Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/jfvku6S7YbNfJMPxWBFPWpUONhQ.roa
File:                     jfvku6S7YbNfJMPxWBFPWpUONhQ.roa (raw, json)
Hash identifier:          aF9476/3aeN8egb+34lhQJatL9bO++zbadnyoUrGKJc=
Subject key identifier:   8D:FB:E4:BB:A4:BB:61:B3:5F:24:C3:F1:58:11:4F:5A:95:0E:36:14
Certificate issuer:       /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial:       05C2CC90
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/jfvku6S7YbNfJMPxWBFPWpUONhQ.roa
Signing time:             Sat 01 Jan 2022 14:06:04 +0000
ROA not before:           Sat 01 Jan 2022 14:06:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49711
IP address blocks:        178.172.133.0/24 maxlen: 24
                          93.125.43.0/24 maxlen: 24
                          91.149.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96652432 (0x5c2cc90)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
        Validity
            Not Before: Jan  1 14:06:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8dfbe4bba4bb61b35f24c3f158114f5a950e3614
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:d3:07:36:b5:45:0c:04:79:15:a7:60:c0:71:
                    c8:54:6d:19:7f:84:e9:64:a4:ad:5b:b3:9b:d9:35:
                    24:78:06:40:ac:b1:9d:3a:16:8e:35:09:ad:e6:86:
                    ba:06:e8:f0:b3:e7:03:69:4a:ba:e3:72:c5:21:1e:
                    f3:e5:79:d4:73:60:24:4f:29:3c:5f:67:76:9c:4e:
                    2d:fd:e5:a0:71:f0:13:9f:ac:d5:b3:11:17:62:b9:
                    c0:18:17:2b:14:82:89:7e:50:0c:4d:c8:48:e3:69:
                    21:ee:80:e2:d9:6a:90:f0:41:27:fd:d8:74:d0:12:
                    3c:f8:26:3e:a0:81:46:46:82:39:65:30:f6:74:d6:
                    90:9c:cf:59:ad:ea:57:2b:81:d1:a9:9b:30:d3:a4:
                    a1:ce:43:6d:a2:07:a4:5e:00:b8:4d:d1:8b:6d:cc:
                    cf:96:91:49:f3:4f:d9:5e:bf:9d:a5:e9:5c:84:69:
                    cf:6c:d3:d3:4d:8e:d3:7f:cb:91:ea:38:c2:f3:17:
                    e5:f1:5e:f1:aa:f0:e0:ea:41:13:44:a6:0a:75:97:
                    c4:fd:3c:7f:c9:e5:6e:cc:47:47:10:45:26:6e:e0:
                    e9:a1:b2:61:de:a9:1b:77:88:a7:aa:e4:ac:af:32:
                    f8:f2:11:c9:5e:55:50:30:94:9d:f1:c9:c9:5d:d4:
                    06:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:FB:E4:BB:A4:BB:61:B3:5F:24:C3:F1:58:11:4F:5A:95:0E:36:14
            X509v3 Authority Key Identifier:
                keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/jfvku6S7YbNfJMPxWBFPWpUONhQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.149.171.0/24
                  93.125.43.0/24
