Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/ad1301-149c-4c21-98b3-446a8913d4b8/1/dscqZkn4zKZx8uXOK_YUYvQzGVY.roa
File:                     dscqZkn4zKZx8uXOK_YUYvQzGVY.roa (raw, json)
Hash identifier:          4IAxt3gl6ulkEs6svkRjK+QrV9RDSR9gcNGWQRGgdrw=
Subject key identifier:   76:C7:2A:66:49:F8:CC:A6:71:F2:E5:CE:2B:F6:14:62:F4:33:19:56
Certificate issuer:       /CN=b26bb4333efe9e14c4831b05821416e5c55bdf42
Certificate serial:       01F6FE08
Authority key identifier: B2:6B:B4:33:3E:FE:9E:14:C4:83:1B:05:82:14:16:E5:C5:5B:DF:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/smu0Mz7-nhTEgxsFghQW5cVb30I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/ad1301-149c-4c21-98b3-446a8913d4b8/1/dscqZkn4zKZx8uXOK_YUYvQzGVY.roa
Signing time:             Sat 01 Jan 2022 15:05:33 +0000
ROA not before:           Sat 01 Jan 2022 15:05:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        91.212.235.0/24 maxlen: 24
                          2001:7f8:9f::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32964104 (0x1f6fe08)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b26bb4333efe9e14c4831b05821416e5c55bdf42
        Validity
            Not Before: Jan  1 15:05:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=76c72a6649f8cca671f2e5ce2bf61462f4331956
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:03:18:0a:b6:40:aa:38:7b:c7:eb:d7:3b:44:
                    b2:ee:51:77:b7:8b:20:49:1f:3d:36:c0:14:30:c6:
                    3b:c3:f8:eb:65:75:28:36:55:92:aa:4f:31:74:39:
                    97:39:97:24:c7:cb:6e:f0:72:18:9e:65:b0:50:3b:
                    8c:24:5d:22:cc:b8:39:ea:f7:0b:a4:b3:cc:a2:d5:
                    3f:48:6a:6b:03:8d:e0:94:0f:f1:02:27:b5:5a:ac:
                    92:76:87:d5:fc:cc:23:28:15:6c:8b:e6:13:fd:a7:
                    b1:c2:a0:dc:1a:1b:6a:f3:c6:35:07:c4:aa:b4:ed:
                    d6:43:65:b7:4e:ac:ba:71:0f:d2:7a:db:30:64:ba:
                    d0:bf:d5:62:16:09:f3:9d:0d:4d:ba:28:be:2c:dc:
                    43:03:90:4a:d6:33:c0:a6:52:01:e4:d8:01:8d:64:
                    9e:15:51:6b:7c:e1:14:23:5b:d4:ef:80:b6:d6:86:
                    b6:c8:d0:d7:d8:68:15:56:8d:a9:df:1a:20:97:77:
                    4f:e1:d5:2d:ab:a4:7a:1c:bd:70:7c:85:98:72:8e:
                    bc:c3:30:57:86:c8:15:29:c2:bb:34:11:5c:a2:cf:
                    63:4b:2e:a2:57:1e:f9:d5:27:cb:4e:33:07:1f:ef:
                    cd:bb:ac:fc:0f:cf:97:84:f5:31:da:45:98:c6:a6:
                    9c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:C7:2A:66:49:F8:CC:A6:71:F2:E5:CE:2B:F6:14:62:F4:33:19:56
            X509v3 Authority Key Identifier:
                keyid:B2:6B:B4:33:3E:FE:9E:14:C4:83:1B:05:82:14:16:E5:C5:5B:DF:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/smu0Mz7-nhTEgxsFghQW5cVb30I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/ad1301-149c-4c21-98b3-446a8913d4b8/1/dscqZkn4zKZx8uXOK_YUYvQzGVY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/ad1301-149c-4c21-98b3-446a8913d4b8/1/smu0Mz7-nhTEgxsFghQW5cVb30I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.212.235.0/24
