Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/5vIUxtplMR51dqy5djBSGBw0P-g.roa
File:                     5vIUxtplMR51dqy5djBSGBw0P-g.roa (raw, json)
Hash identifier:          IlVaEieDKrbP3EcxhSQvA30qRvL5LlhqJ30WNgJKKCg=
Subject key identifier:   E6:F2:14:C6:DA:65:31:1E:75:76:AC:B9:76:30:52:18:1C:34:3F:E8
Certificate issuer:       /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial:       0182C89184062CE6BEB3614DDE12C2A29EEC
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/5vIUxtplMR51dqy5djBSGBw0P-g.roa
Signing time:             Tue 23 Aug 2022 02:39:15 +0000
ROA not before:           Tue 23 Aug 2022 02:39:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     174
IP address blocks:        91.213.174.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:c8:91:84:06:2c:e6:be:b3:61:4d:de:12:c2:a2:9e:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
        Validity
            Not Before: Aug 23 02:39:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e6f214c6da65311e7576acb9763052181c343fe8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:89:e9:87:9c:9d:c4:40:f9:20:16:e3:b8:da:
                    63:d8:90:8f:9e:9e:0d:35:d1:e1:40:7f:79:97:97:
                    df:1e:b0:71:60:6d:ee:af:f2:95:b1:f3:66:c8:66:
                    88:b0:7c:74:9c:33:42:3e:a7:86:ef:cd:13:46:1f:
                    9f:a1:35:2e:7e:c8:0f:18:6d:e0:1b:7d:96:3e:40:
                    d9:b9:92:6e:4d:d0:c8:71:34:d5:7a:6a:60:52:08:
                    7e:5f:93:07:28:c0:9b:6c:c2:b2:a5:f9:c4:48:17:
                    bd:ff:70:2b:b5:18:77:75:e2:1b:20:82:fb:23:e7:
                    2b:7f:0a:fb:94:0a:84:5b:df:b0:4e:bb:45:9d:f7:
                    cd:30:49:63:6c:b2:27:e9:0e:a7:13:1b:e3:93:17:
                    94:90:ac:eb:4c:2e:8c:a5:db:6c:14:5e:4f:fe:ed:
                    43:7f:91:0e:63:65:15:b1:6f:e2:99:ad:e6:27:2f:
                    8c:45:d8:1d:52:72:a8:74:0d:90:ad:bf:56:ec:46:
                    b6:73:62:7f:a8:11:25:33:44:3f:9c:08:bd:8d:83:
                    cb:6d:54:7f:3f:ed:8e:31:f8:3f:5c:27:08:16:68:
                    57:a0:b1:40:5c:89:05:12:13:c6:2d:41:6e:b7:74:
                    a0:a3:5a:6a:d3:04:23:a5:d6:a6:c1:de:93:68:32:
                    5d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:F2:14:C6:DA:65:31:1E:75:76:AC:B9:76:30:52:18:1C:34:3F:E8
            X509v3 Authority Key Identifier:
                keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/5vIUxtplMR51dqy5djBSGBw0P-g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:a6:2b:75:40:d2:f0:7b:da:a6:a8:27:f1:49:57:b6:d2:6f:
         ce:c5:9d:86:8b:b0:66:6f:b1:1d:78:f5:b1:9a:37:a8:da:0f:
         c7:66:70:58:af:50:06:72:6c:e1:2f:7f:c1:fc:57:de:83:28:
         46:4a:79:c3:94:dc:fa:09:c0:a0:ae:28:7b:97:19:85:b5:33:
         6e:96:bf:4c:ca:cb:d1:68:85:9e:79:1b:cc:56:de:96:3d:a5:
         5f:fb:4c:aa:bf:26:7c:e8:03:94:04:2a:d3:e5:50:b6:71:86:
         f5:01:dd:a6:b2:14:54:54:55:35:55:95:20:93:6d:10:bd:e4:
         d3:ad:0a:04:5e:34:9e:51:dc:97:a3:cd:f3:ac:ac:fc:03:da:
         67:47:ec:dd:47:60:39:68:d6:8d:ad:cc:19:ec:05:86:10:ff:
         ab:a3:54:a7:72:16:f3:c0:b5:fc:90:7c:42:96:b4:3a:0a:ad:
         89:9e:07:86:97:58:76:75:0f:b8:67:f0:8c:0e:ab:d4:14:4e:
         5f:41:5b:0a:c2:26:b2:2c:6b:90:bf:fb:f0:84:53:10:90:0e:
         b3:06:45:f2:09:46:37:bc:9b:ce:64:4e:84:e0:3f:f8:04:16:
         44:64:16:d6:38:2e:ed:f8:e1:7c:21:12:1f:cd:1a:6b:a1:72:
         8a:ab:5f:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLIkYQGLOa+s2FN3hLCop7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjIwODIzMDIzOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmYyMTRjNmRhNjUzMTFlNzU3NmFjYjk3NjMwNTIxODFjMzQzZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYnph5ydxED5IBbjuNpj2JCPnp4N
NdHhQH95l5ffHrBxYG3ur/KVsfNmyGaIsHx0nDNCPqeG780TRh+foTUufsgPGG3g
G32WPkDZuZJuTdDIcTTVempgUgh+X5MHKMCbbMKypfnESBe9/3ArtRh3deIbIIL7
I+crfwr7lAqEW9+wTrtFnffNMEljbLIn6Q6nExvjkxeUkKzrTC6MpdtsFF5P/u1D
f5EOY2UVsW/ima3mJy+MRdgdUnKodA2Qrb9W7Ea2c2J/qBElM0Q/nAi9jYPLbVR/
P+2OMfg/XCcIFmhXoLFAXIkFEhPGLUFut3Sgo1pq0wQjpdamwd6TaDJdWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObyFMbaZTEedXasuXYwUhgcND/oMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvNXZJVXh0cGxNUjUxZHF5NWRqQlNHQncwUC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9WuMA0G
CSqGSIb3DQEBCwUAA4IBAQAQpit1QNLwe9qmqCfxSVe20m/OxZ2Gi7Bmb7EdePWx
mjeo2g/HZnBYr1AGcmzhL3/B/FfegyhGSnnDlNz6CcCgrih7lxmFtTNulr9MysvR
aIWeeRvMVt6WPaVf+0yqvyZ86AOUBCrT5VC2cYb1Ad2mshRUVFU1VZUgk20QveTT
rQoEXjSeUdyXo83zrKz8A9pnR+zdR2A5aNaNrcwZ7AWGEP+ro1SnchbzwLX8kHxC
lrQ6Cq2JngeGl1h2dQ+4Z/CMDqvUFE5fQVsKwiayLGuQv/vwhFMQkA6zBkXyCUY3
vJvOZE6E4D/4BBZEZBbWOC7t+OF8IRIfzRproXKKq1+j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org