                  178.172.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:59:19:6b:09:11:f7:a5:76:55:75:17:40:0b:75:91:e0:01:
         0c:37:0c:e7:a9:88:f8:0c:d5:9d:af:67:6c:67:9f:15:fa:50:
         47:de:2e:b1:6c:3a:17:09:3e:38:f2:a3:8a:7d:66:07:2a:f3:
         3c:f5:93:d7:0f:f4:17:10:c8:24:ef:a7:6b:b4:68:0a:f7:62:
         82:ac:1e:4d:3a:3e:82:b1:1c:8f:2d:7d:b1:cd:bc:c3:3d:ad:
         ba:19:52:00:8f:30:b4:99:50:0b:a3:d2:39:73:d2:3a:ac:d7:
         dd:b4:8e:eb:9b:fa:38:ac:db:3d:a7:3a:68:b8:a2:eb:6c:1e:
         d4:2d:17:cf:49:bb:84:59:a3:f4:76:4e:c4:84:e8:87:39:f2:
         79:29:91:1a:8a:d0:f5:9a:d1:10:07:6e:12:a1:6c:07:ff:e2:
         1a:78:03:ce:cc:dc:04:83:46:64:b6:30:a8:14:be:ad:f3:f1:
         bc:61:bc:b8:5f:58:fd:c2:b2:37:6e:b3:2f:e8:3c:c7:ec:d0:
         c7:ff:b4:3f:e0:79:a7:02:1f:8c:f0:c0:82:a9:22:31:60:11:
         99:2d:96:4e:40:02:3a:8c:98:79:6b:02:5c:84:27:bd:63:a2:
         6c:08:6d:38:45:24:6e:b1:1c:69:27:c8:89:fc:3c:c4:fc:cd:
         c7:20:d5:07
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBcLMkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDE0OWY2MjQ0Nzg1MzY4OWMxMmZiMjg4YWZlYjZiNjgxY2ZlYmMxMB4XDTIyMDEw
MTE0MDYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRmYmU0YmJhNGJi
NjFiMzVmMjRjM2YxNTgxMTRmNWE5NTBlMzYxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTTBza1RQwEeRWnYMBxyFRtGX+E6WSkrVuzm9k1JHgGQKyx
nToWjjUJreaGugbo8LPnA2lKuuNyxSEe8+V51HNgJE8pPF9ndpxOLf3loHHwE5+s
1bMRF2K5wBgXKxSCiX5QDE3ISONpIe6A4tlqkPBBJ/3YdNASPPgmPqCBRkaCOWUw
9nTWkJzPWa3qVyuB0ambMNOkoc5DbaIHpF4AuE3Ri23Mz5aRSfNP2V6/naXpXIRp
z2zT002O03/Lkeo4wvMX5fFe8arw4OpBE0SmCnWXxP08f8nlbsxHRxBFJm7g6aGy
Yd6pG3eIp6rkrK8y+PIRyV5VUDCUnfHJyV3UBtcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSN++S7pLths18kw/FYEU9alQ42FDAfBgNVHSMEGDAWgBR9FJ9iRHhTaJwS
+yiK/ra2gc/rwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZSU2ZZa1I0VTJpY0V2c29pdjYydG9IUDY4RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvNmE1NGJmLWYwMGYtNDY3YS1iZjU3LWFhYjBlNDE0Y2M2My8x
L2pmdmt1NlM3WWJOZkpNUHhXQkZQV3BVT05oUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
NmE1NGJmLWYwMGYtNDY3YS1iZjU3LWFhYjBlNDE0Y2M2My8xL2ZSU2ZZa1I0VTJp
Y0V2c29pdjYydG9IUDY4RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFuVqwMEAF19KwMEALKshTANBgkq
hkiG9w0BAQsFAAOCAQEAS1kZawkR96V2VXUXQAt1keABDDcM56mI+AzVna9nbGef
FfpQR94usWw6Fwk+OPKjin1mByrzPPWT1w/0FxDIJO+na7RoCvdigqweTTo+grEc
jy19sc28wz2tuhlSAI8wtJlQC6PSOXPSOqzX3bSO65v6OKzbPac6aLii62we1C0X
z0m7hFmj9HZOxITohznyeSmRGorQ9ZrREAduEqFsB//iGngDzszcBINGZLYwqBS+
rfPxvGG8uF9Y/cKyN26zL+g8x+zQx/+0P+B5pwIfjPDAgqkiMWARmS2WTkACOoyY
eWsCXIQnvWOibAhtOEUkbrEcaSfIifw8xPzNxyDVBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:50 2024 by rpki-client on console-ams.rpki-client.org