Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/Vh4OGweoLE0GtjE-i9hVG_x4oqw.roa
File:                     Vh4OGweoLE0GtjE-i9hVG_x4oqw.roa (raw, json)
Hash identifier:          v+O8OqWtLFYFxkT5gpI9LGKksB0lE9m5UAOqJe5kip4=
Subject key identifier:   56:1E:0E:1B:07:A8:2C:4D:06:B6:31:3E:8B:D8:55:1B:FC:78:A2:AC
Certificate issuer:       /CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Certificate serial:       0C6377D1
Authority key identifier: 65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/Vh4OGweoLE0GtjE-i9hVG_x4oqw.roa
Signing time:             Sat 01 Jan 2022 01:54:34 +0000
ROA not before:           Sat 01 Jan 2022 01:54:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30870
IP address blocks:        84.244.153.0/24 maxlen: 24
                          84.244.170.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 207845329 (0xc6377d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
        Validity
            Not Before: Jan  1 01:54:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=561e0e1b07a82c4d06b6313e8bd8551bfc78a2ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e8:be:1e:53:8b:d3:f3:35:f7:f4:46:97:26:
                    60:39:68:2a:88:f8:9f:76:1f:ce:04:35:0a:d7:11:
                    c9:e7:b9:bc:e5:83:c4:f3:05:a7:b5:f6:e5:78:d6:
                    38:03:e9:8a:48:c7:a4:a1:be:9b:83:cc:b6:9c:8d:
                    99:c5:58:c4:f9:04:3b:57:f6:c5:49:d7:3e:a4:f3:
                    cc:0e:5c:fc:57:e0:2b:59:1e:c7:34:a5:29:5d:ed:
                    7a:51:eb:c3:b8:a9:da:25:65:ff:a8:d5:10:80:61:
                    2e:7c:f5:0a:7e:a6:75:0f:79:83:32:6f:e0:8c:03:
                    91:1b:ab:5b:06:d3:50:c8:bc:89:bf:87:e4:c0:61:
                    ac:8b:8b:69:31:6b:5c:2e:d6:c3:db:10:c4:33:13:
                    38:fb:2d:50:06:98:d2:e2:3c:28:28:2b:2b:1d:81:
                    77:4e:0f:7a:d4:81:b2:a4:c5:fd:80:d1:01:e4:be:
                    10:a4:5f:20:f3:5a:2b:0a:d3:fa:cb:fb:02:6e:93:
                    98:4b:b1:3a:73:84:af:3f:d6:45:2b:c2:79:eb:cd:
                    07:1d:9e:db:bc:45:12:48:5b:46:a5:99:0a:5b:95:
                    4d:00:73:16:20:2b:03:b7:f8:39:cb:d7:4c:47:ca:
                    f5:c2:2f:26:d8:4e:0d:29:73:1d:b5:62:a4:d0:6b:
                    ba:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:1E:0E:1B:07:A8:2C:4D:06:B6:31:3E:8B:D8:55:1B:FC:78:A2:AC
            X509v3 Authority Key Identifier:
                keyid:65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/Vh4OGweoLE0GtjE-i9hVG_x4oqw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.244.153.0/24
                  84.244.170.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6b:40:52:ec:62:e6:78:58:2b:d3:5b:1e:6c:4e:32:bc:11:ac:
         b7:a0:9c:44:6c:4f:40:1b:05:35:af:b8:a3:4c:71:c6:bb:34:
         0d:da:ee:f2:96:c7:2b:cc:a9:5e:98:4b:b0:a9:00:0b:b6:35:
         4d:b5:f6:73:dd:5c:ab:f7:3d:12:c6:56:4f:d6:78:3d:db:96:
         56:48:7d:d7:66:16:90:b2:49:a5:be:24:78:3a:33:64:61:67:
         55:63:c5:da:ed:e9:82:57:03:84:80:59:a2:d0:08:0b:b0:82:
         d6:10:05:8e:37:6a:63:3c:f2:b4:cc:07:ea:23:5b:2c:c1:f5:
         7d:ed:10:d5:1c:99:94:00:ac:97:83:df:6d:bf:81:6e:31:45:
         0c:88:3a:78:99:6b:6f:91:f2:1b:13:ec:c3:ef:aa:15:dd:c8:
         7b:3c:f0:b5:ff:5d:6a:97:f5:97:20:1d:60:94:24:b1:f2:46:
         56:a6:e3:a7:38:da:18:39:c9:2e:a9:3f:e0:f6:34:28:fd:54:
         8c:94:7f:2f:95:f9:4c:62:f2:07:30:de:b2:6c:87:04:2e:78:
         e6:50:d9:12:8c:3f:bd:5f:e1:41:32:d8:1d:ca:94:83:31:0c:
         0f:68:2c:81:f6:64:9c:92:89:38:44:d0:89:cd:d3:e9:b2:f1:
         1f:0c:00:c8
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDGN30TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTExY2U1ZTJmNTNiN2JiOGNhYzhmMzllMjk0ZTg5YTQ1YjIwMDI5MB4XDTIyMDEw
MTAxNTQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTYxZTBlMWIwN2E4
MmM0ZDA2YjYzMTNlOGJkODU1MWJmYzc4YTJhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbovh5Ti9PzNff0RpcmYDloKoj4n3YfzgQ1CtcRyee5vOWD
xPMFp7X25XjWOAPpikjHpKG+m4PMtpyNmcVYxPkEO1f2xUnXPqTzzA5c/FfgK1ke
xzSlKV3telHrw7ip2iVl/6jVEIBhLnz1Cn6mdQ95gzJv4IwDkRurWwbTUMi8ib+H
5MBhrIuLaTFrXC7Ww9sQxDMTOPstUAaY0uI8KCgrKx2Bd04PetSBsqTF/YDRAeS+
EKRfIPNaKwrT+sv7Am6TmEuxOnOErz/WRSvCeevNBx2e27xFEkhbRqWZCluVTQBz
FiArA7f4OcvXTEfK9cIvJthODSlzHbVipNBrui8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRWHg4bB6gsTQa2MT6L2FUb/HiirDAfBgNVHSMEGDAWgBRlEc5eL1O3u4ys
jznilOiaRbIAKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pSSE9YaTlUdDd1TXJJODU0cFRvbWtXeUFDay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvOTFiMDkzLWFjYjctNGNiNy1iZjhmLTVjYjkzNGE1NWIwZC8x
L1ZoNE9Hd2VvTEUwR3RqRS1pOWhWR194NG9xdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
OTFiMDkzLWFjYjctNGNiNy1iZjhmLTVjYjkzNGE1NWIwZC8xL1pSSE9YaTlUdDd1
TXJJODU0cFRvbWtXeUFDay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFT0mQMEAVT0qjANBgkqhkiG9w0B
AQsFAAOCAQEAa0BS7GLmeFgr01sebE4yvBGst6CcRGxPQBsFNa+4o0xxxrs0Ddru
8pbHK8ypXphLsKkAC7Y1TbX2c91cq/c9EsZWT9Z4PduWVkh912YWkLJJpb4keDoz
ZGFnVWPF2u3pglcDhIBZotAIC7CC1hAFjjdqYzzytMwH6iNbLMH1fe0Q1RyZlACs
l4Pfbb+BbjFFDIg6eJlrb5HyGxPsw++qFd3Iezzwtf9dapf1lyAdYJQksfJGVqbj
pzjaGDnJLqk/4PY0KP1UjJR/L5X5TGLyBzDesmyHBC545lDZEow/vV/hQTLYHcqU
gzEMD2gsgfZknJKJOETQic3T6bLxHwwAyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:23 2024 by rpki-client on console-ams.rpki-client.org