Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/7JXOZEQfJmYc7fMRKITltRdYEww.roa
File:                     7JXOZEQfJmYc7fMRKITltRdYEww.roa (raw, json)
Hash identifier:          9MOQzA4Yy/B0EG2Y3RRVfvvLjMPOqjImkx/u5bX7rTI=
Subject key identifier:   EC:95:CE:64:44:1F:26:66:1C:ED:F3:11:28:84:E5:B5:17:58:13:0C
Certificate issuer:       /CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Certificate serial:       01836C62A884D4975C095EE329F15F90A40D
Authority key identifier: 27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/7JXOZEQfJmYc7fMRKITltRdYEww.roa
Signing time:             Fri 23 Sep 2022 22:05:48 +0000
ROA not before:           Fri 23 Sep 2022 22:05:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41801
IP address blocks:        91.102.160.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:6c:62:a8:84:d4:97:5c:09:5e:e3:29:f1:5f:90:a4:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
        Validity
            Not Before: Sep 23 22:05:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ec95ce64441f26661cedf3112884e5b51758130c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d7:cf:6a:51:19:e6:15:ad:a3:9c:95:2f:1b:
                    1d:0b:1a:a4:f3:e8:05:88:fd:8d:fa:bc:62:d1:60:
                    06:6d:88:b7:ae:05:3d:a3:a0:6e:53:87:3c:be:2d:
                    5d:00:31:7b:78:a8:dd:7c:34:6f:55:f0:57:a2:b4:
                    40:31:5f:8e:fc:6f:5a:05:bd:ee:49:72:14:77:8a:
                    47:07:6b:05:b4:22:b8:c9:61:71:c8:70:df:41:ac:
                    74:1b:6e:14:dd:28:36:8b:44:6b:d1:f6:d4:a2:b6:
                    c9:db:f8:ee:48:5a:5b:8c:d6:ac:b1:32:a4:ef:1a:
                    81:5d:a7:59:54:e9:08:8b:e7:de:13:e2:7d:6a:7f:
                    b7:1b:37:4a:87:3c:da:81:82:0d:3e:4c:b8:2d:0f:
                    5f:f6:3c:82:0f:df:74:bd:57:07:ab:c4:7e:9f:6a:
                    7e:0e:18:33:31:67:6b:08:cd:80:8e:50:53:ba:54:
                    b4:26:41:17:61:66:47:9d:11:f9:bc:6b:70:99:50:
                    0e:09:68:0c:8f:c6:80:20:26:1e:5e:54:d2:7e:07:
                    df:e0:21:b0:62:0e:f9:51:95:1b:04:1c:64:98:f3:
                    bb:7e:ac:dc:1e:62:82:c2:83:05:42:b6:0f:40:b3:
                    e2:b2:7a:4d:50:8b:9f:99:1a:6f:04:5b:e5:d0:bd:
                    39:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:95:CE:64:44:1F:26:66:1C:ED:F3:11:28:84:E5:B5:17:58:13:0C
            X509v3 Authority Key Identifier:
                keyid:27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/7JXOZEQfJmYc7fMRKITltRdYEww.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.102.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         08:e6:69:47:a0:2e:be:24:cb:81:c5:b1:be:9f:3f:ae:86:b6:
         f9:ec:cc:6b:2b:a6:e3:20:85:4b:4c:41:9b:61:16:9b:7b:9d:
         00:9c:f1:20:b4:6f:c1:f0:19:8d:fe:15:93:76:74:9d:5a:36:
         53:e7:bb:34:91:89:60:eb:51:14:8b:fe:da:12:25:64:55:8c:
         7a:d0:92:5d:d6:c2:43:0a:56:35:6e:5f:ab:0c:64:81:f7:3f:
         33:4d:22:7c:f7:af:08:d8:e3:8c:7d:c9:c8:d4:67:05:fb:c6:
         a1:76:77:97:5f:af:6c:3a:b8:cd:a2:9c:a0:7b:42:ef:80:85:
         8b:81:60:10:30:6a:25:2c:e4:4b:ad:e0:be:6b:d9:6b:71:28:
         42:66:85:b0:9a:19:69:17:9d:49:9c:46:f7:54:12:be:c4:08:
         51:f9:f4:14:ea:c9:9b:88:91:eb:31:98:4a:f8:c6:28:9a:cd:
         58:1c:4f:62:f5:4f:0d:dc:22:ac:e8:70:f1:dd:96:75:62:e8:
         97:f5:84:79:68:31:f7:2f:cc:a3:f3:a5:4e:19:31:5d:aa:ba:
         35:43:23:d5:67:6f:97:79:2e:ba:7b:06:48:fc:57:4d:82:71:
         59:c3:a6:75:b3:9d:46:6a:53:86:8a:48:b5:7d:5f:3d:85:b7:
         80:fc:88:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNsYqiE1JdcCV7jKfFfkKQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzhiNDI3YzMxMzU5OGE5MmU4ZDhlYzYwZTI5NTBkYTM5
ZmMyYzkwHhcNMjIwOTIzMjIwNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzk1Y2U2NDQ0MWYyNjY2MWNlZGYzMTEyODg0ZTViNTE3NTgxMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNfPalEZ5hWto5yVLxsdCxqk8+gF
iP2N+rxi0WAGbYi3rgU9o6BuU4c8vi1dADF7eKjdfDRvVfBXorRAMV+O/G9aBb3u
SXIUd4pHB2sFtCK4yWFxyHDfQax0G24U3Sg2i0Rr0fbUorbJ2/juSFpbjNassTKk
7xqBXadZVOkIi+feE+J9an+3GzdKhzzagYINPky4LQ9f9jyCD990vVcHq8R+n2p+
DhgzMWdrCM2AjlBTulS0JkEXYWZHnRH5vGtwmVAOCWgMj8aAICYeXlTSfgff4CGw
Yg75UZUbBBxkmPO7fqzcHmKCwoMFQrYPQLPisnpNUIufmRpvBFvl0L05mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOyVzmREHyZmHO3zESiE5bUXWBMMMB8GA1UdIwQY
MBaAFCfItCfDE1mKkujY7GDilQ2jn8LJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzct
MWM2ZWU0NGUxMWFkLzEvN0pYT1pFUWZKbVljN2ZNUktJVGx0UmRZRXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzctMWM2ZWU0NGUxMWFk
LzEvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW2agMA0G
CSqGSIb3DQEBCwUAA4IBAQAI5mlHoC6+JMuBxbG+nz+uhrb57MxrK6bjIIVLTEGb
YRabe50AnPEgtG/B8BmN/hWTdnSdWjZT57s0kYlg61EUi/7aEiVkVYx60JJd1sJD
ClY1bl+rDGSB9z8zTSJ8968I2OOMfcnI1GcF+8ahdneXX69sOrjNopyge0LvgIWL
gWAQMGolLORLreC+a9lrcShCZoWwmhlpF51JnEb3VBK+xAhR+fQU6smbiJHrMZhK
+MYoms1YHE9i9U8N3CKs6HDx3ZZ1YuiX9YR5aDH3L8yj86VOGTFdqro1QyPVZ2+X
eS66ewZI/FdNgnFZw6Z1s51GalOGiki1fV89hbeA/Iic
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org