Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/TI6IO_4POpIHEY7y5JE6bio7moo.roa
File:                     TI6IO_4POpIHEY7y5JE6bio7moo.roa (raw, json)
Hash identifier:          pb1x3CwJIhGRtEhsWU8jyWQCtlCxc+69DjkaxXHdKjI=
Subject key identifier:   4C:8E:88:3B:FE:0F:3A:92:07:11:8E:F2:E4:91:3A:6E:2A:3B:9A:8A
Certificate issuer:       /CN=a9c187bc7a9e885335a7eb9b0a438fe811c03847
Certificate serial:       09DE6507
Authority key identifier: A9:C1:87:BC:7A:9E:88:53:35:A7:EB:9B:0A:43:8F:E8:11:C0:38:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qcGHvHqeiFM1p-ubCkOP6BHAOEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/TI6IO_4POpIHEY7y5JE6bio7moo.roa
Signing time:             Sat 01 Jan 2022 05:55:16 +0000
ROA not before:           Sat 01 Jan 2022 05:55:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51979
IP address blocks:        91.222.88.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 165569799 (0x9de6507)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9c187bc7a9e885335a7eb9b0a438fe811c03847
        Validity
            Not Before: Jan  1 05:55:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c8e883bfe0f3a9207118ef2e4913a6e2a3b9a8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:08:87:4f:8f:d8:fe:da:71:d2:86:7e:b5:4f:
                    d4:5c:61:40:f8:cc:82:db:60:d2:83:5e:a1:76:37:
                    5c:54:28:f8:c5:4d:36:4f:f8:a0:9e:33:f0:ed:76:
                    f4:11:61:55:0d:d7:bf:92:4e:d3:57:22:53:d0:11:
                    71:7d:55:7f:75:40:5d:3e:2a:e8:cf:c3:49:64:e1:
                    ac:93:1c:c0:b6:c0:96:30:6c:27:c7:92:e6:d5:db:
                    84:aa:b3:b2:6b:2e:ec:63:08:90:2d:da:6b:ae:67:
                    16:74:27:62:a4:c3:99:8b:f9:c0:93:0a:94:a1:9a:
                    d8:43:8d:a8:2c:b7:fc:16:f8:0d:5b:d9:c8:2e:5b:
                    c0:e0:72:11:72:a4:e5:78:83:57:e6:35:b9:3a:ba:
                    96:3e:f4:9a:a2:f1:e3:b7:89:ff:e5:5c:19:85:a5:
                    f7:07:4e:ba:e9:0f:80:91:60:62:65:f3:de:0d:9e:
                    44:ce:24:28:3e:63:c7:61:b5:c7:70:d9:0b:4c:59:
                    73:4c:d3:c5:7d:40:d9:e5:0e:0b:39:ff:14:9d:d9:
                    00:b5:ba:89:21:c9:13:1a:60:6d:66:10:c7:10:08:
                    25:97:66:49:29:50:2b:f5:9d:56:72:de:1b:cf:84:
                    b3:fb:39:ac:d2:16:61:eb:fe:20:e2:be:e9:58:ae:
                    97:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:8E:88:3B:FE:0F:3A:92:07:11:8E:F2:E4:91:3A:6E:2A:3B:9A:8A
            X509v3 Authority Key Identifier:
                keyid:A9:C1:87:BC:7A:9E:88:53:35:A7:EB:9B:0A:43:8F:E8:11:C0:38:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcGHvHqeiFM1p-ubCkOP6BHAOEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/TI6IO_4POpIHEY7y5JE6bio7moo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/qcGHvHqeiFM1p-ubCkOP6BHAOEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.222.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a4:5e:2c:2b:00:e0:8d:fc:c8:32:89:32:70:97:c9:69:a1:73:
