Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/B8VRlvcZpM0WcCzwwF-VHCrKgcc.roa
File:                     B8VRlvcZpM0WcCzwwF-VHCrKgcc.roa (raw, json)
Hash identifier:          wAsFQwJUaey0mtZ89zG3C6kFIUQ77JGBObKbCyq4OKc=
Subject key identifier:   07:C5:51:96:F7:19:A4:CD:16:70:2C:F0:C0:5F:95:1C:2A:CA:81:C7
Certificate issuer:       /CN=71ee7ed4a6a91054e6bc2498693fe0c2f862101d
Certificate serial:       013E66
Authority key identifier: 71:EE:7E:D4:A6:A9:10:54:E6:BC:24:98:69:3F:E0:C2:F8:62:10:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ce5-1KapEFTmvCSYaT_gwvhiEB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/B8VRlvcZpM0WcCzwwF-VHCrKgcc.roa
Signing time:             Wed 13 Apr 2022 23:55:32 +0000
ROA not before:           Wed 13 Apr 2022 23:55:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     196721
IP address blocks:        91.212.81.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 81510 (0x13e66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71ee7ed4a6a91054e6bc2498693fe0c2f862101d
        Validity
            Not Before: Apr 13 23:55:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=07c55196f719a4cd16702cf0c05f951c2aca81c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:3c:96:30:16:c3:6a:6c:9c:8c:96:60:c4:bf:
                    c6:68:d1:29:c9:8e:fd:d2:11:e0:1b:6a:4f:1f:8c:
                    48:3b:47:9f:d8:45:76:7b:b3:01:f9:07:45:f5:39:
                    1f:21:0c:5a:f6:92:31:8e:18:cc:73:19:a0:37:0e:
                    30:d2:4f:1f:f4:9f:66:03:ba:4a:fb:64:39:45:95:
                    06:9d:94:8c:85:6b:a2:3b:ac:68:89:ee:c2:53:91:
                    e8:12:06:ec:e8:2d:83:4e:1c:3c:0d:1f:53:29:17:
                    44:da:52:db:bb:c3:fe:d9:fa:8d:49:e6:d7:ef:9d:
                    18:74:f3:8d:60:8d:23:ef:2a:9d:f2:f8:17:73:2d:
                    ba:e5:00:1a:eb:c2:7d:e4:e6:42:15:61:14:23:c4:
                    d4:ae:af:77:94:4f:c3:5d:03:24:27:f0:72:ef:a6:
                    e8:01:53:c6:6b:9b:39:ae:16:a0:33:b6:6f:62:98:
                    78:6c:9b:50:0a:c6:14:ba:74:71:b2:4a:46:b1:9a:
                    a2:5a:76:07:fa:b9:c1:c2:fc:a4:35:27:bb:e3:5f:
                    7d:b4:e1:3a:1c:a0:dd:0c:7d:d5:5d:18:39:2d:21:
                    8e:78:68:57:75:a7:8d:d7:56:02:01:ac:b1:98:90:
                    a2:f5:50:67:d9:7c:62:77:6b:aa:9a:7d:7d:56:ed:
                    18:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:C5:51:96:F7:19:A4:CD:16:70:2C:F0:C0:5F:95:1C:2A:CA:81:C7
            X509v3 Authority Key Identifier:
                keyid:71:EE:7E:D4:A6:A9:10:54:E6:BC:24:98:69:3F:E0:C2:F8:62:10:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce5-1KapEFTmvCSYaT_gwvhiEB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/B8VRlvcZpM0WcCzwwF-VHCrKgcc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/738edb-d9ff-4af5-8341-fc5cc64db749/1/ce5-1KapEFTmvCSYaT_gwvhiEB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.212.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:da:2c:8e:31:70:d2:82:02:aa:b1:1a:ff:21:c5:16:b4:78:
