Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/vFfYLgw5g35ddug_-us3lzVuJIE.roa
File:                     vFfYLgw5g35ddug_-us3lzVuJIE.roa (raw, json)
Hash identifier:          TMUWpHljKa9al6FfX3WK+Bk1bBLGpryVaPD24lBS1FQ=
Subject key identifier:   BC:57:D8:2E:0C:39:83:7E:5D:76:E8:3F:FA:EB:37:97:35:6E:24:81
Certificate issuer:       /CN=1e7b2e243f8aa954597932bcdcd9af6560dce516
Certificate serial:       018427F445A6F75BA6FCF75D18C52AF0A24F
Authority key identifier: 1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/vFfYLgw5g35ddug_-us3lzVuJIE.roa
Signing time:             Sun 30 Oct 2022 08:13:50 +0000
ROA not before:           Sun 30 Oct 2022 08:13:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47817
IP address blocks:        91.208.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:27:f4:45:a6:f7:5b:a6:fc:f7:5d:18:c5:2a:f0:a2:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e7b2e243f8aa954597932bcdcd9af6560dce516
        Validity
            Not Before: Oct 30 08:13:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bc57d82e0c39837e5d76e83ffaeb3797356e2481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:68:47:e7:f6:bb:ad:8e:de:21:ce:29:20:3c:
                    b9:e1:08:70:f0:41:cc:85:22:0d:f8:f4:3c:01:75:
                    4e:67:25:1f:bb:70:27:a7:da:f7:51:70:94:89:43:
                    c7:be:c3:5d:e5:52:d3:ac:7a:b6:5d:d0:42:b6:3a:
                    83:8c:4a:cb:61:e2:04:94:28:1b:40:29:ac:e2:e9:
                    86:8c:56:46:06:39:23:2f:8a:93:b5:55:e2:b1:f4:
                    88:e3:56:e6:31:ae:d6:e7:f8:e6:11:62:40:74:11:
                    ad:1b:ac:dd:d3:38:57:c1:57:e2:d9:e3:5c:d6:f9:
                    f8:9c:8a:2c:58:e1:b3:2b:50:15:93:c2:4f:4a:ee:
                    cb:96:0e:96:ea:ce:b9:1a:ad:f7:2a:81:0b:ae:00:
                    a1:4b:8f:22:c0:d9:cd:39:33:19:e9:73:b6:30:c8:
                    51:df:d5:fc:a3:75:d8:df:86:42:23:47:07:fe:3e:
                    87:76:56:a2:a1:12:7d:12:8f:1d:58:82:93:39:e3:
                    b6:41:25:98:55:20:af:45:c2:32:f2:99:1a:0f:4a:
                    39:a7:3c:55:03:9a:f6:30:6a:48:72:06:8e:5e:cb:
                    7b:dd:06:b9:5b:8d:6f:a9:eb:a6:bd:f1:20:17:da:
                    64:1e:70:a7:e3:1f:ac:a4:09:f6:d2:fb:aa:f6:03:
                    5e:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:57:D8:2E:0C:39:83:7E:5D:76:E8:3F:FA:EB:37:97:35:6E:24:81
            X509v3 Authority Key Identifier:
                keyid:1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/vFfYLgw5g35ddug_-us3lzVuJIE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:a0:e4:19:be:a4:e8:86:6c:ac:3b:cd:5b:2a:54:0d:94:12:
         4e:0c:fd:80:b7:07:6b:9b:19:09:be:2a:61:70:d1:0d:ae:d5:
         6b:10:64:51:13:57:7c:d3:71:03:eb:4f:73:f4:26:a8:3d:ff:
         59:87:f8:83:d5:45:eb:90:33:80:e3:ab:0c:49:1b:31:30:29:
         2f:f7:8c:37:4c:60:ce:b0:1e:b6:5b:4e:6c:e3:de:c1:a2:2c:
         3c:4a:59:2c:7f:39:48:74:b8:aa:22:ab:90:87:e8:6f:50:7c:
         df:f5:8d:13:02:69:b1:9a:88:95:0f:9c:09:11:86:1d:e7:79:
         33:b1:48:df:ad:93:cc:e2:86:2d:76:d4:65:52:a3:2d:13:d2:
         c2:b5:e0:c2:d9:01:a5:a3:46:f9:aa:62:ba:fa:ba:6b:37:0e:
         9b:11:4b:ff:82:5e:1c:f7:c0:b7:09:99:26:4d:c9:b1:c6:96:
         ef:1f:4e:25:f3:77:be:d5:af:9f:f2:7c:98:dd:40:7f:ad:ec:
         c2:3a:a9:3e:8d:01:d1:14:4b:ef:5d:ee:32:37:fa:fc:cd:e2:
         d7:cf:e0:3a:d0:64:4c:40:61:b7:31:0d:6f:44:bc:ed:d8:2d:
         3b:f9:28:9f:fe:13:b2:db:9d:4b:d3:f6:76:27:a8:4a:1e:17:
         f0:fc:4a:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQn9EWm91um/PddGMUq8KJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlN2IyZTI0M2Y4YWE5NTQ1OTc5MzJiY2RjZDlhZjY1NjBk
Y2U1MTYwHhcNMjIxMDMwMDgxMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzU3ZDgyZTBjMzk4MzdlNWQ3NmU4M2ZmYWViMzc5NzM1NmUyNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWhH5/a7rY7eIc4pIDy54Qhw8EHM
hSIN+PQ8AXVOZyUfu3Anp9r3UXCUiUPHvsNd5VLTrHq2XdBCtjqDjErLYeIElCgb
QCms4umGjFZGBjkjL4qTtVXisfSI41bmMa7W5/jmEWJAdBGtG6zd0zhXwVfi2eNc
1vn4nIosWOGzK1AVk8JPSu7Llg6W6s65Gq33KoELrgChS48iwNnNOTMZ6XO2MMhR
39X8o3XY34ZCI0cH/j6HdlaioRJ9Eo8dWIKTOeO2QSWYVSCvRcIy8pkaD0o5pzxV
A5r2MGpIcgaOXst73Qa5W41vqeumvfEgF9pkHnCn4x+spAn20vuq9gNehQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxX2C4MOYN+XXboP/rrN5c1biSBMB8GA1UdIwQY
MBaAFB57LiQ/iqlUWXkyvNzZr2Vg3OUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMt
ZDU0OTU1NjQzY2Q5LzEvdkZmWUxndzVnMzVkZHVnXy11czNselZ1SklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMtZDU0OTU1NjQzY2Q5
LzEvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ClMA0G
CSqGSIb3DQEBCwUAA4IBAQB2oOQZvqTohmysO81bKlQNlBJODP2AtwdrmxkJviph
cNENrtVrEGRRE1d803ED609z9CaoPf9Zh/iD1UXrkDOA46sMSRsxMCkv94w3TGDO
sB62W05s497Boiw8SlksfzlIdLiqIquQh+hvUHzf9Y0TAmmxmoiVD5wJEYYd53kz
sUjfrZPM4oYtdtRlUqMtE9LCteDC2QGlo0b5qmK6+rprNw6bEUv/gl4c98C3CZkm
TcmxxpbvH04l83e+1a+f8nyY3UB/rezCOqk+jQHRFEvvXe4yN/r8zeLXz+A60GRM
QGG3MQ1vRLzt2C07+Sif/hOy251L0/Z2J6hKHhfw/Eqk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:25 2024 by rpki-client on console-fra.rpki-client.org