Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/XEOF0eIuEBUA-KMgAgmz7xWIWc4.roa
File:                     XEOF0eIuEBUA-KMgAgmz7xWIWc4.roa (raw, json)
Hash identifier:          XIm8wIqoWDi5/2DGjk0olkYuctHRxX3KaS9DLLpC/Pk=
Subject key identifier:   5C:43:85:D1:E2:2E:10:15:00:F8:A3:20:02:09:B3:EF:15:88:59:CE
Certificate issuer:       /CN=d0ce1b9ffb2e73d2c97f0893063cabb2cb746790
Certificate serial:       160D6310
Authority key identifier: D0:CE:1B:9F:FB:2E:73:D2:C9:7F:08:93:06:3C:AB:B2:CB:74:67:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0M4bn_suc9LJfwiTBjyrsst0Z5A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/XEOF0eIuEBUA-KMgAgmz7xWIWc4.roa
Signing time:             Sat 01 Jan 2022 06:57:07 +0000
ROA not before:           Sat 01 Jan 2022 06:57:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44746
IP address blocks:        91.214.88.0/22 maxlen: 22
                          91.202.156.0/22 maxlen: 22
                          185.19.252.0/22 maxlen: 22
                          2a05:b880::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 369976080 (0x160d6310)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0ce1b9ffb2e73d2c97f0893063cabb2cb746790
        Validity
            Not Before: Jan  1 06:57:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5c4385d1e22e101500f8a3200209b3ef158859ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:85:8e:d1:e3:35:ba:d4:69:64:0a:f0:69:2a:
                    c8:65:6b:48:3e:31:8e:da:bf:51:2b:66:7f:70:90:
                    bc:35:2e:ed:e9:1d:39:97:02:78:f3:e2:a5:b0:50:
                    0f:e6:78:10:fe:3f:45:84:a9:15:9a:4c:9e:cf:1f:
                    ea:bc:47:26:8a:78:91:f2:76:7b:b0:b9:bf:e3:a0:
                    d2:a7:3e:33:93:30:88:09:57:f9:0e:d3:3a:bb:80:
                    0f:06:d9:d9:f8:72:b0:03:fe:cc:81:e9:6a:3e:2b:
                    bb:ab:ee:60:b9:42:5c:9d:d0:05:2c:78:49:f2:ec:
                    13:40:9f:cf:70:40:58:fd:f4:6a:c2:fd:b4:d7:2b:
                    c2:32:ef:c5:ab:14:fd:ed:e7:d8:5b:fb:aa:e4:b8:
                    cb:cb:bf:24:9d:2d:4d:b8:9d:13:e8:dd:f2:17:f1:
                    ea:38:e7:93:af:92:30:2e:5b:24:0c:3e:d8:41:48:
                    f8:62:3a:b0:4c:ae:df:ba:ee:a3:b2:73:71:bd:1f:
                    08:50:4d:89:f6:e1:e3:7b:a4:41:6d:a9:b7:62:c5:
                    77:30:5c:07:91:a7:d9:d4:ca:1c:dc:a8:74:45:96:
                    a0:22:8a:5d:e9:8a:2f:bd:90:26:32:f7:72:5b:62:
                    4c:4f:0d:37:a0:66:5b:de:93:1e:40:ff:fd:38:7e:
                    85:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:43:85:D1:E2:2E:10:15:00:F8:A3:20:02:09:B3:EF:15:88:59:CE
            X509v3 Authority Key Identifier:
                keyid:D0:CE:1B:9F:FB:2E:73:D2:C9:7F:08:93:06:3C:AB:B2:CB:74:67:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0M4bn_suc9LJfwiTBjyrsst0Z5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/XEOF0eIuEBUA-KMgAgmz7xWIWc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/0M4bn_suc9LJfwiTBjyrsst0Z5A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.202.156.0/22
