Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/fuYT8D3NfJZlycXkbR_iGesyKck.roa
File:                     fuYT8D3NfJZlycXkbR_iGesyKck.roa (raw, json)
Hash identifier:          HSCP/0xBECF9/1A+MVbLc7Y3UGjKLd9jjqtoVR8/imw=
Subject key identifier:   7E:E6:13:F0:3D:CD:7C:96:65:C9:C5:E4:6D:1F:E2:19:EB:32:29:C9
Certificate issuer:       /CN=1a12509e4f2a730e169937d40833bb893ee7b98c
Certificate serial:       0918FB99
Authority key identifier: 1A:12:50:9E:4F:2A:73:0E:16:99:37:D4:08:33:BB:89:3E:E7:B9:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhJQnk8qcw4WmTfUCDO7iT7nuYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/fuYT8D3NfJZlycXkbR_iGesyKck.roa
Signing time:             Sat 01 Jan 2022 07:59:02 +0000
ROA not before:           Sat 01 Jan 2022 07:59:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9121
IP address blocks:        185.76.201.0/24 maxlen: 24
                          185.76.203.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152632217 (0x918fb99)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a12509e4f2a730e169937d40833bb893ee7b98c
        Validity
            Not Before: Jan  1 07:59:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7ee613f03dcd7c9665c9c5e46d1fe219eb3229c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:78:c1:bf:c0:d0:11:06:aa:1c:76:c9:64:ed:
                    c6:cb:f1:65:24:5e:ac:4c:be:61:5c:a4:61:b7:2e:
                    e8:d7:e5:ee:b5:47:5b:ed:58:b9:6a:e1:23:b8:1d:
                    a6:9d:9c:b3:19:64:30:bb:cc:7d:97:df:54:c0:0a:
                    98:7f:4a:56:d4:98:71:4d:7a:51:ea:5f:4b:b0:af:
                    a8:a7:55:78:a1:0a:d5:10:2d:b5:a7:87:3a:f6:ec:
                    b1:26:2e:46:0b:ee:79:4d:91:64:83:60:5b:ba:95:
                    bf:d8:2f:98:23:0c:c2:e5:80:0b:6b:d1:71:e4:bc:
                    20:06:f3:a5:55:6b:13:0b:58:73:6f:cc:26:ca:d0:
                    60:8f:d0:88:4c:cc:c6:3f:6f:13:57:42:30:6c:7c:
                    1f:11:50:cd:22:44:55:23:0a:1b:b0:f6:08:71:7a:
                    23:7c:b8:56:01:ac:a9:55:a4:2d:17:d3:7a:3b:13:
                    0e:9b:35:a7:29:ff:33:6b:3b:c1:01:9d:17:c3:4a:
                    65:64:be:ec:66:fc:08:dd:1b:50:9b:20:cb:1b:37:
                    86:55:2c:f3:8c:5a:a0:ad:53:dd:90:fe:90:4f:4f:
                    ec:28:c5:85:c2:f9:8a:56:71:b0:f1:68:bf:34:8a:
                    30:39:78:4e:e9:21:96:bd:68:04:cb:9a:81:5c:32:
                    5d:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:E6:13:F0:3D:CD:7C:96:65:C9:C5:E4:6D:1F:E2:19:EB:32:29:C9
            X509v3 Authority Key Identifier:
                keyid:1A:12:50:9E:4F:2A:73:0E:16:99:37:D4:08:33:BB:89:3E:E7:B9:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhJQnk8qcw4WmTfUCDO7iT7nuYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/fuYT8D3NfJZlycXkbR_iGesyKck.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/GhJQnk8qcw4WmTfUCDO7iT7nuYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.76.201.0/24
