8wfz4L
SS8At0bLU/Fyq38dGWmJJy5lJP65rWXhKj1UCucCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ1GB3xk17lR0iO0KAq6qY11I+0TTAfBgNVHSMEGDAWgBQh6G/5lzyTq+Y5
jwMZZsKddaO6hjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0llaHYtWmM4azZ2bU9ZOERHV2JDblhXanVvWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvMmY2ZGQwLWI3NmYtNDdkNS1hNGFiLTMyZmVlYjU2NmVlNi8x
L05SZ2Q4Wk5lNVVkSWp0Q2dLdXFtTmRTUHRFMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
MmY2ZGQwLWI3NmYtNDdkNS1hNGFiLTMyZmVlYjU2NmVlNi8xL0llaHYtWmM4azZ2
bU9ZOERHV2JDblhXanVvWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvh+DANBgkqhkiG9w0BAQsFAAOC
AQEAKtgIUz5Nfb1BTTZZlXo2Pc/AH0oQ+Crp0H1XERLv2jPNaQROUcsEdvwPXKF3
PFSem1uKH2nOwvgX7bz0tNVnNdiGvH5xH6lGtBJuZaa2nlGp/JgCo8qUccUvSjw4
EGUL07Ib8GFoTnrQwaMd/dI+2YBztrKQxWZnfhxaYE58i+c4CFnIF5xlrotkt4kM
jKegnMLJjfgkScoyu4WZ1dzOLAUoxfIwAIWsmYwF1v+JwNKHDiErrS47tJNZ4GiA
D/W8n/0b07gavqtmjTykHXIVnr+oUOKs0NS9nUx7UfCpj6GLQ5X1ZZzy6VCjBxVH
+iPF5aM8wgspa88dLA9GaRQ2Dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:47 2024 by rpki-client on console-fra.rpki-client.org