Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/eff592-1a47-40bc-84d4-0c68777a4019/1/__pJeeMtSl5GQFr_T03ApUxOyn8.roa
File:                     __pJeeMtSl5GQFr_T03ApUxOyn8.roa (raw, json)
Hash identifier:          YNw0wdqrPDp9rcutxKQGexSKltkMuldiuLVhxDz52Fs=
Subject key identifier:   FF:FA:49:79:E3:2D:4A:5E:46:40:5A:FF:4F:4D:C0:A5:4C:4E:CA:7F
Certificate issuer:       /CN=0b403e71ef8c3d973ce76d42042f7dfa1891688b
Certificate serial:       022290B2
Authority key identifier: 0B:40:3E:71:EF:8C:3D:97:3C:E7:6D:42:04:2F:7D:FA:18:91:68:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C0A-ce-MPZc8521CBC99-hiRaIs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/eff592-1a47-40bc-84d4-0c68777a4019/1/__pJeeMtSl5GQFr_T03ApUxOyn8.roa
Signing time:             Wed 20 Apr 2022 07:39:56 +0000
ROA not before:           Wed 20 Apr 2022 07:39:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31543
IP address blocks:        185.221.76.0/22 maxlen: 24
                          91.217.38.0/23 maxlen: 24
                          185.58.52.0/22 maxlen: 24
                          2a02:61e0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35819698 (0x22290b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b403e71ef8c3d973ce76d42042f7dfa1891688b
        Validity
            Not Before: Apr 20 07:39:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fffa4979e32d4a5e46405aff4f4dc0a54c4eca7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:cd:86:61:34:9d:ca:c1:1b:fd:4e:0d:06:97:
                    21:fc:96:5f:c8:be:7f:91:c8:6f:21:0b:be:0b:a8:
                    cb:24:96:e5:c8:5b:cf:01:2e:44:d8:79:2a:88:dc:
                    8f:ed:90:9c:18:f1:a7:4f:b9:5f:1f:0a:e4:0c:c3:
                    5f:91:cd:21:d0:6e:80:f7:10:ed:cf:47:84:4e:61:
                    5d:ef:e8:d0:a5:ce:cc:9e:0f:fa:6b:89:39:d8:71:
                    08:cd:26:ce:14:3a:f0:15:0b:68:59:a5:df:7c:e9:
                    3d:f0:a5:5b:e3:f3:8c:ea:65:63:43:d7:81:c5:8f:
                    b0:1b:9e:74:fc:ec:14:ed:c5:d5:13:78:90:67:39:
                    e5:e9:28:d6:e7:3e:d8:ba:c8:ab:80:95:67:7f:ea:
                    02:43:84:45:99:34:68:e9:5a:be:84:e3:64:f9:53:
                    24:ae:45:35:ad:ac:0b:4a:21:30:06:35:1c:1b:1b:
                    4d:9f:47:e4:c6:9b:2a:e2:7d:ef:dd:d4:17:82:cf:
                    41:a5:55:d2:e5:dd:dd:28:b7:2e:12:9a:46:32:10:
                    92:b4:3a:8a:2a:98:a2:4c:b0:12:74:fd:06:b8:72:
                    b5:5a:90:17:34:ba:e9:71:f9:fb:65:70:56:3e:47:
                    6e:78:7f:23:98:18:0f:8b:2e:f8:15:4f:c8:f9:3e:
                    65:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:FA:49:79:E3:2D:4A:5E:46:40:5A:FF:4F:4D:C0:A5:4C:4E:CA:7F
            X509v3 Authority Key Identifier:
                keyid:0B:40:3E:71:EF:8C:3D:97:3C:E7:6D:42:04:2F:7D:FA:18:91:68:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0A-ce-MPZc8521CBC99-hiRaIs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/eff592-1a47-40bc-84d4-0c68777a4019/1/__pJeeMtSl5GQFr_T03ApUxOyn8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/eff592-1a47-40bc-84d4-0c68777a4019/1/C0A-ce-MPZc8521CBC99-hiRaIs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.38.0/23
