Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/5bd26c-bbce-40c0-89d7-ef78a8a7606c/1/DbaC80h52YNXIihucB7tDB49Keo.roa
File:                     DbaC80h52YNXIihucB7tDB49Keo.roa (raw, json)
Hash identifier:          dzZZ86rC1MSwLI/x646g2tKAIWr31Xgx0TycxQRQwyw=
Subject key identifier:   0D:B6:82:F3:48:79:D9:83:57:22:28:6E:70:1E:ED:0C:1E:3D:29:EA
Certificate issuer:       /CN=1c6fd297f95531feb82c964fd67f6c94320938f6
Certificate serial:       02FD38CC
Authority key identifier: 1C:6F:D2:97:F9:55:31:FE:B8:2C:96:4F:D6:7F:6C:94:32:09:38:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HG_Sl_lVMf64LJZP1n9slDIJOPY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/5bd26c-bbce-40c0-89d7-ef78a8a7606c/1/DbaC80h52YNXIihucB7tDB49Keo.roa
Signing time:             Sat 01 Jan 2022 15:03:19 +0000
ROA not before:           Sat 01 Jan 2022 15:03:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206123
IP address blocks:        91.213.19.0/24 maxlen: 24
                          91.235.212.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50149580 (0x2fd38cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c6fd297f95531feb82c964fd67f6c94320938f6
        Validity
            Not Before: Jan  1 15:03:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0db682f34879d9835722286e701eed0c1e3d29ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:23:40:00:04:63:00:88:4f:4c:a3:71:da:e6:
                    ed:d9:9b:65:36:f9:4b:89:e3:dd:ac:77:5a:9f:79:
                    ed:16:60:e7:6c:18:3c:38:cf:0a:fe:44:e2:31:bd:
                    2c:f8:0c:04:5a:2c:df:b9:ea:b7:8b:68:9f:c8:41:
                    7a:2b:67:31:19:e4:3d:9d:5d:00:9e:54:16:69:14:
                    c5:81:6b:91:fa:e6:33:e6:70:f8:c3:24:c7:97:05:
                    80:83:ab:a1:9c:37:39:8c:5a:e7:8e:2d:96:27:87:
                    44:3a:02:18:5d:b5:74:2d:31:d7:5c:64:97:7f:61:
                    e5:08:e0:17:9d:d5:29:76:e5:19:fc:47:bd:6a:12:
                    33:ae:88:a3:e4:63:85:60:77:1a:0c:66:70:c6:4a:
                    ab:f9:1e:ed:6d:6d:e0:85:98:ee:df:c4:55:7c:5d:
                    1c:aa:51:c1:f6:87:72:0d:5d:da:a8:11:cf:75:5e:
                    d2:fb:f3:0d:c8:99:f5:a6:0d:7f:f4:5a:65:ee:47:
                    c1:f6:b4:df:f7:d5:58:73:2a:f6:ea:85:27:98:58:
                    a4:cb:01:42:e7:9f:e6:8d:d6:8d:77:67:a7:2d:56:
                    35:b7:01:49:7e:e2:7c:9c:e4:e9:a7:c9:37:8d:c5:
                    7c:f0:9a:7c:d4:37:61:a5:ba:92:ca:e6:2c:e3:83:
                    ee:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:B6:82:F3:48:79:D9:83:57:22:28:6E:70:1E:ED:0C:1E:3D:29:EA
            X509v3 Authority Key Identifier:
                keyid:1C:6F:D2:97:F9:55:31:FE:B8:2C:96:4F:D6:7F:6C:94:32:09:38:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HG_Sl_lVMf64LJZP1n9slDIJOPY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/5bd26c-bbce-40c0-89d7-ef78a8a7606c/1/DbaC80h52YNXIihucB7tDB49Keo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/5bd26c-bbce-40c0-89d7-ef78a8a7606c/1/HG_Sl_lVMf64LJZP1n9slDIJOPY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.19.0/24
