Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/OI9lvmDn9muy6UA_9QUQ_IFdUIQ.roa
File:                     OI9lvmDn9muy6UA_9QUQ_IFdUIQ.roa (raw, json)
Hash identifier:          w5o1+f1qo8Bs4XZ/ovOq1G2H8EVS6FSDiHO3/Cvo3H0=
Subject key identifier:   38:8F:65:BE:60:E7:F6:6B:B2:E9:40:3F:F5:05:10:FC:81:5D:50:84
Certificate issuer:       /CN=7e45a9a0353a33c6a4f93608f9d25f27c85948b7
Certificate serial:       389E5389
Authority key identifier: 7E:45:A9:A0:35:3A:33:C6:A4:F9:36:08:F9:D2:5F:27:C8:59:48:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/OI9lvmDn9muy6UA_9QUQ_IFdUIQ.roa
Signing time:             Sat 02 Jul 2022 14:28:25 +0000
ROA not before:           Sat 02 Jul 2022 14:28:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     5089
IP address blocks:        91.209.142.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 949900169 (0x389e5389)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e45a9a0353a33c6a4f93608f9d25f27c85948b7
        Validity
            Not Before: Jul  2 14:28:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=388f65be60e7f66bb2e9403ff50510fc815d5084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:93:00:c9:e7:35:fb:25:29:4a:6a:33:d0:5c:
                    10:8d:0a:91:61:41:09:38:30:b3:2a:b4:a0:88:3f:
                    2b:23:90:51:48:ee:31:fc:2f:a3:38:ff:c2:27:d5:
                    4f:10:d3:8f:39:af:1a:0e:a3:7e:77:28:23:25:bc:
                    bd:67:be:fb:06:f6:11:b5:b8:d6:19:61:54:50:10:
                    ea:29:2a:21:66:62:39:52:25:6b:e9:3c:b0:9f:4d:
                    32:a7:98:89:e8:8e:d7:f7:6c:c5:fc:74:9f:ac:f1:
                    2a:bb:98:ab:57:34:db:53:d3:34:f8:0f:19:a2:21:
                    80:6f:cd:4e:03:27:45:62:bf:22:50:53:87:d6:29:
                    a4:f1:08:8b:f6:c6:46:9c:df:46:1b:d0:0f:76:b3:
                    82:96:9d:6b:ab:d0:e5:9d:49:ac:96:10:b5:0e:e5:
                    27:bc:ec:9e:8d:b2:90:fe:cb:a8:4b:f6:bd:3c:ce:
                    83:c9:f4:9f:62:e6:78:2b:6b:f7:5d:0f:03:d2:a8:
                    b2:68:a4:ee:95:c2:2f:b4:90:b6:7d:e1:23:2d:d6:
                    89:b4:1c:d6:3d:72:d0:74:1a:bb:e7:88:d4:a3:ec:
                    93:9d:72:b9:85:24:09:2f:05:4f:73:2a:3e:9a:31:
                    5a:85:b7:71:5a:bd:97:c6:f1:b4:46:30:0e:4c:33:
                    32:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:8F:65:BE:60:E7:F6:6B:B2:E9:40:3F:F5:05:10:FC:81:5D:50:84
            X509v3 Authority Key Identifier:
                keyid:7E:45:A9:A0:35:3A:33:C6:A4:F9:36:08:F9:D2:5F:27:C8:59:48:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/OI9lvmDn9muy6UA_9QUQ_IFdUIQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.209.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:be:dd:57:74:6d:41:f8:53:b7:af:71:48:09:b8:64:84:c6:
