Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/nBwZzR4cavpZNqVLgdkdoif8wHw.roa
File:                     nBwZzR4cavpZNqVLgdkdoif8wHw.roa (raw, json)
Hash identifier:          mWcfcuZjkiW5c/0piQsiJqUeUBs1VqT2ZMbC4Ay5SPY=
Subject key identifier:   9C:1C:19:CD:1E:1C:6A:FA:59:36:A5:4B:81:D9:1D:A2:27:FC:C0:7C
Certificate issuer:       /CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Certificate serial:       03E230EC
Authority key identifier: 09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/nBwZzR4cavpZNqVLgdkdoif8wHw.roa
Signing time:             Sat 01 Jan 2022 16:02:08 +0000
ROA not before:           Sat 01 Jan 2022 16:02:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207558
IP address blocks:        91.224.171.0/24 maxlen: 24
                          91.196.229.0/24 maxlen: 24
                          91.196.228.0/22 maxlen: 22
                          91.196.228.0/24 maxlen: 24
                          91.196.231.0/24 maxlen: 24
                          91.196.230.0/24 maxlen: 24
                          2a0f:d840::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65155308 (0x3e230ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09fecd7071b727db3d12f09efbb454e04d4f743d
        Validity
            Not Before: Jan  1 16:02:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9c1c19cd1e1c6afa5936a54b81d91da227fcc07c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bd:45:e6:4a:e8:03:e7:7b:eb:a5:38:ca:ee:
                    95:88:31:10:00:83:8e:64:ea:e0:2c:4e:68:c1:b6:
                    c9:77:fd:c8:92:60:34:8c:13:c5:e4:63:e2:be:f5:
                    1d:65:a0:c6:11:b6:35:37:fc:d6:1b:46:c0:e8:5b:
                    a5:17:4d:10:5d:77:02:f3:3e:2a:87:bd:1b:30:8c:
                    95:66:2f:c0:35:85:46:0e:56:39:e4:07:5b:04:6d:
                    2e:0b:18:38:46:5e:65:63:5c:24:e9:f8:5b:d7:f6:
                    ad:0a:13:13:49:26:2a:92:db:49:db:d3:28:82:f8:
                    cb:91:22:3a:46:1a:08:ff:ce:34:fa:2f:36:84:a7:
                    51:67:34:90:90:75:e3:ec:0d:d1:09:1a:57:18:dd:
                    2b:63:88:86:85:70:ed:c8:8e:95:2d:08:f6:e5:e0:
                    c7:bc:04:62:bc:ed:5a:19:f6:b7:9c:ad:4b:11:11:
                    a2:d7:bf:3b:95:fd:a3:61:77:49:27:c8:3a:ec:56:
                    22:6d:5c:3d:a0:04:81:a3:c0:43:4b:09:a4:90:19:
                    37:bc:84:4c:cb:83:99:3f:8f:78:05:c6:3e:01:3a:
                    0e:b3:1c:07:97:09:1f:91:26:a9:c6:9e:b2:a5:f4:
                    7a:b1:e2:5a:c7:20:3c:9c:52:fc:47:63:00:e3:77:
                    24:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:1C:19:CD:1E:1C:6A:FA:59:36:A5:4B:81:D9:1D:A2:27:FC:C0:7C
            X509v3 Authority Key Identifier:
                keyid:09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/nBwZzR4cavpZNqVLgdkdoif8wHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.196.228.0/22