                  185.58.52.0/22
                  185.221.76.0/22
                IPv6:
                  2a02:61e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         0e:5f:ac:27:48:5c:8c:26:30:00:72:4d:20:c4:9b:52:74:c1:
         f5:65:78:4f:0f:46:f0:a4:4a:d2:b8:e4:a2:9a:f0:35:10:4b:
         d4:54:9b:00:fb:21:e8:8b:65:47:e4:2a:e0:3a:af:35:04:69:
         8a:fc:2c:f9:f6:c3:a6:28:11:f0:9c:67:8e:78:cb:c0:fe:79:
         37:e5:03:77:70:b8:d5:27:7d:74:6b:76:0a:2b:2a:b6:cb:68:
         a9:62:17:aa:29:0d:fb:1c:ff:7f:19:1c:bf:3e:56:35:c2:b1:
         54:bc:af:58:9e:42:19:67:aa:50:89:04:3b:30:33:80:17:23:
         35:47:2e:16:23:fa:f7:b2:fc:94:e3:3d:66:6a:d9:56:4b:d0:
         f1:95:66:dd:57:12:ca:1e:1c:f8:79:83:98:b7:cf:d6:b8:f8:
         5e:94:2b:45:2a:34:b7:84:ad:81:75:49:a8:12:8d:77:d1:5e:
         c1:33:03:59:0c:eb:e1:08:be:5d:15:cb:48:5f:fc:12:4b:98:
         f8:4d:62:44:fc:90:23:82:c6:23:1f:0c:07:b2:fc:43:65:32:
         c2:5e:aa:8b:65:8d:aa:2c:8e:c2:f0:cd:74:ca:01:79:2f:ec:
         3a:e4:c8:5f:f9:f8:f6:6c:4c:09:bf:0a:a6:57:2d:e5:10:56:
         46:98:86:a8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEAiKQsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjQwM2U3MWVmOGMzZDk3M2NlNzZkNDIwNDJmN2RmYTE4OTE2ODhiMB4XDTIyMDQy
MDA3Mzk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZmYTQ5NzllMzJk
NGE1ZTQ2NDA1YWZmNGY0ZGMwYTU0YzRlY2E3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/NhmE0ncrBG/1ODQaXIfyWX8i+f5HIbyELvguoyySW5chb
zwEuRNh5Kojcj+2QnBjxp0+5Xx8K5AzDX5HNIdBugPcQ7c9HhE5hXe/o0KXOzJ4P
+muJOdhxCM0mzhQ68BULaFml33zpPfClW+PzjOplY0PXgcWPsBuedPzsFO3F1RN4
kGc55eko1uc+2LrIq4CVZ3/qAkOERZk0aOlavoTjZPlTJK5FNa2sC0ohMAY1HBsb
TZ9H5MabKuJ9793UF4LPQaVV0uXd3Si3LhKaRjIQkrQ6iiqYokywEnT9BrhytVqQ
FzS66XH5+2VwVj5Hbnh/I5gYD4su+BVPyPk+ZR8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBT/+kl54y1KXkZAWv9PTcClTE7KfzAfBgNVHSMEGDAWgBQLQD5x74w9lzzn
bUIEL336GJFoizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0MwQS1jZS1NUFpjODUyMUNCQzk5LWhpUmFJcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvZWZmNTkyLTFhNDctNDBiYy04NGQ0LTBjNjg3NzdhNDAxOS8x
L19fcEplZU10U2w1R1FGcl9UMDNBcFV4T3luOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
ZWZmNTkyLTFhNDctNDBiYy04NGQ0LTBjNjg3NzdhNDAxOS8xL0MwQS1jZS1NUFpj
ODUyMUNCQzk5LWhpUmFJcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAVvZJgMEArk6NAMEArndTDANBAIA
AjAHAwUAKgJh4DANBgkqhkiG9w0BAQsFAAOCAQEADl+sJ0hcjCYwAHJNIMSbUnTB
9WV4Tw9G8KRK0rjkoprwNRBL1FSbAPsh6ItlR+Qq4DqvNQRpivws+fbDpigR8Jxn
jnjLwP55N+UDd3C41Sd9dGt2CisqtstoqWIXqikN+xz/fxkcvz5WNcKxVLyvWJ5C
GWeqUIkEOzAzgBcjNUcuFiP697L8lOM9ZmrZVkvQ8ZVm3VcSyh4c+HmDmLfP1rj4
XpQrRSo0t4StgXVJqBKNd9FewTMDWQzr4Qi+XRXLSF/8EkuY+E1iRPyQI4LGIx8M
B7L8Q2Uywl6qi2WNqiyOwvDNdMoBeS/sOuTIX/n49mxMCb8Kplct5RBWRpiGqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:11 2024 by rpki-client on console-ams.rpki-client.org