                  185.76.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:d5:07:0f:77:61:68:7c:03:2b:57:43:15:7d:e5:fa:45:4f:
         db:08:8c:23:0e:20:bb:37:20:ce:d4:48:64:3c:ba:de:46:9b:
         6f:ba:f7:f2:e8:87:c4:35:0a:66:91:2a:bc:61:c0:8f:98:6f:
         a1:73:61:0d:09:8a:26:28:03:b1:89:89:b0:bc:65:f1:87:75:
         14:49:82:92:d0:9a:4f:e9:ef:75:fa:e8:52:4c:89:2a:37:6a:
         c0:43:a6:b3:4c:93:f3:77:9b:45:ff:d2:04:a1:29:98:15:10:
         85:86:af:84:c3:6b:bb:05:5c:a1:2f:c3:17:9d:d8:59:fc:06:
         67:27:ff:eb:02:03:ab:1c:6e:93:18:5c:bd:17:34:e0:e1:88:
         b1:e5:24:3b:bd:ff:17:9f:31:77:b5:23:c5:55:46:fa:c1:b2:
         d7:e2:fc:e9:05:af:6b:41:fa:26:cf:f8:76:49:68:fb:cb:e8:
         e2:81:92:6e:76:08:4e:5c:ec:e3:06:b0:fc:37:34:27:d9:bb:
         6a:da:c9:97:54:03:da:a8:e9:5d:cc:5f:0f:22:fe:fa:22:af:
         2c:94:98:3d:5b:c4:bb:35:f1:5d:a8:0c:99:2e:38:22:7f:c8:
         9d:fa:ad:5c:3d:44:b7:d4:2d:6f:5f:6e:3e:23:8f:21:e4:ac:
         bc:91:1b:c3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECRj7mTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTEyNTA5ZTRmMmE3MzBlMTY5OTM3ZDQwODMzYmI4OTNlZTdiOThjMB4XDTIyMDEw
MTA3NTkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2VlNjEzZjAzZGNk
N2M5NjY1YzljNWU0NmQxZmUyMTllYjMyMjljOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN54wb/A0BEGqhx2yWTtxsvxZSRerEy+YVykYbcu6Nfl7rVH
W+1YuWrhI7gdpp2csxlkMLvMfZffVMAKmH9KVtSYcU16UepfS7CvqKdVeKEK1RAt
taeHOvbssSYuRgvueU2RZINgW7qVv9gvmCMMwuWAC2vRceS8IAbzpVVrEwtYc2/M
JsrQYI/QiEzMxj9vE1dCMGx8HxFQzSJEVSMKG7D2CHF6I3y4VgGsqVWkLRfTejsT
Dps1pyn/M2s7wQGdF8NKZWS+7Gb8CN0bUJsgyxs3hlUs84xaoK1T3ZD+kE9P7CjF
hcL5ilZxsPFovzSKMDl4Tukhlr1oBMuagVwyXaECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR+5hPwPc18lmXJxeRtH+IZ6zIpyTAfBgNVHSMEGDAWgBQaElCeTypzDhaZ
N9QIM7uJPue5jDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0doSlFuazhxY3c0V21UZlVDRE83aVQ3bnVZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvYjMxNzMxLTVjZDMtNDQ1ZS04Y2IzLTQxOTZiMGVhY2QyNy8x
L2Z1WVQ4RDNOZkpabHljWGtiUl9pR2VzeUtjay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
YjMxNzMxLTVjZDMtNDQ1ZS04Y2IzLTQxOTZiMGVhY2QyNy8xL0doSlFuazhxY3c0
V21UZlVDRE83aVQ3bnVZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALlMyQMEALlMyzANBgkqhkiG9w0B
AQsFAAOCAQEAEtUHD3dhaHwDK1dDFX3l+kVP2wiMIw4guzcgztRIZDy63kabb7r3
8uiHxDUKZpEqvGHAj5hvoXNhDQmKJigDsYmJsLxl8Yd1FEmCktCaT+nvdfroUkyJ
KjdqwEOms0yT83ebRf/SBKEpmBUQhYavhMNruwVcoS/DF53YWfwGZyf/6wIDqxxu
kxhcvRc04OGIseUkO73/F58xd7UjxVVG+sGy1+L86QWva0H6Js/4dklo+8vo4oGS
bnYITlzs4waw/Dc0J9m7atrJl1QD2qjpXcxfDyL++iKvLJSYPVvEuzXxXagMmS44
In/InfqtXD1Et9Qtb19uPiOPIeSsvJEbww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:01 2024 by rpki-client on console-ams.rpki-client.org