         5c:96:c9:f5:6f:31:0e:fc:69:3b:bb:9c:bf:ba:a4:98:9a:42:
         d0:27:51:33:11:3b:4c:8a:f5:49:92:2e:e8:eb:6a:d1:8f:a0:
         8e:32:96:5f:80:35:8e:40:b7:9b:91:58:35:ca:b5:c3:67:a3:
         e2:c9:2f:e8:df:c7:17:83:34:4d:87:1f:7f:dd:eb:e5:5c:b5:
         51:11:c2:8f:43:03:e7:06:87:cb:21:54:c5:24:c8:96:e2:ec:
         0e:31:85:9b:15:4d:dc:a8:90:5a:01:5c:d2:9a:ce:32:08:89:
         54:9b:58:df:aa:fc:a4:97:35:8f:5f:20:63:59:0d:80:cf:6c:
         7b:3d:75:71:db:8e:b6:16:6a:20:e6:d8:95:7e:68:54:de:f6:
         e6:45:39:fc:97:73:3e:52:83:ab:fb:9f:50:17:45:e4:c6:7b:
         fb:a0:81:90:33:3b:7a:03:78:63:7b:e9:03:02:ff:a1:43:83:
         7b:83:38:19:92:98:21:1f:d6:14:7c:78:0b:75:15:b1:c7:a2:
         14:b4:71:99:73:d9:3e:64:14:57:55:83:a8:4d:df:e7:e9:2a:
         8f:0b:cf:b5:7c:e2:42:23:b4:88:b8:a1:87:88:2c:e2:09:ca:
         8f:2f:ce:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECd5lBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OWMxODdiYzdhOWU4ODUzMzVhN2ViOWIwYTQzOGZlODExYzAzODQ3MB4XDTIyMDEw
MTA1NTUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM4ZTg4M2JmZTBm
M2E5MjA3MTE4ZWYyZTQ5MTNhNmUyYTNiOWE4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKIIh0+P2P7acdKGfrVP1FxhQPjMgttg0oNeoXY3XFQo+MVN
Nk/4oJ4z8O129BFhVQ3Xv5JO01ciU9ARcX1Vf3VAXT4q6M/DSWThrJMcwLbAljBs
J8eS5tXbhKqzsmsu7GMIkC3aa65nFnQnYqTDmYv5wJMKlKGa2EONqCy3/Bb4DVvZ
yC5bwOByEXKk5XiDV+Y1uTq6lj70mqLx47eJ/+VcGYWl9wdOuukPgJFgYmXz3g2e
RM4kKD5jx2G1x3DZC0xZc0zTxX1A2eUOCzn/FJ3ZALW6iSHJExpgbWYQxxAIJZdm
SSlQK/WdVnLeG8+Es/s5rNIWYev+IOK+6Viulz0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMjog7/g86kgcRjvLkkTpuKjuaijAfBgNVHSMEGDAWgBSpwYe8ep6IUzWn
65sKQ4/oEcA4RzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FjR0h2SHFlaUZNMXAtdWJDa09QNkJIQU9FYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvMWI4MTRhLWQzODgtNGM2NC04MzAyLTM3MGQxZmQ0MjU0Yi8x
L1RJNklPXzRQT3BJSEVZN3k1SkU2YmlvN21vby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
MWI4MTRhLWQzODgtNGM2NC04MzAyLTM3MGQxZmQ0MjU0Yi8xL3FjR0h2SHFlaUZN
MXAtdWJDa09QNkJIQU9FYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlveWDANBgkqhkiG9w0BAQsFAAOC
AQEApF4sKwDgjfzIMokycJfJaaFzXJbJ9W8xDvxpO7ucv7qkmJpC0CdRMxE7TIr1
SZIu6Otq0Y+gjjKWX4A1jkC3m5FYNcq1w2ej4skv6N/HF4M0TYcff93r5Vy1URHC
j0MD5waHyyFUxSTIluLsDjGFmxVN3KiQWgFc0prOMgiJVJtY36r8pJc1j18gY1kN
gM9sez11cduOthZqIObYlX5oVN725kU5/JdzPlKDq/ufUBdF5MZ7+6CBkDM7egN4
Y3vpAwL/oUODe4M4GZKYIR/WFHx4C3UVsceiFLRxmXPZPmQUV1WDqE3f5+kqjwvP
tXziQiO0iLihh4gs4gnKjy/ORA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:00 2024 by rpki-client on console-fra.rpki-client.org