Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/1h-eCxrQj1vbuxq0hE5GvZGVNgo.roa
File:                     1h-eCxrQj1vbuxq0hE5GvZGVNgo.roa (raw, json)
Hash identifier:          S70ygyPRxlEKMKvRr8cEvJkVdT4igKsZJ1iVAmraQoY=
Subject key identifier:   D6:1F:9E:0B:1A:D0:8F:5B:DB:BB:1A:B4:84:4E:46:BD:91:95:36:0A
Certificate issuer:       /CN=9a7edeac0c6c20ea49d492990e4858541d190ff1
Certificate serial:       01840DDA3DD6CF497468969DC6F41159F353
Authority key identifier: 9A:7E:DE:AC:0C:6C:20:EA:49:D4:92:99:0E:48:58:54:1D:19:0F:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/1h-eCxrQj1vbuxq0hE5GvZGVNgo.roa
Signing time:             Tue 25 Oct 2022 06:35:17 +0000
ROA not before:           Tue 25 Oct 2022 06:35:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34259
IP address blocks:        91.195.120.0/24 maxlen: 24
                          91.195.121.0/24 maxlen: 24
                          193.111.83.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:0d:da:3d:d6:cf:49:74:68:96:9d:c6:f4:11:59:f3:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a7edeac0c6c20ea49d492990e4858541d190ff1
        Validity
            Not Before: Oct 25 06:35:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d61f9e0b1ad08f5bdbbb1ab4844e46bd9195360a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:c6:72:ec:80:e6:e5:d8:3d:f5:8a:e3:ca:87:
                    34:5c:6f:f0:b5:a3:d3:c5:4c:b7:46:6d:f9:79:03:
                    1c:b8:d9:91:b2:71:d0:42:7c:24:c1:8a:ff:a8:7f:
                    99:11:94:70:68:76:eb:6b:f6:ef:25:02:6f:f6:b3:
                    a7:db:37:42:40:c2:7a:3b:14:22:2c:20:72:ce:16:
                    1f:77:64:e5:e9:f2:d0:be:07:4a:28:7d:6a:cc:eb:
                    e6:f6:b3:ca:5c:1e:b8:f2:d0:48:6e:78:96:1f:6f:
                    29:df:fa:81:c7:29:f0:53:cc:86:f3:8c:52:7d:d7:
                    e4:f2:2f:0b:c1:0d:c6:a8:77:3a:36:8f:76:1d:f4:
                    2c:46:94:92:bb:88:e9:12:6e:07:5d:71:d1:b2:3c:
                    3c:ee:21:58:1d:5c:63:44:d4:f4:09:37:59:6e:15:
                    f6:9b:0e:25:b6:d0:6b:fa:d6:32:b4:25:1b:27:69:
                    da:2e:3b:6a:ec:29:ec:ea:35:a7:9c:10:75:53:30:
                    bd:f4:25:50:fc:a8:7a:29:82:38:6c:51:34:12:0c:
                    1b:07:5a:b6:53:16:d5:c3:82:6e:88:62:27:5d:ad:
                    42:98:04:42:4b:4b:16:cd:0a:45:0d:a5:e2:0f:0b:
                    db:93:1b:02:b0:2a:c1:e0:d8:8a:15:10:f7:2c:ff:
                    d1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:1F:9E:0B:1A:D0:8F:5B:DB:BB:1A:B4:84:4E:46:BD:91:95:36:0A
            X509v3 Authority Key Identifier:
                keyid:9A:7E:DE:AC:0C:6C:20:EA:49:D4:92:99:0E:48:58:54:1D:19:0F:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/1h-eCxrQj1vbuxq0hE5GvZGVNgo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.195.120.0/23
