Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/puXZK-P4pqRlusBM6cD6sWpMnig.roa
File:                     puXZK-P4pqRlusBM6cD6sWpMnig.roa (raw, json)
Hash identifier:          r/zbsmEif4o9yL4N2AjJ7ETWGiNgzCmH344NfA20qbg=
Subject key identifier:   A6:E5:D9:2B:E3:F8:A6:A4:65:BA:C0:4C:E9:C0:FA:B1:6A:4C:9E:28
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       0183ECF3EBD2879C42FF116A6B966B2A62F8
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/puXZK-P4pqRlusBM6cD6sWpMnig.roa
Signing time:             Tue 18 Oct 2022 21:15:52 +0000
ROA not before:           Tue 18 Oct 2022 21:15:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43310
IP address blocks:        91.225.227.0/24 maxlen: 24
                          188.191.96.0/20 maxlen: 20
                          188.191.97.0/24 maxlen: 24
                          188.191.96.0/24 maxlen: 24
                          188.191.99.0/24 maxlen: 24
                          188.191.102.0/24 maxlen: 24
                          188.191.108.0/24 maxlen: 24
                          188.191.107.0/24 maxlen: 24
                          188.191.106.0/24 maxlen: 24
                          188.191.111.0/24 maxlen: 24
                          91.225.224.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ec:f3:eb:d2:87:9c:42:ff:11:6a:6b:96:6b:2a:62:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Oct 18 21:15:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a6e5d92be3f8a6a465bac04ce9c0fab16a4c9e28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:55:5a:24:21:55:54:0b:00:f7:e4:02:e0:04:
                    2e:f1:46:c8:e9:b4:ce:9e:95:66:57:4a:96:64:e6:
                    19:20:c0:b1:94:e5:9f:2f:90:d6:08:d8:ff:c6:a6:
                    03:b5:22:2c:ec:1b:9c:76:f8:5d:ef:af:1c:ad:4b:
                    d6:0a:66:87:a5:ed:0f:82:5e:86:78:00:c0:c1:16:
                    7f:ea:dc:98:19:bd:97:b8:01:96:0f:40:d2:7d:49:
                    8e:ff:0a:6b:00:c5:7b:43:11:ac:80:7c:0f:1e:77:
                    dd:42:fb:f5:13:78:f4:89:74:01:b0:98:f8:49:34:
                    f3:5d:24:c7:36:86:1d:d7:f4:76:f4:5a:c1:69:3f:
                    c2:b9:89:ba:8e:77:f1:ed:d9:ae:48:99:0f:18:7e:
                    f9:62:55:a7:b5:6c:b8:1b:b1:71:58:f9:de:c9:4d:
                    84:b7:ba:af:db:d6:d0:12:3c:e4:c5:84:6c:2a:b1:
                    fd:a5:5d:34:00:ed:cb:eb:74:fa:0d:09:38:f4:6d:
                    c8:bc:3f:0e:93:1a:68:83:2d:0b:cc:59:e4:33:12:
                    44:77:8d:d9:4f:d3:a3:69:83:36:02:1c:1b:98:f3:
                    2a:a5:54:21:13:16:fb:c2:15:5c:31:6b:4e:66:27:
                    ad:39:0f:56:72:35:82:d9:63:d6:37:67:7b:d7:82:
                    c1:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:E5:D9:2B:E3:F8:A6:A4:65:BA:C0:4C:E9:C0:FA:B1:6A:4C:9E:28
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/puXZK-P4pqRlusBM6cD6sWpMnig.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.225.224.0/24
                  91.225.227.0/24
                  188.191.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         32:d1:ea:cc:1f:e6:22:a8:8f:92:ef:dd:f3:7b:b5:92:bd:72:
         fb:be:6c:30:6e:aa:99:b2:60:26:0c:66:52:e3:53:a3:91:ef:
         52:ae:dd:d3:bb:b9:a4:c3:69:22:da:c7:21:79:70:9d:9e:9a:
         1f:7c:f9:3b:5c:e9:72:c8:8c:46:c5:77:8e:3d:62:a4:84:59:
         c6:14:b6:b9:8b:ad:58:4f:21:97:e2:74:b7:94:09:bc:f9:a5:
         d5:cb:0b:4a:1c:8a:26:c0:68:9e:ac:9f:24:8e:d7:b0:0b:8f:
         33:03:e9:da:8f:10:24:4c:78:c9:4e:5f:d6:21:3b:f8:e6:cb:
         d7:0d:fe:93:67:8a:37:fe:ce:00:b4:89:fa:21:29:db:39:f4:
         f2:fc:a6:21:26:f4:78:3f:99:74:2d:62:b9:4c:98:82:56:95:
         f8:31:30:7f:c8:eb:35:ab:81:38:2f:f4:e6:31:fc:9a:16:7d:
         cc:67:fc:ee:2d:8d:4a:5f:2b:cb:e4:74:80:cb:a5:2c:c0:0e:
         ee:7f:f8:e1:9e:56:da:75:71:fb:d8:96:26:8f:0b:74:29:38:
         6d:92:d2:99:fd:b5:8c:23:c7:f5:60:91:ce:2e:cd:da:96:a7:
         b7:df:10:4a:dc:df:6d:3b:01:05:2e:de:67:b8:32:81:ec:c8:
         01:a8:d4:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPs8+vSh5xC/xFqa5ZrKmL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjIxMDE4MjExNTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmU1ZDkyYmUzZjhhNmE0NjViYWMwNGNlOWMwZmFiMTZhNGM5ZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFVaJCFVVAsA9+QC4AQu8UbI6bTO
npVmV0qWZOYZIMCxlOWfL5DWCNj/xqYDtSIs7Bucdvhd768crUvWCmaHpe0Pgl6G
eADAwRZ/6tyYGb2XuAGWD0DSfUmO/wprAMV7QxGsgHwPHnfdQvv1E3j0iXQBsJj4
STTzXSTHNoYd1/R29FrBaT/CuYm6jnfx7dmuSJkPGH75YlWntWy4G7FxWPneyU2E
t7qv29bQEjzkxYRsKrH9pV00AO3L63T6DQk49G3IvD8Okxpogy0LzFnkMxJEd43Z
T9OjaYM2AhwbmPMqpVQhExb7whVcMWtOZietOQ9WcjWC2WPWN2d714LBxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKbl2Svj+KakZbrATOnA+rFqTJ4oMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvcHVYWkstUDRwcVJsdXNCTTZjRDZzV3BNbmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+HgAwQA
W+HjAwQEvL9gMA0GCSqGSIb3DQEBCwUAA4IBAQAy0erMH+YiqI+S793ze7WSvXL7
vmwwbqqZsmAmDGZS41Ojke9Srt3Tu7mkw2ki2scheXCdnpoffPk7XOlyyIxGxXeO
PWKkhFnGFLa5i61YTyGX4nS3lAm8+aXVywtKHIomwGierJ8kjtewC48zA+najxAk
THjJTl/WITv45svXDf6TZ4o3/s4AtIn6ISnbOfTy/KYhJvR4P5l0LWK5TJiCVpX4
MTB/yOs1q4E4L/TmMfyaFn3MZ/zuLY1KXyvL5HSAy6UswA7uf/jhnlbadXH72JYm
jwt0KThtktKZ/bWMI8f1YJHOLs3alqe33xBK3N9tOwEFLt5nuDKB7MgBqNQq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org