                IPv6:
                  2001:7f8:9f::/64

    Signature Algorithm: sha256WithRSAEncryption
         9d:7c:a9:93:16:b0:27:a8:63:75:47:ea:4a:5b:22:2e:aa:70:
         92:7a:13:78:d7:93:92:88:60:fb:c4:d9:17:05:36:74:8a:d5:
         d3:6d:25:f4:0a:61:1d:97:0f:d8:71:83:91:23:60:20:18:5e:
         f9:c3:a5:5a:39:f1:a6:e3:d8:02:f3:49:9d:4d:ba:e9:49:b0:
         50:8b:b2:d8:93:ab:c7:c8:7b:63:03:6a:d0:dc:0a:06:f4:fd:
         99:8d:ff:53:2a:cd:ed:5f:65:c2:68:d0:9d:07:14:b8:e6:ae:
         49:60:9f:16:58:c3:f7:e1:a5:94:73:98:3d:71:61:36:b5:b1:
         0a:37:81:6e:09:59:5f:d0:17:d2:87:2d:ed:27:c4:eb:35:c5:
         1b:c3:a1:01:a1:f9:99:89:16:f0:b1:26:4c:9b:09:7c:a3:d6:
         08:c2:9f:f5:6a:13:23:fa:9a:57:8e:10:ff:f5:d9:a5:61:85:
         1c:7e:1a:5e:04:9b:78:78:f9:41:b6:88:b4:6e:dc:b5:e4:1d:
         35:8b:02:56:b9:89:12:20:0a:31:08:0c:a2:86:fb:ae:2b:16:
         5f:6a:e8:b7:1e:17:ee:47:45:19:0b:0e:1c:a8:f3:40:89:07:
         bd:9d:26:c1:cc:65:80:bb:a3:50:24:68:44:4c:a9:51:e2:ab:
         1e:78:ba:3e
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIEAfb+CDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MjZiYjQzMzNlZmU5ZTE0YzQ4MzFiMDU4MjE0MTZlNWM1NWJkZjQyMB4XDTIyMDEw
MTE1MDUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZjNzJhNjY0OWY4
Y2NhNjcxZjJlNWNlMmJmNjE0NjJmNDMzMTk1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANwDGAq2QKo4e8fr1ztEsu5Rd7eLIEkfPTbAFDDGO8P462V1
KDZVkqpPMXQ5lzmXJMfLbvByGJ5lsFA7jCRdIsy4Oer3C6SzzKLVP0hqawON4JQP
8QIntVqsknaH1fzMIygVbIvmE/2nscKg3BobavPGNQfEqrTt1kNlt06sunEP0nrb
MGS60L/VYhYJ850NTboovizcQwOQStYzwKZSAeTYAY1knhVRa3zhFCNb1O+AttaG
tsjQ19hoFVaNqd8aIJd3T+HVLaukehy9cHyFmHKOvMMwV4bIFSnCuzQRXKLPY0su
olce+dUny04zBx/vzbus/A/Pl4T1MdpFmMamnG8CAwEAAaOCAhwwggIYMB0GA1Ud
DgQWBBR2xypmSfjMpnHy5c4r9hRi9DMZVjAfBgNVHSMEGDAWgBSya7QzPv6eFMSD
GwWCFBblxVvfQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NtdTBNejctbmhURWd4c0ZnaFFXNWNWYjMwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvYWQxMzAxLTE0OWMtNGMyMS05OGIzLTQ0NmE4OTEzZDRiOC8x
L2RzY3Faa240ektaeDh1WE9LX1lVWXZRekdWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
YWQxMzAxLTE0OWMtNGMyMS05OGIzLTQ0NmE4OTEzZDRiOC8xL3NtdTBNejctbmhU
RWd4c0ZnaFFXNWNWYjMwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAy
BggrBgEFBQcBBwEB/wQjMCEwDAQCAAEwBgMEAFvU6zARBAIAAjALAwkAIAEH+ACf
AAAwDQYJKoZIhvcNAQELBQADggEBAJ18qZMWsCeoY3VH6kpbIi6qcJJ6E3jXk5KI
YPvE2RcFNnSK1dNtJfQKYR2XD9hxg5EjYCAYXvnDpVo58abj2ALzSZ1NuulJsFCL
stiTq8fIe2MDatDcCgb0/ZmN/1Mqze1fZcJo0J0HFLjmrklgnxZYw/fhpZRzmD1x
YTa1sQo3gW4JWV/QF9KHLe0nxOs1xRvDoQGh+ZmJFvCxJkybCXyj1gjCn/VqEyP6
mleOEP/12aVhhRx+Gl4Em3h4+UG2iLRu3LXkHTWLAla5iRIgCjEIDKKG+64rFl9q
6LceF+5HRRkLDhyo80CJB72dJsHMZYC7o1AkaERMqVHiqx54uj4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:16 2024 by rpki-client on console-fra.rpki-client.org