         c2:48:62:6a:84:f3:79:cd:a6:75:cd:bd:28:f7:fc:59:49:6f:
         32:3b:26:f4:a3:b9:6f:f4:2a:bc:dd:1f:bd:df:bd:80:a3:83:
         10:7c:58:39:6e:2b:a7:0a:ff:45:9c:5d:8c:89:e6:fa:e5:41:
         d9:83:33:53:73:86:5a:20:04:0b:14:91:9a:4e:8c:36:47:c2:
         77:e7:f8:f5:6d:14:70:ca:8b:2a:70:ec:f0:61:fa:64:52:23:
         71:87:be:b9:be:92:cd:a1:a5:18:10:d6:c8:5a:e1:c8:be:48:
         b7:0a:62:f3:d5:34:f5:be:d7:a1:d9:4e:84:86:e1:83:a1:53:
         fe:f7:d8:91:f2:65:fe:26:cd:cd:6b:c7:07:b5:52:4d:62:3c:
         e7:26:60:dd:d4:c7:62:3e:e5:90:b7:43:1a:34:96:b8:dc:79:
         43:f0:ba:84:9e:e7:b9:97:53:64:82:2d:c4:5f:57:13:a7:9d:
         59:94:d8:6d:e0:6e:a3:26:65:c0:33:67:da:fa:49:29:ee:fd:
         84:22:77:19:0f:6b:d6:20:5e:b8:1d:64:1b:e7:f5:43:27:cb:
         50:90:ae:8a:b5:82:3a:00:50:c0:bc:54:b2:0c:7b:28:25:87:
         d5:77:d0:89
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAT5mMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcx
ZWU3ZWQ0YTZhOTEwNTRlNmJjMjQ5ODY5M2ZlMGMyZjg2MjEwMWQwHhcNMjIwNDEz
MjM1NTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwN2M1NTE5NmY3MTlh
NGNkMTY3MDJjZjBjMDVmOTUxYzJhY2E4MWM3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtDyWMBbDamycjJZgxL/GaNEpyY790hHgG2pPH4xIO0ef2EV2
e7MB+QdF9TkfIQxa9pIxjhjMcxmgNw4w0k8f9J9mA7pK+2Q5RZUGnZSMhWuiO6xo
ie7CU5HoEgbs6C2DThw8DR9TKRdE2lLbu8P+2fqNSebX750YdPONYI0j7yqd8vgX
cy265QAa68J95OZCFWEUI8TUrq93lE/DXQMkJ/By76boAVPGa5s5rhagM7ZvYph4
bJtQCsYUunRxskpGsZqiWnYH+rnBwvykNSe74199tOE6HKDdDH3VXRg5LSGOeGhX
daeN11YCAayxmJCi9VBn2Xxid2uqmn19Vu0YsQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFAfFUZb3GaTNFnAs8MBflRwqyoHHMB8GA1UdIwQYMBaAFHHuftSmqRBU5rwk
mGk/4ML4YhAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Y2U1LTFLYXBFRlRtdkNTWWFUX2d3dmhpRUIwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81YS83MzhlZGItZDlmZi00YWY1LTgzNDEtZmM1Y2M2NGRiNzQ5LzEv
QjhWUmx2Y1pwTTBXY0N6d3dGLVZIQ3JLZ2NjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83
MzhlZGItZDlmZi00YWY1LTgzNDEtZmM1Y2M2NGRiNzQ5LzEvY2U1LTFLYXBFRlRt
dkNTWWFUX2d3dmhpRUIwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9RRMA0GCSqGSIb3DQEBCwUAA4IB
AQAS2iyOMXDSggKqsRr/IcUWtHjCSGJqhPN5zaZ1zb0o9/xZSW8yOyb0o7lv9Cq8
3R+9372Ao4MQfFg5biunCv9FnF2Mieb65UHZgzNTc4ZaIAQLFJGaTow2R8J35/j1
bRRwyosqcOzwYfpkUiNxh765vpLNoaUYENbIWuHIvki3CmLz1TT1vteh2U6EhuGD
oVP+99iR8mX+Js3Na8cHtVJNYjznJmDd1MdiPuWQt0MaNJa43HlD8LqEnue5l1Nk
gi3EX1cTp51ZlNht4G6jJmXAM2fa+kkp7v2EIncZD2vWIF64HWQb5/VDJ8tQkK6K
tYI6AFDAvFSyDHsoJYfVd9CJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:40 2024 by rpki-client on console-ams.rpki-client.org