                  91.224.171.0/24
                IPv6:
                  2a0f:d840::/29

    Signature Algorithm: sha256WithRSAEncryption
         14:e4:f6:a7:ca:f0:6d:9c:33:be:66:d0:c2:c5:9c:b1:b9:c7:
         d2:39:be:87:ec:9c:6e:94:0a:13:80:cd:a3:b1:06:77:e4:97:
         cf:3e:05:17:23:10:45:59:7b:97:f9:01:d8:1c:19:87:48:da:
         5d:05:bd:99:d4:e1:ea:9d:1e:fa:69:a6:64:f9:49:0b:0b:cc:
         6c:b4:ff:b9:99:d7:16:66:23:41:73:6d:b0:55:0a:7d:5a:88:
         cd:1c:73:9e:08:86:3e:3f:37:29:40:76:26:25:35:ce:52:44:
         19:e0:9c:0e:78:7b:6c:53:73:81:41:58:e0:0e:75:c1:a9:56:
         d6:69:65:f2:08:c3:dd:6f:62:c1:ee:ab:c9:44:46:c1:28:44:
         c4:ba:bf:16:de:da:2c:4e:94:67:f1:13:bc:cd:fd:f9:50:02:
         b5:33:ce:11:13:76:21:0b:04:79:cb:b6:e4:e3:bd:83:f3:0a:
         59:87:45:eb:4a:a9:98:66:7e:ca:02:95:80:f9:98:b5:90:74:
         f6:a6:53:7c:6e:c2:fc:31:d4:ae:3b:72:c8:bf:6e:d9:c9:cb:
         91:53:47:58:ca:d6:5b:9f:62:d9:12:26:e2:58:3c:ca:83:85:
         33:fa:dd:85:5e:63:3d:9a:a3:92:51:29:29:dc:08:25:5d:cc:
         21:eb:10:cb
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEA+Iw7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OWZlY2Q3MDcxYjcyN2RiM2QxMmYwOWVmYmI0NTRlMDRkNGY3NDNkMB4XDTIyMDEw
MTE2MDIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWMxYzE5Y2QxZTFj
NmFmYTU5MzZhNTRiODFkOTFkYTIyN2ZjYzA3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALK9ReZK6APne+ulOMrulYgxEACDjmTq4CxOaMG2yXf9yJJg
NIwTxeRj4r71HWWgxhG2NTf81htGwOhbpRdNEF13AvM+Koe9GzCMlWYvwDWFRg5W
OeQHWwRtLgsYOEZeZWNcJOn4W9f2rQoTE0kmKpLbSdvTKIL4y5EiOkYaCP/ONPov
NoSnUWc0kJB14+wN0QkaVxjdK2OIhoVw7ciOlS0I9uXgx7wEYrztWhn2t5ytSxER
ote/O5X9o2F3SSfIOuxWIm1cPaAEgaPAQ0sJpJAZN7yETMuDmT+PeAXGPgE6DrMc
B5cJH5EmqcaesqX0erHiWscgPJxS/EdjAON3JCUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBScHBnNHhxq+lk2pUuB2R2iJ/zAfDAfBgNVHSMEGDAWgBQJ/s1wcbcn2z0S
8J77tFTgTU90PTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NmN05jSEczSjlzOUV2Q2UtN1JVNEUxUGREMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNzJlM2ExLTkwNmMtNDQ4Yi05OGRhLTVhMjA2ZThiMTM2OS8x
L25Cd1p6UjRjYXZwWk5xVkxnZGtkb2lmOHdIdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
NzJlM2ExLTkwNmMtNDQ4Yi05OGRhLTVhMjA2ZThiMTM2OS8xL0NmN05jSEczSjlz
OUV2Q2UtN1JVNEUxUGREMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlvE5AMEAFvgqzANBAIAAjAHAwUD
Kg/YQDANBgkqhkiG9w0BAQsFAAOCAQEAFOT2p8rwbZwzvmbQwsWcsbnH0jm+h+yc
bpQKE4DNo7EGd+SXzz4FFyMQRVl7l/kB2BwZh0jaXQW9mdTh6p0e+mmmZPlJCwvM
bLT/uZnXFmYjQXNtsFUKfVqIzRxzngiGPj83KUB2JiU1zlJEGeCcDnh7bFNzgUFY
4A51walW1mll8gjD3W9iwe6ryURGwShExLq/Ft7aLE6UZ/ETvM39+VACtTPOERN2
IQsEecu25OO9g/MKWYdF60qpmGZ+ygKVgPmYtZB09qZTfG7C/DHUrjtyyL9u2cnL
kVNHWMrWW59i2RIm4lg8yoOFM/rdhV5jPZqjklEpKdwIJV3MIesQyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:20 2024 by rpki-client on console-ams.rpki-client.org