                  91.235.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:52:53:87:35:d7:f4:27:d6:16:99:2d:c8:2a:98:a2:ef:e8:
         3b:26:a6:89:c5:33:28:f8:c9:44:30:fb:88:6b:3c:7f:a9:79:
         c8:79:72:46:e3:c9:f5:9d:90:fb:18:1b:64:f4:fd:2a:e6:90:
         52:35:49:70:78:97:4a:8f:91:7f:38:ec:d9:e1:ec:39:38:08:
         a5:18:1d:15:fa:31:cb:84:f4:a7:18:32:74:07:3d:c3:12:35:
         b2:bc:85:cb:89:1a:71:70:95:4f:02:48:87:d3:08:e0:3f:34:
         44:c0:56:58:cc:59:98:65:32:f4:a1:30:7d:24:19:ab:a5:5b:
         1d:b9:af:58:f6:c1:1d:c4:ce:31:a2:74:e4:4d:58:ac:72:20:
         d2:ef:bf:95:64:e1:c8:ff:f1:b8:78:1e:c6:86:81:84:6d:1c:
         01:6f:d6:33:a9:50:d8:aa:76:6d:5d:d6:a7:93:8b:61:c3:c9:
         47:a8:e8:7f:b0:f0:7a:cf:4b:d8:14:3c:b7:88:49:d1:1b:7f:
         8a:32:51:ad:90:5d:c5:f7:3c:b2:c1:e4:52:9a:f6:d3:c2:0b:
         9c:b4:6e:7c:f9:b8:fc:eb:a7:20:30:aa:95:8b:50:d9:4b:ba:
         02:04:da:38:b1:be:8f:5a:e6:55:34:81:5e:2c:b2:47:38:37:
         7c:04:9b:7d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAv04zDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzZmZDI5N2Y5NTUzMWZlYjgyYzk2NGZkNjdmNmM5NDMyMDkzOGY2MB4XDTIyMDEw
MTE1MDMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRiNjgyZjM0ODc5
ZDk4MzU3MjIyODZlNzAxZWVkMGMxZTNkMjllYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUjQAAEYwCIT0yjcdrm7dmbZTb5S4nj3ax3Wp957RZg52wY
PDjPCv5E4jG9LPgMBFos37nqt4ton8hBeitnMRnkPZ1dAJ5UFmkUxYFrkfrmM+Zw
+MMkx5cFgIOroZw3OYxa544tlieHRDoCGF21dC0x11xkl39h5QjgF53VKXblGfxH
vWoSM66Io+RjhWB3GgxmcMZKq/ke7W1t4IWY7t/EVXxdHKpRwfaHcg1d2qgRz3Ve
0vvzDciZ9aYNf/RaZe5Hwfa03/fVWHMq9uqFJ5hYpMsBQuef5o3WjXdnpy1WNbcB
SX7ifJzk6afJN43FfPCafNQ3YaW6ksrmLOOD7icCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQNtoLzSHnZg1ciKG5wHu0MHj0p6jAfBgNVHSMEGDAWgBQcb9KX+VUx/rgs
lk/Wf2yUMgk49jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hHX1NsX2xWTWY2NExKWlAxbjlzbERJSk9QWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNWJkMjZjLWJiY2UtNDBjMC04OWQ3LWVmNzhhOGE3NjA2Yy8x
L0RiYUM4MGg1MllOWElpaHVjQjd0REI0OUtlby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NWJkMjZjLWJiY2UtNDBjMC04OWQ3LWVmNzhhOGE3NjA2Yy8xL0hHX1NsX2xWTWY2
NExKWlAxbjlzbERJSk9QWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvVEwMEAFvr1DANBgkqhkiG9w0B
AQsFAAOCAQEAGVJThzXX9CfWFpktyCqYou/oOyamicUzKPjJRDD7iGs8f6l5yHly
RuPJ9Z2Q+xgbZPT9KuaQUjVJcHiXSo+Rfzjs2eHsOTgIpRgdFfoxy4T0pxgydAc9
wxI1sryFy4kacXCVTwJIh9MI4D80RMBWWMxZmGUy9KEwfSQZq6VbHbmvWPbBHcTO
MaJ05E1YrHIg0u+/lWThyP/xuHgexoaBhG0cAW/WM6lQ2Kp2bV3Wp5OLYcPJR6jo
f7Dwes9L2BQ8t4hJ0Rt/ijJRrZBdxfc8ssHkUpr208ILnLRufPm4/OunIDCqlYtQ
2Uu6AgTaOLG+j1rmVTSBXiyyRzg3fASbfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:32 2024 by rpki-client on console-fra.rpki-client.org