Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/b837f3-0852-4d7f-9c0e-b2d466697ac4/1/L09Qag9g7DTBMmLiaB8s6M8qpCE.roa
File:                     L09Qag9g7DTBMmLiaB8s6M8qpCE.roa (raw, json)
Hash identifier:          m9c/Z4nhszUjOFq+6rtnSBrgKth91Ic+ASak3R9O2ig=
Subject key identifier:   2F:4F:50:6A:0F:60:EC:34:C1:32:62:E2:68:1F:2C:E8:CF:2A:A4:21
Certificate issuer:       /CN=168731917170c4b81bee351d0455c32cbad63b26
Certificate serial:       58D2
Authority key identifier: 16:87:31:91:71:70:C4:B8:1B:EE:35:1D:04:55:C3:2C:BA:D6:3B:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FocxkXFwxLgb7jUdBFXDLLrWOyY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/b837f3-0852-4d7f-9c0e-b2d466697ac4/1/L09Qag9g7DTBMmLiaB8s6M8qpCE.roa
Signing time:             Thu 21 Apr 2022 12:49:59 +0000
ROA not before:           Thu 21 Apr 2022 12:49:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209707
IP address blocks:        91.132.76.0/22 maxlen: 22
                          2a09:c180::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22738 (0x58d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=168731917170c4b81bee351d0455c32cbad63b26
        Validity
            Not Before: Apr 21 12:49:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2f4f506a0f60ec34c13262e2681f2ce8cf2aa421
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:8e:32:42:9e:29:e0:90:5a:7e:ca:0f:16:5b:
                    7c:bd:81:42:78:6b:b5:b5:c9:e6:20:ab:08:43:6d:
                    53:88:7a:5e:c0:27:a3:1b:26:8a:ee:a8:c4:76:60:
                    e7:2f:af:90:56:9f:3a:cf:f6:69:6b:c3:37:fd:b1:
                    80:7e:4b:5b:4c:f5:64:5f:26:dd:b6:4f:82:24:29:
                    b7:70:53:3c:9c:26:32:47:20:d1:fc:a1:d4:8a:76:
                    cc:84:56:69:a7:6f:4f:a3:6f:bd:0a:cd:59:d2:5b:
                    b4:78:9c:60:35:0b:78:4f:c9:c5:30:fd:ab:d0:64:
                    f3:7f:d0:88:49:04:49:54:0a:f9:ba:c6:52:c7:00:
                    d3:57:e0:7c:4f:f4:0c:b3:4c:fd:29:ee:0a:57:21:
                    6e:42:2f:82:fa:6c:7f:2e:2d:23:a3:bc:59:6f:84:
                    59:df:04:c2:c0:77:e0:a6:fb:0e:67:05:55:a6:f1:
                    5e:12:47:65:53:4a:77:8f:01:c4:17:c2:c8:e3:0f:
                    22:17:23:68:80:f8:8f:e6:3a:4d:ba:bd:03:d7:03:
                    dc:b7:92:e6:e3:6a:0e:3f:75:ee:bd:f4:b3:35:05:
                    b8:90:b9:ef:4e:db:1d:95:2d:d4:7f:96:fd:f8:d5:
                    10:87:6c:e7:62:68:29:a4:80:ac:d2:d5:20:24:99:
                    b2:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:4F:50:6A:0F:60:EC:34:C1:32:62:E2:68:1F:2C:E8:CF:2A:A4:21
            X509v3 Authority Key Identifier:
                keyid:16:87:31:91:71:70:C4:B8:1B:EE:35:1D:04:55:C3:2C:BA:D6:3B:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FocxkXFwxLgb7jUdBFXDLLrWOyY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/b837f3-0852-4d7f-9c0e-b2d466697ac4/1/L09Qag9g7DTBMmLiaB8s6M8qpCE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/b837f3-0852-4d7f-9c0e-b2d466697ac4/1/FocxkXFwxLgb7jUdBFXDLLrWOyY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.132.76.0/22
