Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/132ba8-7676-49f6-afcc-7d0423bda74c/1/7fB5c2c_ZBkxkUjwIWW8w3yg_j0.roa
File:                     7fB5c2c_ZBkxkUjwIWW8w3yg_j0.roa (raw, json)
Hash identifier:          FU9mZBnOtNcmcgcQsmmmpb2U3fZ1JsN+ZnPv5DY4nSo=
Subject key identifier:   ED:F0:79:73:67:3F:64:19:31:91:48:F0:21:65:BC:C3:7C:A0:FE:3D
Certificate issuer:       /CN=b4d7ed14b8d51a20baec7b660f08a80cdcf817bf
Certificate serial:       0563C2AC
Authority key identifier: B4:D7:ED:14:B8:D5:1A:20:BA:EC:7B:66:0F:08:A8:0C:DC:F8:17:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNftFLjVGiC67HtmDwioDNz4F78.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/132ba8-7676-49f6-afcc-7d0423bda74c/1/7fB5c2c_ZBkxkUjwIWW8w3yg_j0.roa
Signing time:             Sat 01 Jan 2022 06:53:06 +0000
ROA not before:           Sat 01 Jan 2022 06:53:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197265
IP address blocks:        91.217.204.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90423980 (0x563c2ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d7ed14b8d51a20baec7b660f08a80cdcf817bf
        Validity
            Not Before: Jan  1 06:53:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=edf07973673f6419319148f02165bcc37ca0fe3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:4d:c7:3a:da:21:6d:18:a8:da:74:7c:aa:4a:
                    62:a9:c2:c0:45:8c:2c:b3:24:e5:b4:b4:83:79:ca:
                    ad:85:bb:11:e8:1e:ec:a3:5e:4a:71:af:7e:b8:5f:
                    01:75:84:3b:29:69:c7:c7:30:e9:0c:2d:ac:f9:41:
                    63:cc:1c:49:30:34:d7:71:d9:75:3f:d5:17:72:ef:
                    50:69:06:78:eb:82:95:6a:05:7f:de:a3:d7:60:36:
                    03:d8:de:cf:4e:95:e4:a1:4d:ae:91:60:b1:19:5e:
                    f5:aa:9a:0e:73:32:f4:88:e2:4c:26:f2:49:45:78:
                    4e:2b:7d:d3:0b:79:96:9d:62:3f:6f:1f:9c:41:fe:
                    98:6c:60:10:0f:f9:77:08:81:84:0a:1a:4a:4e:59:
                    8a:93:5f:a3:d9:0f:b1:40:5e:3c:8d:8e:dd:ba:74:
                    a9:37:67:a2:66:bf:9a:24:aa:80:59:f1:90:29:89:
                    8f:1c:19:e0:b0:60:32:39:57:ad:ca:0b:ba:1f:96:
                    59:a7:d4:27:95:50:b9:67:ee:6e:ba:d3:69:b3:f4:
                    e4:8b:77:d0:18:8b:36:5c:52:f6:9b:a1:5b:ee:a4:
                    ce:3a:05:a4:3c:21:5c:79:27:b9:10:2a:49:4d:11:
                    fa:ab:dc:c6:8c:38:c3:ee:0c:f2:bc:8f:20:db:cc:
                    11:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:F0:79:73:67:3F:64:19:31:91:48:F0:21:65:BC:C3:7C:A0:FE:3D
            X509v3 Authority Key Identifier:
                keyid:B4:D7:ED:14:B8:D5:1A:20:BA:EC:7B:66:0F:08:A8:0C:DC:F8:17:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNftFLjVGiC67HtmDwioDNz4F78.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/132ba8-7676-49f6-afcc-7d0423bda74c/1/7fB5c2c_ZBkxkUjwIWW8w3yg_j0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/132ba8-7676-49f6-afcc-7d0423bda74c/1/tNftFLjVGiC67HtmDwioDNz4F78.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:eb:f6:49:56:61:59:d6:b2:d4:f2:48:60:7d:ed:bb:3c:a9:
         b9:cb:9b:92:0e:d4:96:76:e2:24:6d:f7:d9:ab:76:39:5f:c2:
         5b:2f:6f:49:0b:c7:26:82:a2:16:20:28:f0:f6:bf:5e:28:22:
         8b:99:8c:7e:bd:51:47:50:d2:06:f4:56:af:6f:99:a5:9d:f7:
         9e:bb:7a:8d:59:c2:59:a6:07:c0:dd:dd:e3:41:e0:4e:26:61:
         28:10:c0:e7:a9:d0:f9:88:e2:51:35:f2:61:66:80:59:fe:4e:
         ce:e3:50:11:37:dd:ee:69:94:f4:ff:f3:5a:d8:52:79:17:d2:
         1a:02:34:83:bc:97:22:e1:b7:4d:12:69:d8:13:ed:67:67:e1:
         d0:f6:7c:33:4f:ee:f4:c8:34:6a:5a:0c:54:70:08:c0:87:99:
         9d:1d:46:00:5c:63:bf:6f:c0:7c:5c:11:9a:1c:61:96:8a:d1:
         d9:df:70:ef:85:45:47:fc:fd:52:65:92:ad:ff:98:c0:9c:41:
         41:49:d6:b1:86:ed:3a:93:fd:a4:31:b7:43:38:a7:3e:56:64:
         fb:21:95:72:17:47:54:b8:57:5e:49:5e:fd:7a:fa:20:44:2a:
         a5:29:c8:49:eb:0b:b9:9a:c9:db:2b:14:7b:74:b0:04:c3:00:
         c4:ae:50:6b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBWPCrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGQ3ZWQxNGI4ZDUxYTIwYmFlYzdiNjYwZjA4YTgwY2RjZjgxN2JmMB4XDTIyMDEw
MTA2NTMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRmMDc5NzM2NzNm
NjQxOTMxOTE0OGYwMjE2NWJjYzM3Y2EwZmUzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpNxzraIW0YqNp0fKpKYqnCwEWMLLMk5bS0g3nKrYW7Eege
7KNeSnGvfrhfAXWEOylpx8cw6QwtrPlBY8wcSTA013HZdT/VF3LvUGkGeOuClWoF
f96j12A2A9jez06V5KFNrpFgsRle9aqaDnMy9IjiTCbySUV4Tit90wt5lp1iP28f
nEH+mGxgEA/5dwiBhAoaSk5ZipNfo9kPsUBePI2O3bp0qTdnoma/miSqgFnxkCmJ
jxwZ4LBgMjlXrcoLuh+WWafUJ5VQuWfubrrTabP05It30BiLNlxS9puhW+6kzjoF
pDwhXHknuRAqSU0R+qvcxow4w+4M8ryPINvMEU8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTt8HlzZz9kGTGRSPAhZbzDfKD+PTAfBgNVHSMEGDAWgBS01+0UuNUaILrs
e2YPCKgM3PgXvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ROZnRGTGpWR2lDNjdIdG1Ed2lvRE56NEY3OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvMTMyYmE4LTc2NzYtNDlmNi1hZmNjLTdkMDQyM2JkYTc0Yy8x
LzdmQjVjMmNfWkJreGtVandJV1c4dzN5Z19qMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
MTMyYmE4LTc2NzYtNDlmNi1hZmNjLTdkMDQyM2JkYTc0Yy8xL3ROZnRGTGpWR2lD
NjdIdG1Ed2lvRE56NEY3OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvZzDANBgkqhkiG9w0BAQsFAAOC
AQEAXOv2SVZhWday1PJIYH3tuzypucubkg7UlnbiJG332at2OV/CWy9vSQvHJoKi
FiAo8Pa/Xigii5mMfr1RR1DSBvRWr2+ZpZ33nrt6jVnCWaYHwN3d40HgTiZhKBDA
56nQ+YjiUTXyYWaAWf5OzuNQETfd7mmU9P/zWthSeRfSGgI0g7yXIuG3TRJp2BPt
Z2fh0PZ8M0/u9Mg0aloMVHAIwIeZnR1GAFxjv2/AfFwRmhxhlorR2d9w74VFR/z9
UmWSrf+YwJxBQUnWsYbtOpP9pDG3QzinPlZk+yGVchdHVLhXXkle/Xr6IEQqpSnI
SesLuZrJ2ysUe3SwBMMAxK5Qaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:07 2024 by rpki-client on console-ams.rpki-client.org