                  193.111.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:2f:0c:24:d3:ee:4d:3b:54:78:14:32:5c:5c:15:4d:5d:68:
         aa:07:0a:c2:f0:ed:f9:93:3e:77:65:ab:8e:4f:15:37:ee:5e:
         f8:9e:3f:60:22:50:03:d1:2a:65:2c:e9:f4:cc:7b:78:47:2c:
         c3:f8:d9:96:53:5c:b5:f7:dd:e4:79:d1:37:63:50:94:97:f6:
         89:a1:2c:08:0d:8b:18:8e:98:54:e2:a2:e4:87:5b:f4:6a:1d:
         a8:30:3f:c5:7d:39:72:36:01:76:30:a5:0b:7f:e9:dd:03:7f:
         aa:4f:58:be:2d:81:a5:7c:f6:91:25:de:4b:4d:7d:ee:9e:98:
         6f:45:7b:3c:8b:b6:9c:ef:ae:e6:7f:46:9e:d7:5c:27:31:9d:
         76:89:79:9f:2a:b9:f6:a9:e4:f8:85:06:8d:a5:16:7e:77:e4:
         72:20:2f:fa:01:3d:93:95:07:78:dc:44:cd:26:3c:1b:b0:fd:
         82:33:0d:78:8e:52:12:98:57:2a:19:5c:fd:3b:0c:51:bd:c0:
         25:cb:ed:64:26:07:63:bf:06:9c:c6:4b:21:e7:ef:b0:d7:d1:
         b3:03:7a:7e:d7:34:c0:2c:12:4e:ab:71:61:ab:34:a6:19:1c:
         cd:34:09:e4:33:a0:d4:4a:05:08:49:aa:24:51:94:df:24:89:
         2a:60:2e:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQN2j3Wz0l0aJadxvQRWfNTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhN2VkZWFjMGM2YzIwZWE0OWQ0OTI5OTBlNDg1ODU0MWQx
OTBmZjEwHhcNMjIxMDI1MDYzNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjFmOWUwYjFhZDA4ZjViZGJiYjFhYjQ4NDRlNDZiZDkxOTUzNjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsZy7IDm5dg99Yrjyoc0XG/wtaPT
xUy3Rm35eQMcuNmRsnHQQnwkwYr/qH+ZEZRwaHbra/bvJQJv9rOn2zdCQMJ6OxQi
LCByzhYfd2Tl6fLQvgdKKH1qzOvm9rPKXB648tBIbniWH28p3/qBxynwU8yG84xS
fdfk8i8LwQ3GqHc6No92HfQsRpSSu4jpEm4HXXHRsjw87iFYHVxjRNT0CTdZbhX2
mw4lttBr+tYytCUbJ2naLjtq7Cns6jWnnBB1UzC99CVQ/Kh6KYI4bFE0EgwbB1q2
UxbVw4JuiGInXa1CmARCS0sWzQpFDaXiDwvbkxsCsCrB4NiKFRD3LP/RLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNYfngsa0I9b27satIRORr2RlTYKMB8GA1UdIwQY
MBaAFJp+3qwMbCDqSdSSmQ5IWFQdGQ/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW43ZXJBeHNJT3BKMUpLWkRraFlWQjBaRF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81YThlMDQtZGQwNy00MzVhLWIxYmYt
YWRlZGNhYTNkMjZlLzEvMWgtZUN4clFqMXZidXhxMGhFNUd2WkdWTmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81YThlMDQtZGQwNy00MzVhLWIxYmYtYWRlZGNhYTNkMjZl
LzEvbW43ZXJBeHNJT3BKMUpLWkRraFlWQjBaRF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8N4AwQA
wW9TMA0GCSqGSIb3DQEBCwUAA4IBAQAyLwwk0+5NO1R4FDJcXBVNXWiqBwrC8O35
kz53ZauOTxU37l74nj9gIlAD0SplLOn0zHt4RyzD+NmWU1y1993kedE3Y1CUl/aJ
oSwIDYsYjphU4qLkh1v0ah2oMD/FfTlyNgF2MKULf+ndA3+qT1i+LYGlfPaRJd5L
TX3unphvRXs8i7ac767mf0ae11wnMZ12iXmfKrn2qeT4hQaNpRZ+d+RyIC/6AT2T
lQd43ETNJjwbsP2CMw14jlISmFcqGVz9OwxRvcAly+1kJgdjvwacxksh5++w19Gz
A3p+1zTALBJOq3FhqzSmGRzNNAnkM6DUSgUISaokUZTfJIkqYC7E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:55 2024 by rpki-client on console-fra.rpki-client.org