Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/ni96Q80VTm1dsmnhKCpESlsnHBg.roa
File:                     ni96Q80VTm1dsmnhKCpESlsnHBg.roa (raw, json)
Hash identifier:          eQctEmaG/DCydB5pqBRw5zqBVw9cctmrDayezn/OmlU=
Subject key identifier:   9E:2F:7A:43:CD:15:4E:6D:5D:B2:69:E1:28:2A:44:4A:5B:27:1C:18
Certificate issuer:       /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial:       01840B5FC752DDB502F9BB91681BA371ED99
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/ni96Q80VTm1dsmnhKCpESlsnHBg.roa
Signing time:             Mon 24 Oct 2022 19:02:17 +0000
ROA not before:           Mon 24 Oct 2022 19:02:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        91.103.124.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:0b:5f:c7:52:dd:b5:02:f9:bb:91:68:1b:a3:71:ed:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
        Validity
            Not Before: Oct 24 19:02:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9e2f7a43cd154e6d5db269e1282a444a5b271c18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:4c:0e:36:3e:2c:5a:84:30:f1:5d:dd:09:32:
                    2d:5b:91:f8:ac:88:18:33:e1:25:ec:45:b0:d4:f5:
                    15:7a:51:3d:3e:4f:5f:af:82:cb:f4:2e:83:f1:16:
                    e2:f7:48:04:8e:5a:d3:45:29:04:35:3f:bb:8e:b0:
                    52:1e:b0:78:36:ed:d5:ba:20:5a:4c:49:4e:ab:08:
                    84:01:62:c1:d3:96:f1:5a:b2:16:f8:1c:7d:93:5a:
                    f4:e9:cf:b3:bf:7b:2f:85:47:66:90:d6:f1:fb:45:
                    b6:60:9b:0d:62:69:60:80:e8:50:16:3d:ab:a4:15:
                    70:3e:ba:78:c2:3c:76:40:b6:05:db:b1:44:37:62:
                    4b:fe:21:16:bc:a1:37:f7:40:50:95:72:29:88:7c:
                    41:6a:e8:fb:43:b8:05:73:3e:7f:c0:63:39:6c:4d:
                    83:68:9c:01:68:64:f6:22:4b:f7:a2:8d:f6:93:f0:
                    7b:c3:de:70:5e:a1:9b:02:76:5a:dd:2d:0c:9e:03:
                    00:d1:d8:18:fd:64:25:a4:86:57:21:39:0e:14:c9:
                    9e:a5:94:a2:c9:3c:51:f8:e0:1e:cb:68:07:ed:58:
                    4f:55:74:3f:b3:53:d4:11:ae:71:5b:33:3a:8d:13:
                    b9:94:7d:c2:c7:4c:4a:05:57:50:2b:51:a3:61:e8:
                    43:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:2F:7A:43:CD:15:4E:6D:5D:B2:69:E1:28:2A:44:4A:5B:27:1C:18
            X509v3 Authority Key Identifier:
                keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/ni96Q80VTm1dsmnhKCpESlsnHBg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.103.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8e:3a:8d:67:f4:27:95:44:d7:98:70:36:ae:db:da:09:d9:fc:
         b0:39:36:40:2a:bd:78:5e:60:f9:be:f3:6f:c0:3a:04:6b:fe:
         26:27:0e:33:a7:d9:98:3b:09:9f:17:db:02:19:46:d3:e4:a8:
         59:ad:20:98:45:14:aa:dc:08:28:db:45:5a:46:a2:86:17:70:
         e4:b5:4c:47:c2:79:8f:f8:cf:d8:f2:94:5a:b9:46:1e:17:15:
         4b:e0:c6:bc:8a:7d:0c:73:ed:8c:64:9a:f6:2c:da:07:cc:e7:
         ba:dd:bd:42:08:d8:71:af:9b:53:16:16:eb:ef:1d:7f:1d:c5:
         fc:cb:14:0b:b1:62:16:92:08:f5:27:0e:b6:31:49:5b:40:c2:
         2e:a6:a0:3e:c0:ce:64:54:51:54:e3:d3:bd:82:f6:21:3c:27:
         a3:dc:e4:85:81:67:0d:1d:18:35:a2:4f:2b:ec:f8:68:36:ab:
         87:93:b3:d2:8e:0f:c6:8a:c1:72:d2:29:ec:ab:70:de:84:1c:
         44:59:1c:b3:3c:24:2f:29:22:b2:9b:2a:2b:f7:08:d7:13:a1:
         0b:c6:6a:4f:c2:28:02:a5:56:6f:c2:73:84:85:0a:ac:66:17:
         f2:9d:b8:46:2a:b9:a2:64:eb:67:67:e0:6c:44:90:f9:38:19:
         67:2d:33:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQLX8dS3bUC+buRaBujce2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIxMDI0MTkwMjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTJmN2E0M2NkMTU0ZTZkNWRiMjY5ZTEyODJhNDQ0YTViMjcxYzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkwONj4sWoQw8V3dCTItW5H4rIgY
M+El7EWw1PUVelE9Pk9fr4LL9C6D8Rbi90gEjlrTRSkENT+7jrBSHrB4Nu3VuiBa
TElOqwiEAWLB05bxWrIW+Bx9k1r06c+zv3svhUdmkNbx+0W2YJsNYmlggOhQFj2r
pBVwPrp4wjx2QLYF27FEN2JL/iEWvKE390BQlXIpiHxBauj7Q7gFcz5/wGM5bE2D
aJwBaGT2Ikv3oo32k/B7w95wXqGbAnZa3S0MngMA0dgY/WQlpIZXITkOFMmepZSi
yTxR+OAey2gH7VhPVXQ/s1PUEa5xWzM6jRO5lH3Cx0xKBVdQK1GjYehDswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4vekPNFU5tXbJp4SgqREpbJxwYMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvbmk5NlE4MFZUbTFkc21uaEtDcEVTbHNuSEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW2d8MA0G
CSqGSIb3DQEBCwUAA4IBAQCOOo1n9CeVRNeYcDau29oJ2fywOTZAKr14XmD5vvNv
wDoEa/4mJw4zp9mYOwmfF9sCGUbT5KhZrSCYRRSq3Ago20VaRqKGF3DktUxHwnmP
+M/Y8pRauUYeFxVL4Ma8in0Mc+2MZJr2LNoHzOe63b1CCNhxr5tTFhbr7x1/HcX8
yxQLsWIWkgj1Jw62MUlbQMIupqA+wM5kVFFU49O9gvYhPCej3OSFgWcNHRg1ok8r
7PhoNquHk7PSjg/GisFy0insq3DehBxEWRyzPCQvKSKymyor9wjXE6ELxmpPwigC
pVZvwnOEhQqsZhfynbhGKrmiZOtnZ+BsRJD5OBlnLTMg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org