                IPv6:
                  2a09:c180::/29

    Signature Algorithm: sha256WithRSAEncryption
         48:98:33:fc:28:86:c8:81:c9:c5:dc:3c:7e:13:0a:1b:19:63:
         44:a4:93:5f:e4:00:2a:f5:ea:67:11:46:a9:c7:5c:0e:f6:b9:
         1a:52:3b:32:65:aa:60:a0:d0:34:c7:bf:65:40:1e:3b:e0:70:
         46:fb:6e:da:0d:d6:07:47:86:6a:b1:dd:84:c9:f7:08:df:67:
         b4:60:d3:2d:b0:1a:13:8f:f3:a4:d8:af:22:bb:a2:12:79:87:
         57:fe:ff:68:bc:86:e9:76:e5:a9:c9:2d:fa:19:7f:db:1d:d4:
         c1:04:52:c7:20:75:e3:e2:c3:6f:d3:6b:11:44:f2:b1:cf:48:
         e2:7a:c1:66:4e:1c:4c:62:3d:c1:5d:24:62:e5:0c:ba:ce:db:
         11:36:42:db:0d:27:e6:3f:6d:b3:5c:b2:4a:1d:58:b2:9c:92:
         7b:53:b5:e0:ce:82:95:5d:d5:72:1d:34:b4:0a:3e:b3:6a:b9:
         92:96:8d:77:0c:6d:f6:7b:f0:ef:95:d5:c1:59:8f:18:9f:dc:
         96:b9:be:00:25:0f:9a:d3:6f:04:79:2e:cf:1c:18:22:69:45:
         f5:42:3e:86:bb:d8:c5:34:2c:e9:0a:86:da:66:f7:39:a0:39:
         7b:2a:b1:9c:b6:f2:ad:16:72:d4:6a:5b:bd:c4:57:67:72:00:
         f3:e6:a8:84
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgICWNIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTY4
NzMxOTE3MTcwYzRiODFiZWUzNTFkMDQ1NWMzMmNiYWQ2M2IyNjAeFw0yMjA0MjEx
MjQ5NTlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJmNGY1MDZhMGY2MGVj
MzRjMTMyNjJlMjY4MWYyY2U4Y2YyYWE0MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9jjJCningkFp+yg8WW3y9gUJ4a7W1yeYgqwhDbVOIel7AJ6Mb
JoruqMR2YOcvr5BWnzrP9mlrwzf9sYB+S1tM9WRfJt22T4IkKbdwUzycJjJHINH8
odSKdsyEVmmnb0+jb70KzVnSW7R4nGA1C3hPycUw/avQZPN/0IhJBElUCvm6xlLH
ANNX4HxP9AyzTP0p7gpXIW5CL4L6bH8uLSOjvFlvhFnfBMLAd+Cm+w5nBVWm8V4S
R2VTSnePAcQXwsjjDyIXI2iA+I/mOk26vQPXA9y3kubjag4/de699LM1BbiQue9O
2x2VLdR/lv341RCHbOdiaCmkgKzS1SAkmbJhAgMBAAGjggIYMIICFDAdBgNVHQ4E
FgQUL09Qag9g7DTBMmLiaB8s6M8qpCEwHwYDVR0jBBgwFoAUFocxkXFwxLgb7jUd
BFXDLLrWOyYwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9G
b2N4a1hGd3hMZ2I3alVkQkZYRExMcldPeVkuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzg0L2I4MzdmMy0wODUyLTRkN2YtOWMwZS1iMmQ0NjY2OTdhYzQvMS9M
MDlRYWc5ZzdEVEJNbUxpYUI4czZNOHFwQ0Uucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg0L2I4
MzdmMy0wODUyLTRkN2YtOWMwZS1iMmQ0NjY2OTdhYzQvMS9Gb2N4a1hGd3hMZ2I3
alVkQkZYRExMcldPeVkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYI
KwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJbhEwwDQQCAAIwBwMFAyoJwYAwDQYJ
KoZIhvcNAQELBQADggEBAEiYM/wohsiBycXcPH4TChsZY0Skk1/kACr16mcRRqnH
XA72uRpSOzJlqmCg0DTHv2VAHjvgcEb7btoN1gdHhmqx3YTJ9wjfZ7Rg0y2wGhOP
86TYryK7ohJ5h1f+/2i8hul25anJLfoZf9sd1MEEUscgdePiw2/TaxFE8rHPSOJ6
wWZOHExiPcFdJGLlDLrO2xE2QtsNJ+Y/bbNcskodWLKckntTteDOgpVd1XIdNLQK
PrNquZKWjXcMbfZ78O+V1cFZjxif3Ja5vgAlD5rTbwR5Ls8cGCJpRfVCPoa72MU0
LOkKhtpm9zmgOXsqsZy28q0WctRqW73EV2dyAPPmqIQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:16 2024 by rpki-client on console-ams.rpki-client.org