Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/MqxUqvhmdj63R6spIvfaohN2Kao.roa
File:                     MqxUqvhmdj63R6spIvfaohN2Kao.roa (raw, json)
Hash identifier:          wldMsnqB2h/MQdpa7Oi5MxDFIa2qo1yVCACGNOb5t6c=
Subject key identifier:   32:AC:54:AA:F8:66:76:3E:B7:47:AB:29:22:F7:DA:A2:13:76:29:AA
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       0183EC6D555C3678E325E8A79EF881D7094E
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/MqxUqvhmdj63R6spIvfaohN2Kao.roa
Signing time:             Tue 18 Oct 2022 18:48:51 +0000
ROA not before:           Tue 18 Oct 2022 18:48:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44486
IP address blocks:        91.225.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ec:6d:55:5c:36:78:e3:25:e8:a7:9e:f8:81:d7:09:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Oct 18 18:48:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=32ac54aaf866763eb747ab2922f7daa2137629aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:37:52:b1:0c:6c:e4:26:95:cd:1a:83:45:dd:
                    12:cf:f6:bb:f5:fc:30:11:7e:79:db:c1:a9:21:f9:
                    08:94:7e:7c:c6:58:4a:dc:56:01:84:02:22:77:59:
                    d3:b4:8d:78:cf:59:87:c6:e0:11:37:7a:65:0c:f3:
                    51:af:5b:27:9d:23:5b:85:ad:be:e9:38:30:2a:4c:
                    15:89:46:90:a4:33:a0:77:9b:2b:71:aa:0b:79:99:
                    82:69:ac:c7:10:b9:c7:5e:2d:0a:ac:8b:d2:95:b3:
                    42:5e:22:1a:1c:77:14:c2:c5:cf:4f:bd:48:b9:88:
                    47:3c:09:c6:de:6e:81:02:e8:18:93:b7:dc:62:fb:
                    f4:83:38:73:4e:49:18:be:9a:dd:cf:d0:16:2c:65:
                    56:36:d2:c6:70:44:01:f3:0a:dc:d8:90:5c:d4:b2:
                    a4:b3:31:f6:d4:8b:1f:2f:1e:36:9b:8c:67:cb:77:
                    58:b5:b8:64:c0:5e:49:cf:15:16:46:f2:ac:73:4f:
                    90:45:33:f9:f4:f7:3a:7d:90:36:22:64:8f:d5:10:
                    4a:d4:d7:34:83:a1:6f:db:f2:1e:d8:7d:e0:19:3a:
                    fd:bb:42:6f:08:69:e9:7d:bf:71:ac:bb:85:26:0b:
                    40:1a:ac:4e:89:a1:10:60:ab:59:5a:e5:85:4d:4d:
                    1c:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:AC:54:AA:F8:66:76:3E:B7:47:AB:29:22:F7:DA:A2:13:76:29:AA
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/MqxUqvhmdj63R6spIvfaohN2Kao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:8a:ab:9a:29:df:09:1f:b9:78:00:3d:7b:0c:ae:d7:d1:bb:
         93:17:22:71:c3:03:b5:44:8c:11:a5:55:b1:17:44:78:16:72:
         c7:26:85:67:55:7c:a8:64:f3:c8:ee:c0:95:4a:15:82:f7:d3:
         b2:9d:6f:df:76:b2:28:e3:62:52:24:1b:b7:9d:72:bd:6e:33:
         77:e0:e7:99:a9:90:4b:a5:64:22:05:dd:02:08:7b:97:a7:6b:
         fa:b5:45:2b:61:a0:02:fa:15:13:17:df:90:07:6c:84:af:f2:
         ca:36:92:3e:71:c4:83:d2:7f:ba:73:72:d9:66:db:ff:5e:5c:
         98:be:16:2d:00:77:7e:b8:31:13:e6:dc:79:03:ff:8a:13:1e:
         a8:26:d8:65:b7:26:18:5e:12:b2:8a:84:5e:90:a9:42:22:bc:
         c3:03:1c:a5:49:b4:8e:fa:ca:1f:95:53:ff:a1:1e:c2:a0:20:
         f0:b0:aa:00:a2:8d:9e:d3:cd:ff:64:d0:95:32:ee:ec:8a:76:
         8b:42:d8:1e:8c:f3:a1:b5:96:6c:af:ff:13:6c:ef:14:48:2c:
         b0:a8:4e:62:d6:c6:81:81:84:48:81:b2:8b:82:dc:a9:9a:d7:
         24:a1:50:9e:8d:dc:82:68:4f:4b:12:14:4e:0b:14:87:89:c8:
         66:43:c5:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPsbVVcNnjjJeinnviB1wlOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMDE4MTg0ODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFjNTRhYWY4NjY3NjNlYjc0N2FiMjkyMmY3ZGFhMjEzNzYyOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jdSsQxs5CaVzRqDRd0Sz/a79fww
EX5528GpIfkIlH58xlhK3FYBhAIid1nTtI14z1mHxuARN3plDPNRr1snnSNbha2+
6TgwKkwViUaQpDOgd5srcaoLeZmCaazHELnHXi0KrIvSlbNCXiIaHHcUwsXPT71I
uYhHPAnG3m6BAugYk7fcYvv0gzhzTkkYvprdz9AWLGVWNtLGcEQB8wrc2JBc1LKk
szH21IsfLx42m4xny3dYtbhkwF5JzxUWRvKsc0+QRTP59Pc6fZA2ImSP1RBK1Nc0
g6Fv2/Ie2H3gGTr9u0JvCGnpfb9xrLuFJgtAGqxOiaEQYKtZWuWFTU0cNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKsVKr4ZnY+t0erKSL32qITdimqMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvTXF4VXF2aG1kajYzUjZzcEl2ZmFvaE4yS2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+HiMA0G
CSqGSIb3DQEBCwUAA4IBAQAHiquaKd8JH7l4AD17DK7X0buTFyJxwwO1RIwRpVWx
F0R4FnLHJoVnVXyoZPPI7sCVShWC99OynW/fdrIo42JSJBu3nXK9bjN34OeZqZBL
pWQiBd0CCHuXp2v6tUUrYaAC+hUTF9+QB2yEr/LKNpI+ccSD0n+6c3LZZtv/XlyY
vhYtAHd+uDET5tx5A/+KEx6oJthltyYYXhKyioRekKlCIrzDAxylSbSO+soflVP/
oR7CoCDwsKoAoo2e083/ZNCVMu7sinaLQtgejPOhtZZsr/8TbO8USCywqE5i1saB
gYRIgbKLgtypmtckoVCejdyCaE9LEhROCxSHichmQ8V6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org