Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/EYIbnC1kYObDtXIgbTp34FW10gk.roa
File:                     EYIbnC1kYObDtXIgbTp34FW10gk.roa (raw, json)
Hash identifier:          IAqxIVDWKp1KyioIPOJfTJZ6XBRky5YQ+WPbgDnO78g=
Subject key identifier:   11:82:1B:9C:2D:64:60:E6:C3:B5:72:20:6D:3A:77:E0:55:B5:D2:09
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       0184B46816F3144ABF7C1592DFBE951623C8
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/EYIbnC1kYObDtXIgbTp34FW10gk.roa
Signing time:             Sat 26 Nov 2022 14:47:11 +0000
ROA not before:           Sat 26 Nov 2022 14:47:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43310
IP address blocks:        188.191.111.0/24 maxlen: 24
                          188.191.107.0/24 maxlen: 24
                          91.225.224.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:b4:68:16:f3:14:4a:bf:7c:15:92:df:be:95:16:23:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Nov 26 14:47:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=11821b9c2d6460e6c3b572206d3a77e055b5d209
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:79:e8:9b:0d:d6:69:19:41:bc:d7:69:2c:1a:
                    4d:7b:b5:07:83:a0:f0:22:38:92:89:5d:11:25:87:
                    3c:8a:2b:a8:b6:67:81:be:ea:06:0e:e3:f5:08:be:
                    7c:bf:1c:b2:36:9d:a8:c0:97:ae:14:ca:af:4d:be:
                    60:cb:69:9b:5c:6b:c3:a6:aa:a6:a2:ae:3c:86:4e:
                    79:11:ce:99:d8:53:3c:43:da:6c:53:59:f8:66:1d:
                    10:90:b7:6c:4f:e1:a8:7b:e0:4c:71:00:52:d3:25:
                    ff:f0:78:52:05:59:13:e9:5b:8e:5f:ee:93:fd:01:
                    e1:64:a8:ff:b4:fb:7a:9d:b0:d1:6e:ae:6a:c5:e0:
                    95:0c:d0:fc:aa:6f:62:96:ec:0c:a8:0c:41:d1:b3:
                    47:02:16:1e:e7:77:53:cf:8a:d1:08:7c:93:df:83:
                    b3:32:0d:b7:50:bb:13:43:93:fc:56:0f:7a:38:cf:
                    cc:06:2b:8c:72:30:7c:1b:61:3f:e9:91:21:45:f5:
                    88:88:9b:18:8a:da:17:a1:e4:10:c0:f2:16:cd:0c:
                    fa:9b:31:b9:e6:20:1b:03:df:83:13:df:91:c1:b0:
                    d2:7e:c0:24:8c:c9:ac:d6:8b:62:aa:55:b1:ba:7b:
                    39:6c:af:34:1e:f8:e5:fa:81:23:29:64:0e:6e:cf:
                    46:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:82:1B:9C:2D:64:60:E6:C3:B5:72:20:6D:3A:77:E0:55:B5:D2:09
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/EYIbnC1kYObDtXIgbTp34FW10gk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.224.0/24
                  188.191.107.0/24
                  188.191.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:43:8f:c1:8a:39:2b:82:61:dc:86:b2:6d:52:0c:05:ef:50:
         dd:e0:d0:ed:39:4a:72:a6:75:58:30:9f:a9:ec:51:5c:e6:da:
         a4:06:2c:19:fa:68:c5:42:53:09:df:ea:a3:ee:9f:70:5e:c7:
         bc:b0:37:b9:fc:48:49:87:f2:89:30:57:94:28:42:2a:2c:b3:
         e8:14:97:41:42:2d:94:eb:6e:31:02:e1:91:31:08:a2:0d:f5:
         d7:1b:19:b5:75:39:c3:8c:10:4a:84:99:43:35:94:6d:5a:81:
         83:b6:97:35:e3:7b:9d:87:27:1e:fa:10:1e:7d:04:01:85:40:
         07:e3:0c:b3:55:d8:55:f7:5d:73:d1:b1:4c:65:4a:89:3d:7a:
         8d:b9:6b:0a:74:a7:15:08:df:d2:d1:6b:7c:62:f9:24:9c:06:
         e4:8a:0a:38:6e:a0:4e:dc:2a:46:02:97:40:0c:2d:1f:3c:e0:
         cc:96:80:8b:75:6b:26:a9:89:3c:bb:0f:48:59:e6:69:68:f4:
         c1:a5:12:94:47:a0:2d:3d:2a:bd:d6:f4:d6:5b:30:88:53:b5:
         a0:46:27:6c:f3:26:7f:ab:52:a2:83:9d:c8:67:1e:1f:01:c6:
         97:f9:cd:2d:73:af:81:e7:24:d6:66:80:e4:60:3f:d9:3f:79:
         60:ec:f3:44
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYS0aBbzFEq/fBWS376VFiPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMTI2MTQ0NzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTgyMWI5YzJkNjQ2MGU2YzNiNTcyMjA2ZDNhNzdlMDU1YjVkMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunnomw3WaRlBvNdpLBpNe7UHg6Dw
IjiSiV0RJYc8iiuotmeBvuoGDuP1CL58vxyyNp2owJeuFMqvTb5gy2mbXGvDpqqm
oq48hk55Ec6Z2FM8Q9psU1n4Zh0QkLdsT+Goe+BMcQBS0yX/8HhSBVkT6VuOX+6T
/QHhZKj/tPt6nbDRbq5qxeCVDND8qm9iluwMqAxB0bNHAhYe53dTz4rRCHyT34Oz
Mg23ULsTQ5P8Vg96OM/MBiuMcjB8G2E/6ZEhRfWIiJsYitoXoeQQwPIWzQz6mzG5
5iAbA9+DE9+RwbDSfsAkjMms1otiqlWxuns5bK80Hvjl+oEjKWQObs9GswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBGCG5wtZGDmw7VyIG06d+BVtdIJMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvRVlJYm5DMWtZT2JEdFhJZ2JUcDM0RlcxMGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+HgAwQA
vL9rAwQAvL9vMA0GCSqGSIb3DQEBCwUAA4IBAQAIQ4/BijkrgmHchrJtUgwF71Dd
4NDtOUpypnVYMJ+p7FFc5tqkBiwZ+mjFQlMJ3+qj7p9wXse8sDe5/EhJh/KJMFeU
KEIqLLPoFJdBQi2U624xAuGRMQiiDfXXGxm1dTnDjBBKhJlDNZRtWoGDtpc143ud
hyce+hAefQQBhUAH4wyzVdhV911z0bFMZUqJPXqNuWsKdKcVCN/S0Wt8YvkknAbk
igo4bqBO3CpGApdADC0fPODMloCLdWsmqYk8uw9IWeZpaPTBpRKUR6AtPSq91vTW
WzCIU7WgRids8yZ/q1Kig53IZx4fAcaX+c0tc6+B5yTWZoDkYD/ZP3lg7PNE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:48 2024 by rpki-client on console-ams.rpki-client.org