                  91.214.88.0/22
                  185.19.252.0/22
                IPv6:
                  2a05:b880::/29

    Signature Algorithm: sha256WithRSAEncryption
         76:be:23:cd:8a:fe:30:a8:7e:8b:25:32:42:40:98:24:7d:42:
         d7:85:ed:a9:b4:55:d7:64:c3:87:5f:7e:ad:fc:4f:2b:ce:bc:
         2b:27:23:58:06:ca:c7:8b:41:7b:d2:dc:d2:9f:52:e7:15:15:
         d3:2c:55:18:d5:77:28:d1:0e:57:66:58:ba:81:b8:1b:31:79:
         38:e4:78:e9:67:1c:ca:cf:a4:71:80:c9:cb:39:bf:30:b2:31:
         c5:eb:ec:c0:c2:1b:92:a4:bb:53:d0:8c:38:78:db:11:d4:e9:
         c8:4e:ce:a8:0c:56:8f:4e:eb:a1:cd:1f:8c:04:22:c9:67:df:
         f6:41:a9:1a:90:d8:e2:e0:71:5f:91:e1:01:cc:f1:83:a0:08:
         38:fa:78:7e:53:85:d2:68:e4:a4:2e:4e:59:e7:63:66:2d:02:
         d1:2d:f3:2b:e6:d9:f8:fb:7a:ff:cb:4c:29:1e:c4:61:5a:ae:
         5a:0b:12:2f:fd:16:aa:a9:77:22:54:a0:f9:86:0b:d2:ae:1d:
         7c:b8:b1:13:ef:01:78:ae:50:27:17:26:0a:89:27:92:9f:77:
         dd:05:3d:5f:d8:20:61:37:60:9c:8a:89:d9:68:93:25:2b:a3:
         43:0a:77:34:68:04:82:31:bb:07:e4:dc:90:8b:c5:c4:b6:75:
         21:5d:cc:db
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFg1jEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGNlMWI5ZmZiMmU3M2QyYzk3ZjA4OTMwNjNjYWJiMmNiNzQ2NzkwMB4XDTIyMDEw
MTA2NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM0Mzg1ZDFlMjJl
MTAxNTAwZjhhMzIwMDIwOWIzZWYxNTg4NTljZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOFjtHjNbrUaWQK8GkqyGVrSD4xjtq/UStmf3CQvDUu7ekd
OZcCePPipbBQD+Z4EP4/RYSpFZpMns8f6rxHJop4kfJ2e7C5v+Og0qc+M5MwiAlX
+Q7TOruADwbZ2fhysAP+zIHpaj4ru6vuYLlCXJ3QBSx4SfLsE0Cfz3BAWP30asL9
tNcrwjLvxasU/e3n2Fv7quS4y8u/JJ0tTbidE+jd8hfx6jjnk6+SMC5bJAw+2EFI
+GI6sEyu37ruo7Jzcb0fCFBNifbh43ukQW2pt2LFdzBcB5Gn2dTKHNyodEWWoCKK
XemKL72QJjL3cltiTE8NN6BmW96THkD//Th+hdsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRcQ4XR4i4QFQD4oyACCbPvFYhZzjAfBgNVHSMEGDAWgBTQzhuf+y5z0sl/
CJMGPKuyy3RnkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBNNGJuX3N1YzlMSmZ3aVRCanlyc3N0MFo1QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvZTUxMzIyLTAxNDEtNGQxNi04MTY4LWI5ZmI1M2EyZjAzYy8x
L1hFT0YwZUl1RUJVQS1LTWdBZ216N3hXSVdjNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
ZTUxMzIyLTAxNDEtNGQxNi04MTY4LWI5ZmI1M2EyZjAzYy8xLzBNNGJuX3N1YzlM
SmZ3aVRCanlyc3N0MFo1QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAlvKnAMEAlvWWAMEArkT/DANBAIA
AjAHAwUDKgW4gDANBgkqhkiG9w0BAQsFAAOCAQEAdr4jzYr+MKh+iyUyQkCYJH1C
14XtqbRV12TDh19+rfxPK868KycjWAbKx4tBe9Lc0p9S5xUV0yxVGNV3KNEOV2ZY
uoG4GzF5OOR46Wccys+kcYDJyzm/MLIxxevswMIbkqS7U9CMOHjbEdTpyE7OqAxW
j07roc0fjAQiyWff9kGpGpDY4uBxX5HhAczxg6AIOPp4flOF0mjkpC5OWedjZi0C
0S3zK+bZ+Pt6/8tMKR7EYVquWgsSL/0Wqql3IlSg+YYL0q4dfLixE+8BeK5QJxcm
Coknkp933QU9X9ggYTdgnIqJ2WiTJSujQwp3NGgEgjG7B+TckIvFxLZ1IV3M2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:10 2024 by rpki-client on console-fra.rpki-client.org