         f9:03:a4:6a:18:a5:f3:60:88:da:06:33:65:64:81:49:aa:a0:
         57:27:45:c5:1b:54:38:89:33:92:e4:a7:78:af:c3:88:8d:1b:
         05:0e:b2:9f:fa:77:d8:9f:4d:79:76:83:e5:4c:c4:e9:22:b7:
         f5:f3:57:68:c0:e6:ce:87:a5:db:2c:21:25:bf:95:74:9c:0b:
         21:4c:5d:f8:17:5b:61:65:07:47:ac:af:12:10:c1:9b:9e:d0:
         be:d8:ec:ed:e8:f9:59:07:76:7d:02:70:e1:2c:c1:63:9a:99:
         e1:91:10:d7:ea:cb:7a:d7:e1:35:7b:9b:04:6e:cd:8c:9d:3b:
         cc:8e:af:17:ab:bd:82:22:20:43:ae:d8:00:d6:ab:96:9a:c5:
         11:9a:87:f7:2e:7b:57:4e:8d:b0:63:aa:57:cb:2f:66:5e:1b:
         a4:e9:4f:a9:65:49:da:f2:5e:a6:f7:26:49:9f:54:d7:57:fe:
         cc:1b:36:fa:f2:fd:69:d4:9a:b0:5f:cc:e5:70:fb:ea:42:ec:
         8b:97:35:0a:86:3a:4b:4c:ef:02:3f:5e:87:11:66:ff:87:03:
         b9:69:99:49:25:e7:70:d2:d9:84:88:c7:9e:a0:ae:1b:c2:6f:
         62:48:83:a1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOJ5TiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZTQ1YTlhMDM1M2EzM2M2YTRmOTM2MDhmOWQyNWYyN2M4NTk0OGI3MB4XDTIyMDcw
MjE0MjgyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg4ZjY1YmU2MGU3
ZjY2YmIyZTk0MDNmZjUwNTEwZmM4MTVkNTA4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWTAMnnNfslKUpqM9BcEI0KkWFBCTgwsyq0oIg/KyOQUUju
Mfwvozj/wifVTxDTjzmvGg6jfncoIyW8vWe++wb2EbW41hlhVFAQ6ikqIWZiOVIl
a+k8sJ9NMqeYieiO1/dsxfx0n6zxKruYq1c021PTNPgPGaIhgG/NTgMnRWK/IlBT
h9YppPEIi/bGRpzfRhvQD3azgpada6vQ5Z1JrJYQtQ7lJ7zsno2ykP7LqEv2vTzO
g8n0n2LmeCtr910PA9Kosmik7pXCL7SQtn3hIy3WibQc1j1y0HQau+eI1KPsk51y
uYUkCS8FT3MqPpoxWoW3cVq9l8bxtEYwDkwzMpMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4j2W+YOf2a7LpQD/1BRD8gV1QhDAfBgNVHSMEGDAWgBR+RamgNTozxqT5
Ngj50l8nyFlItzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZrV3BvRFU2TThhay1UWUktZEpmSjhoWlNMYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvZGQ3YmViLTZmNzgtNDE5Yi05NTdkLTM3YTYwYzMzNWE1ZC8x
L09JOWx2bURuOW11eTZVQV85UVVRX0lGZFVJUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
ZGQ3YmViLTZmNzgtNDE5Yi05NTdkLTM3YTYwYzMzNWE1ZC8xL2ZrV3BvRFU2TThh
ay1UWUktZEpmSjhoWlNMYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvRjjANBgkqhkiG9w0BAQsFAAOC
AQEAPL7dV3RtQfhTt69xSAm4ZITG+QOkahil82CI2gYzZWSBSaqgVydFxRtUOIkz
kuSneK/DiI0bBQ6yn/p32J9NeXaD5UzE6SK39fNXaMDmzoel2ywhJb+VdJwLIUxd
+BdbYWUHR6yvEhDBm57Qvtjs7ej5WQd2fQJw4SzBY5qZ4ZEQ1+rLetfhNXubBG7N
jJ07zI6vF6u9giIgQ67YANarlprFEZqH9y57V06NsGOqV8svZl4bpOlPqWVJ2vJe
pvcmSZ9U11f+zBs2+vL9adSasF/M5XD76kLsi5c1CoY6S0zvAj9ehxFm/4cDuWmZ
SSXncNLZhIjHnqCuG8JvYkiDoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:23 2024 by rpki-client on console-fra.rpki-client.org