Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/o-4vUuGbQfZ_p0hIYJhsA6FaYM4.roa
File:                     o-4vUuGbQfZ_p0hIYJhsA6FaYM4.roa (raw, json)
Hash identifier:          WKtFd/xJu6pJ6dE91x6glkhy3acydRAZeOdq4z//Gpc=
Subject key identifier:   A3:EE:2F:52:E1:9B:41:F6:7F:A7:48:48:60:98:6C:03:A1:5A:60:CE
Certificate issuer:       /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial:       0512EE4A
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/o-4vUuGbQfZ_p0hIYJhsA6FaYM4.roa
Signing time:             Thu 12 May 2022 19:33:02 +0000
ROA not before:           Thu 12 May 2022 19:33:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58061
IP address blocks:        91.208.73.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85126730 (0x512ee4a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
        Validity
            Not Before: May 12 19:33:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a3ee2f52e19b41f67fa7484860986c03a15a60ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:99:f1:09:33:69:0e:0b:d8:bd:45:c6:5b:76:
                    49:10:b3:a4:1a:bf:a8:25:0f:5f:4d:4f:09:c3:89:
                    26:29:88:e0:d6:b0:2b:e9:ce:27:ee:de:6d:df:a2:
                    4b:95:e6:18:a1:e7:db:16:89:9f:3d:9f:e6:7a:09:
                    9c:32:e1:a7:d3:3c:9a:54:f3:36:d8:ad:69:5b:66:
                    91:32:dc:07:2b:78:1c:87:cc:c1:01:9a:bc:ea:72:
                    08:d2:1b:44:d4:35:3f:91:05:99:d3:81:fd:71:31:
                    35:db:a9:bd:72:e2:9e:37:c8:35:5a:1b:74:39:71:
                    f2:44:6b:48:7a:0f:62:3d:b1:b0:e8:ff:b1:91:ca:
                    62:93:de:76:17:3f:bb:af:f3:b5:00:47:e5:c6:d6:
                    81:38:25:88:6f:e9:79:3f:b2:a7:60:df:ed:e8:de:
                    19:5a:d1:29:cf:45:a1:28:d0:f2:1a:b0:49:fb:7b:
                    b2:ff:62:63:c3:cf:ea:4e:1b:99:2f:b0:b6:ba:94:
                    86:11:e5:36:10:bb:09:63:50:28:d4:23:76:79:a2:
                    a4:d2:a4:03:cf:ef:2b:44:7e:b3:4d:2f:c8:ed:d5:
                    29:1f:27:8b:91:2c:49:53:74:c0:29:1b:1c:6d:04:
                    f4:b3:11:1a:87:21:44:b5:31:4c:59:15:79:2d:49:
                    e3:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:EE:2F:52:E1:9B:41:F6:7F:A7:48:48:60:98:6C:03:A1:5A:60:CE
            X509v3 Authority Key Identifier:
                keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/o-4vUuGbQfZ_p0hIYJhsA6FaYM4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:50:5b:1c:28:cd:bd:da:4a:26:6b:c5:e0:d1:b9:00:a4:16:
         f4:79:40:d3:07:c1:b2:46:fe:61:be:23:0b:dc:2f:09:85:f8:
         84:fb:e4:38:0f:8c:3f:f3:aa:c4:39:e1:08:f9:26:29:c7:b9:
         a3:98:e9:2e:14:d0:2b:4a:2a:8f:dc:f4:24:66:cb:2f:16:fa:
         a9:14:87:a9:06:b4:f2:13:15:71:55:b5:ef:fe:76:d7:a6:8b:
         bf:9d:ae:bf:52:ac:ce:e7:03:76:9c:26:3c:18:87:06:af:ec:
         3a:d2:ba:c4:74:55:c8:d7:ef:88:93:da:f0:bc:0c:11:39:69:
         75:55:77:ae:df:0c:8d:1c:7b:0d:22:cd:40:f1:f4:e3:de:0f:
         b1:31:6a:08:c8:21:85:4d:2b:00:ee:7b:ec:41:b7:43:95:bd:
         84:37:70:5b:90:5e:ba:3b:2a:9d:97:5d:13:23:19:88:41:83:
         50:57:16:97:aa:2f:49:1e:fd:e4:9c:c7:d9:57:88:c4:b3:85:
         23:41:d2:80:d1:0d:9e:a5:66:44:ae:10:e7:6e:1e:14:30:ff:
         ff:36:0a:74:68:5e:32:92:b0:32:02:f9:ae:49:78:17:17:da:
         35:75:75:a0:72:41:e1:5e:45:6b:b2:4b:90:6d:6c:12:43:3c:
         2d:76:2d:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBRLuSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjQ3MzgzODljYjNiOTk4ZWM0ZmE2ZDQyNzJmOGRkNzk5ZmJjNGE5MB4XDTIyMDUx
MjE5MzMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNlZTJmNTJlMTli
NDFmNjdmYTc0ODQ4NjA5ODZjMDNhMTVhNjBjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJuZ8QkzaQ4L2L1Fxlt2SRCzpBq/qCUPX01PCcOJJimI4Naw
K+nOJ+7ebd+iS5XmGKHn2xaJnz2f5noJnDLhp9M8mlTzNtitaVtmkTLcByt4HIfM
wQGavOpyCNIbRNQ1P5EFmdOB/XExNdupvXLinjfINVobdDlx8kRrSHoPYj2xsOj/
sZHKYpPedhc/u6/ztQBH5cbWgTgliG/peT+yp2Df7ejeGVrRKc9FoSjQ8hqwSft7
sv9iY8PP6k4bmS+wtrqUhhHlNhC7CWNQKNQjdnmipNKkA8/vK0R+s00vyO3VKR8n
i5EsSVN0wCkbHG0E9LMRGochRLUxTFkVeS1J488CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSj7i9S4ZtB9n+nSEhgmGwDoVpgzjAfBgNVHSMEGDAWgBQfRzg4nLO5mOxP
ptQnL43XmfvEqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gwYzRPSnl6dVpqc1Q2YlVKeS1OMTVuN3hLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvNTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8x
L28tNHZVdUdiUWZaX3AwaElZSmhzQTZGYVlNNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
NTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8xL0gwYzRPSnl6dVpq
c1Q2YlVKeS1OMTVuN3hLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvQSTANBgkqhkiG9w0BAQsFAAOC
AQEAS1BbHCjNvdpKJmvF4NG5AKQW9HlA0wfBskb+Yb4jC9wvCYX4hPvkOA+MP/Oq
xDnhCPkmKce5o5jpLhTQK0oqj9z0JGbLLxb6qRSHqQa08hMVcVW17/5216aLv52u
v1KszucDdpwmPBiHBq/sOtK6xHRVyNfviJPa8LwMETlpdVV3rt8MjRx7DSLNQPH0
494PsTFqCMghhU0rAO577EG3Q5W9hDdwW5BeujsqnZddEyMZiEGDUFcWl6ovSR79
5JzH2VeIxLOFI0HSgNENnqVmRK4Q524eFDD//zYKdGheMpKwMgL5rkl4FxfaNXV1
oHJB4V5Fa7JLkG1sEkM8LXYtgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org