Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/f85b7c-4ad6-427d-93ed-a6f1e495f1be/1/YzOpsvD557SE9kMQ6zC4OLMQpKE.roa
File:                     YzOpsvD557SE9kMQ6zC4OLMQpKE.roa (raw, json)
Hash identifier:          5vm1SIitEaI2YAmEgpsmC/1CXQBy8bV9qB67JmoPJFA=
Subject key identifier:   63:33:A9:B2:F0:F9:E7:B4:84:F6:43:10:EB:30:B8:38:B3:10:A4:A1
Certificate issuer:       /CN=e140a047c8b30adc6d9ee326a669dfd011d9b5d3
Certificate serial:       011D6486
Authority key identifier: E1:40:A0:47:C8:B3:0A:DC:6D:9E:E3:26:A6:69:DF:D0:11:D9:B5:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UCgR8izCtxtnuMmpmnf0BHZtdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/f85b7c-4ad6-427d-93ed-a6f1e495f1be/1/YzOpsvD557SE9kMQ6zC4OLMQpKE.roa
Signing time:             Mon 06 Jun 2022 11:04:20 +0000
ROA not before:           Mon 06 Jun 2022 11:04:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3356
IP address blocks:        91.132.227.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18703494 (0x11d6486)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e140a047c8b30adc6d9ee326a669dfd011d9b5d3
        Validity
            Not Before: Jun  6 11:04:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6333a9b2f0f9e7b484f64310eb30b838b310a4a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b6:c9:80:c1:77:cb:91:3f:34:fa:21:c7:7e:
                    bf:42:c2:95:a8:ee:f6:dd:32:59:5b:4c:47:a2:18:
                    23:e0:68:c2:07:ce:69:ff:42:5e:47:70:d9:59:01:
                    e3:ff:36:f2:79:d7:4b:dd:87:de:0d:d1:86:bb:3a:
                    6b:1c:86:7b:8c:ed:04:56:93:3d:61:cc:20:ea:4e:
                    6e:d2:ef:7c:7e:9a:36:1a:01:90:25:2f:97:ae:95:
                    f9:15:b6:05:e0:9f:49:6a:0b:54:f9:89:6d:bc:3c:
                    0c:87:82:20:af:9f:1e:35:54:96:ed:8c:2c:1b:b0:
                    1a:61:eb:71:3d:e0:f1:16:86:1d:53:a8:c9:5f:d0:
                    ac:cb:90:9b:42:99:32:68:77:ce:c0:af:53:74:f2:
                    a3:e7:93:b3:06:ae:1e:6a:ae:13:35:11:f7:aa:81:
                    e8:71:ff:fd:d3:04:09:f5:e3:c8:cd:1b:72:fd:79:
                    48:ae:e8:8d:89:9d:a6:8a:81:fc:36:7f:cb:ec:bd:
                    82:83:68:ac:33:f9:f1:ea:a4:52:75:ab:3e:f5:06:
                    20:e4:fa:b9:c0:b6:d6:16:2b:76:f5:1a:10:c6:02:
                    8e:a5:be:68:3b:ee:f7:4e:9c:7a:e6:d6:a4:80:b8:
                    f6:3d:5c:8a:10:c7:ce:b6:7c:3f:47:f9:90:68:e7:
                    3b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:33:A9:B2:F0:F9:E7:B4:84:F6:43:10:EB:30:B8:38:B3:10:A4:A1
            X509v3 Authority Key Identifier:
                keyid:E1:40:A0:47:C8:B3:0A:DC:6D:9E:E3:26:A6:69:DF:D0:11:D9:B5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UCgR8izCtxtnuMmpmnf0BHZtdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/f85b7c-4ad6-427d-93ed-a6f1e495f1be/1/YzOpsvD557SE9kMQ6zC4OLMQpKE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/f85b7c-4ad6-427d-93ed-a6f1e495f1be/1/4UCgR8izCtxtnuMmpmnf0BHZtdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.132.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:f7:b6:d4:d5:6b:94:3d:5b:06:24:75:50:f9:19:aa:81:0a:
         87:f7:ae:d8:0f:27:28:e7:78:d5:55:fd:dd:8e:e2:83:f8:d2:
         0d:2a:ef:2b:3a:03:09:28:f4:cb:31:29:55:92:e5:1d:78:94:
         aa:b7:a3:44:91:03:68:ec:a4:a6:2b:28:9d:85:50:c8:a4:45:
         e9:cc:df:bc:0c:ce:84:39:46:ca:08:94:e2:16:45:49:0e:ed:
         54:97:03:cc:13:04:84:b4:dc:5d:a3:5b:2b:37:4d:48:47:5e:
         ff:ca:7f:37:69:be:8a:de:c0:06:63:e8:30:4f:51:39:8c:57:
         0e:bd:a0:4e:03:bc:29:fb:af:1e:30:e4:3d:46:c4:20:48:87:
         15:2c:b8:a2:e8:3b:44:17:63:73:37:2c:7a:84:10:d6:c4:7d:
         f5:1c:18:b7:26:1e:76:26:02:f2:e9:a6:ea:bc:ae:fa:51:5f:
         c4:e5:00:11:eb:4c:d6:0a:70:ea:fd:68:ae:1d:69:3e:62:b3:
         4e:f5:7b:7c:a4:1c:76:d8:6e:ca:fc:39:f6:ae:7c:97:f2:6e:
         95:f4:09:75:87:c1:4f:39:2d:23:3c:8e:0c:c8:f6:b0:9f:d9:
         44:d7:f4:09:e6:88:7e:50:f9:40:9c:2a:d7:26:40:99:49:e8:
         98:b4:18:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAR1khjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTQwYTA0N2M4YjMwYWRjNmQ5ZWUzMjZhNjY5ZGZkMDExZDliNWQzMB4XDTIyMDYw
NjExMDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjMzM2E5YjJmMGY5
ZTdiNDg0ZjY0MzEwZWIzMGI4MzhiMzEwYTRhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMG2yYDBd8uRPzT6Icd+v0LClaju9t0yWVtMR6IYI+BowgfO
af9CXkdw2VkB4/828nnXS92H3g3Rhrs6axyGe4ztBFaTPWHMIOpObtLvfH6aNhoB
kCUvl66V+RW2BeCfSWoLVPmJbbw8DIeCIK+fHjVUlu2MLBuwGmHrcT3g8RaGHVOo
yV/QrMuQm0KZMmh3zsCvU3Tyo+eTswauHmquEzUR96qB6HH//dMECfXjyM0bcv15
SK7ojYmdpoqB/DZ/y+y9goNorDP58eqkUnWrPvUGIOT6ucC21hYrdvUaEMYCjqW+
aDvu906ceubWpIC49j1cihDHzrZ8P0f5kGjnO5ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRjM6my8PnntIT2QxDrMLg4sxCkoTAfBgNVHSMEGDAWgBThQKBHyLMK3G2e
4yamad/QEdm10zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRVQ2dSOGl6Q3R4dG51TW1wbW5mMEJIWnRkTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvZjg1YjdjLTRhZDYtNDI3ZC05M2VkLWE2ZjFlNDk1ZjFiZS8x
L1l6T3BzdkQ1NTdTRTlrTVE2ekM0T0xNUXBLRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
Zjg1YjdjLTRhZDYtNDI3ZC05M2VkLWE2ZjFlNDk1ZjFiZS8xLzRVQ2dSOGl6Q3R4
dG51TW1wbW5mMEJIWnRkTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFuE4zANBgkqhkiG9w0BAQsFAAOC
AQEAG/e21NVrlD1bBiR1UPkZqoEKh/eu2A8nKOd41VX93Y7ig/jSDSrvKzoDCSj0
yzEpVZLlHXiUqrejRJEDaOykpisonYVQyKRF6czfvAzOhDlGygiU4hZFSQ7tVJcD
zBMEhLTcXaNbKzdNSEde/8p/N2m+it7ABmPoME9ROYxXDr2gTgO8KfuvHjDkPUbE
IEiHFSy4oug7RBdjczcseoQQ1sR99RwYtyYediYC8umm6ryu+lFfxOUAEetM1gpw
6v1orh1pPmKzTvV7fKQcdthuyvw59q58l/JulfQJdYfBTzktIzyODMj2sJ/ZRNf0
CeaIflD5QJwq1yZAmUnomLQYXw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:48 2023 by rpki-client on console-fra.rpki-client.org