Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3a094c-ff8e-4b44-81f0-94c7601aefda/1/buVNEV5tfNIqcAt1OBk5p-0R-v4.roa
File:                     buVNEV5tfNIqcAt1OBk5p-0R-v4.roa (raw, json)
Hash identifier:          cll77FR3vf9XyCLbWqs7V1/TK4yjf72QCZHo98wUCBg=
Subject key identifier:   6E:E5:4D:11:5E:6D:7C:D2:2A:70:0B:75:38:19:39:A7:ED:11:FA:FE
Certificate issuer:       /CN=19139575c401283fff536137b0e83e5415fe18d0
Certificate serial:       0184A9ED967907183CB5A4D868C25BB8503B
Authority key identifier: 19:13:95:75:C4:01:28:3F:FF:53:61:37:B0:E8:3E:54:15:FE:18:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GROVdcQBKD__U2E3sOg-VBX-GNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/3a094c-ff8e-4b44-81f0-94c7601aefda/1/buVNEV5tfNIqcAt1OBk5p-0R-v4.roa
Signing time:             Thu 24 Nov 2022 13:57:10 +0000
ROA not before:           Thu 24 Nov 2022 13:57:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44201
IP address blocks:        91.209.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a9:ed:96:79:07:18:3c:b5:a4:d8:68:c2:5b:b8:50:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19139575c401283fff536137b0e83e5415fe18d0
        Validity
            Not Before: Nov 24 13:57:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6ee54d115e6d7cd22a700b75381939a7ed11fafe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:13:fd:bc:2c:a2:57:36:fb:10:1b:ad:1c:6f:
                    cf:0b:ad:16:29:fb:e6:8e:74:67:af:19:6d:85:3d:
                    8a:99:96:54:61:07:61:e9:e8:bf:c3:1d:16:f8:9c:
                    22:32:5c:0f:8a:d2:c5:a4:10:05:fb:9f:7f:da:9e:
                    dd:25:f0:b9:0e:04:34:b8:95:c1:40:1d:38:b3:a6:
                    8a:bc:db:1c:91:0e:8c:e9:f9:81:67:bd:19:16:ba:
                    f0:13:80:9e:21:e6:e2:56:86:af:46:7e:3d:a9:53:
                    8f:ab:e7:1e:7f:8c:96:dd:91:db:8d:fa:b1:e9:fc:
                    6f:7f:a4:23:51:81:dc:95:19:47:a4:cc:8a:7d:0a:
                    d8:f1:a4:1c:50:04:a9:2b:ea:68:1b:15:a2:16:5c:
                    51:60:97:9c:14:a1:54:81:5f:49:40:c1:3b:3a:1f:
                    92:46:7d:0c:a3:32:7a:e5:e0:86:ad:fb:1f:e8:0c:
                    d6:d2:8c:9c:3f:91:54:bf:70:9c:ca:34:73:62:d0:
                    25:48:eb:f2:a6:24:8b:3b:27:41:7d:ad:ac:51:56:
                    ca:36:72:b1:6f:f6:56:ab:9f:46:87:8b:09:bb:d4:
                    63:1b:80:06:df:36:4a:36:42:35:9a:74:b7:8b:aa:
                    db:72:7a:a5:62:bd:83:ba:0d:98:5c:b5:4b:4f:3f:
                    ba:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:E5:4D:11:5E:6D:7C:D2:2A:70:0B:75:38:19:39:A7:ED:11:FA:FE
            X509v3 Authority Key Identifier:
                keyid:19:13:95:75:C4:01:28:3F:FF:53:61:37:B0:E8:3E:54:15:FE:18:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GROVdcQBKD__U2E3sOg-VBX-GNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3a094c-ff8e-4b44-81f0-94c7601aefda/1/buVNEV5tfNIqcAt1OBk5p-0R-v4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3a094c-ff8e-4b44-81f0-94c7601aefda/1/GROVdcQBKD__U2E3sOg-VBX-GNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.209.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:1c:d6:a1:bf:ec:c1:98:42:7e:64:ad:8c:bd:cb:18:8a:50:
         dd:f3:0f:ae:99:a2:9a:86:bf:6e:de:75:ca:ee:3d:b8:1b:95:
         17:99:c2:42:69:3f:1f:d9:45:64:75:f5:ed:af:1c:68:5a:68:
         37:d8:df:19:68:02:d2:a6:a2:96:6a:95:ef:18:be:87:8a:3e:
         92:8c:b8:ea:f7:9c:c7:5c:fc:54:b1:96:68:03:ec:97:a8:ea:
         10:2b:ce:76:a1:4c:ea:04:e8:b8:17:75:36:b3:09:da:de:04:
         41:56:0a:a0:a4:60:a4:21:0d:7d:0b:58:5a:d3:5a:f7:1b:c1:
         26:dd:7f:2b:50:3e:8b:91:b0:7e:88:a0:93:d0:ca:11:ed:d8:
         03:f6:7a:36:8a:8c:48:3c:19:56:b4:c3:d8:6f:b4:82:59:73:
         f6:10:9c:56:1e:c3:8a:64:db:db:d4:87:e7:96:a0:33:a0:25:
         35:e7:09:36:d0:f0:93:c8:fc:05:c0:18:06:68:8e:4c:20:77:
         9a:ec:10:05:35:69:91:ac:bf:ed:93:77:b5:16:d7:af:de:40:
         85:ef:97:7e:c5:54:b6:d6:c2:a0:32:89:97:38:71:29:6a:f1:
         b1:98:32:49:18:7f:56:e5:f2:00:8f:df:28:8f:38:82:68:07:
         7f:62:05:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSp7ZZ5Bxg8taTYaMJbuFA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTM5NTc1YzQwMTI4M2ZmZjUzNjEzN2IwZTgzZTU0MTVm
ZTE4ZDAwHhcNMjIxMTI0MTM1NzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU1NGQxMTVlNmQ3Y2QyMmE3MDBiNzUzODE5MzlhN2VkMTFmYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RP9vCyiVzb7EButHG/PC60WKfvm
jnRnrxlthT2KmZZUYQdh6ei/wx0W+JwiMlwPitLFpBAF+59/2p7dJfC5DgQ0uJXB
QB04s6aKvNsckQ6M6fmBZ70ZFrrwE4CeIebiVoavRn49qVOPq+cef4yW3ZHbjfqx
6fxvf6QjUYHclRlHpMyKfQrY8aQcUASpK+poGxWiFlxRYJecFKFUgV9JQME7Oh+S
Rn0MozJ65eCGrfsf6AzW0oycP5FUv3CcyjRzYtAlSOvypiSLOydBfa2sUVbKNnKx
b/ZWq59Gh4sJu9RjG4AG3zZKNkI1mnS3i6rbcnqlYr2Dug2YXLVLTz+6qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7lTRFebXzSKnALdTgZOaftEfr+MB8GA1UdIwQY
MBaAFBkTlXXEASg//1NhN7DoPlQV/hjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JPVmRjUUJLRF9fVTJFM3NPZy1WQlgtR05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zYTA5NGMtZmY4ZS00YjQ0LTgxZjAt
OTRjNzYwMWFlZmRhLzEvYnVWTkVWNXRmTklxY0F0MU9CazVwLTBSLXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zYTA5NGMtZmY4ZS00YjQ0LTgxZjAtOTRjNzYwMWFlZmRh
LzEvR1JPVmRjUUJLRF9fVTJFM3NPZy1WQlgtR05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GSMA0G
CSqGSIb3DQEBCwUAA4IBAQBKHNahv+zBmEJ+ZK2MvcsYilDd8w+umaKahr9u3nXK
7j24G5UXmcJCaT8f2UVkdfXtrxxoWmg32N8ZaALSpqKWapXvGL6Hij6SjLjq95zH
XPxUsZZoA+yXqOoQK852oUzqBOi4F3U2swna3gRBVgqgpGCkIQ19C1ha01r3G8Em
3X8rUD6LkbB+iKCT0MoR7dgD9no2ioxIPBlWtMPYb7SCWXP2EJxWHsOKZNvb1Ifn
lqAzoCU15wk20PCTyPwFwBgGaI5MIHea7BAFNWmRrL/tk3e1Ftev3kCF75d+xVS2
1sKgMomXOHEpavGxmDJJGH9W5fIAj98ojziCaAd/YgXM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:19 2024 by rpki-client on console-fra.rpki-client.org