Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/1OfLFqVYAOVjoD501dbCS7FgcrQ.roa
File:                     1OfLFqVYAOVjoD501dbCS7FgcrQ.roa (raw, json)
Hash identifier:          sITEuFxjwjKssQok6sno3soudiyVzMlRN6c7gKHqw1M=
Subject key identifier:   D4:E7:CB:16:A5:58:00:E5:63:A0:3E:74:D5:D6:C2:4B:B1:60:72:B4
Certificate issuer:       /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial:       01852AB72F35BA642A93232C806BB24AEA58
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/1OfLFqVYAOVjoD501dbCS7FgcrQ.roa
Signing time:             Mon 19 Dec 2022 14:08:46 +0000
ROA not before:           Mon 19 Dec 2022 14:08:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6830
IP address blocks:        91.149.228.0/24 maxlen: 24
                          91.149.248.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2a:b7:2f:35:ba:64:2a:93:23:2c:80:6b:b2:4a:ea:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
        Validity
            Not Before: Dec 19 14:08:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d4e7cb16a55800e563a03e74d5d6c24bb16072b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:82:a3:bb:2c:0f:30:8f:0a:b5:51:92:cd:bb:
                    53:2c:ff:5f:15:a1:05:5e:ff:83:ef:cb:d3:f3:2b:
                    6a:13:ed:8c:b8:9c:4e:7d:22:35:28:18:27:9e:0b:
                    22:d8:37:f9:bb:ed:3c:ef:0c:8e:b8:c9:66:42:b8:
                    db:86:52:be:52:40:25:5b:69:da:a1:96:21:ca:07:
                    83:63:0a:9f:38:58:0f:fb:7c:28:0f:64:4c:99:ef:
                    a0:77:b8:8c:84:71:9e:d0:46:68:e8:e2:21:d8:e3:
                    7e:30:31:8b:61:6d:65:e5:d7:01:81:26:90:38:dd:
                    b9:8d:03:aa:72:99:93:89:3e:d4:34:b8:9c:06:97:
                    3d:cb:17:ba:e9:cf:94:96:5e:03:bc:72:9e:ff:47:
                    d3:30:55:f4:dd:a7:25:ad:1d:a8:d5:38:96:b4:71:
                    38:12:37:34:6e:1a:a8:41:f7:20:c3:62:e8:da:4d:
                    0b:05:58:a5:f1:8b:3d:b5:a4:1e:a5:0f:41:6b:3e:
                    b3:53:6a:7b:0f:37:de:a4:47:7e:b4:27:09:e3:f7:
                    aa:ef:54:b8:4f:20:36:26:c5:2d:c1:eb:05:fb:e3:
                    69:40:a3:80:be:74:66:e9:83:6e:7e:46:3c:f4:47:
                    48:ec:14:83:74:e4:90:79:26:a4:66:d2:05:bf:c7:
                    f0:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:E7:CB:16:A5:58:00:E5:63:A0:3E:74:D5:D6:C2:4B:B1:60:72:B4
            X509v3 Authority Key Identifier:
                keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/1OfLFqVYAOVjoD501dbCS7FgcrQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.149.228.0/24
                  91.149.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a7:c7:b3:14:ea:83:64:0b:ee:e4:1c:17:2c:eb:92:93:2b:ab:
         42:76:8d:28:49:0d:0d:70:e8:ae:dc:97:cc:be:48:b9:2a:9b:
         2a:6a:6d:72:a1:1b:c5:0e:a8:46:a1:6e:4a:4b:3f:dc:69:be:
         c3:5f:c6:c8:91:05:00:cf:2e:76:1d:c0:40:fa:e8:16:61:59:
         11:e9:56:35:a4:16:03:64:6f:f0:99:0a:6a:48:07:c1:d9:d3:
         9f:b2:df:4e:c1:75:1f:6e:b6:97:52:d7:f1:3b:c8:fb:f5:27:
         d0:f9:0f:fd:f2:8e:3e:49:48:83:e5:41:12:2f:86:04:68:42:
         f8:50:69:5d:cc:e7:65:d0:86:0a:6d:0b:e3:20:a1:32:50:c3:
         2a:73:2c:09:9e:38:0b:2c:65:c8:28:6b:d3:46:bc:c0:6b:a4:
         5f:8e:19:b0:b2:d7:b5:85:ce:3e:32:4b:cf:ed:ab:41:7e:cd:
         2d:7c:55:9f:85:95:73:9a:62:72:d1:2e:41:61:a4:b2:fd:1d:
         41:42:6e:ba:14:f5:02:08:c2:4e:7e:b0:09:67:f6:40:d5:6a:
         64:d7:8f:36:c1:b6:86:1d:56:e9:b5:c8:47:14:de:61:c0:1b:
         c2:df:79:eb:fb:fe:5e:96:9c:a8:ca:ae:4b:66:33:75:86:f4:
         8d:d0:4a:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUqty81umQqkyMsgGuySupYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjIxMjE5MTQwODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU3Y2IxNmE1NTgwMGU1NjNhMDNlNzRkNWQ2YzI0YmIxNjA3MmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIKjuywPMI8KtVGSzbtTLP9fFaEF
Xv+D78vT8ytqE+2MuJxOfSI1KBgnngsi2Df5u+087wyOuMlmQrjbhlK+UkAlW2na
oZYhygeDYwqfOFgP+3woD2RMme+gd7iMhHGe0EZo6OIh2ON+MDGLYW1l5dcBgSaQ
ON25jQOqcpmTiT7UNLicBpc9yxe66c+Ull4DvHKe/0fTMFX03aclrR2o1TiWtHE4
Ejc0bhqoQfcgw2Lo2k0LBVil8Ys9taQepQ9Baz6zU2p7DzfepEd+tCcJ4/eq71S4
TyA2JsUtwesF++NpQKOAvnRm6YNufkY89EdI7BSDdOSQeSakZtIFv8fwcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNTnyxalWADlY6A+dNXWwkuxYHK0MB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvMU9mTEZxVllBT1Zqb0Q1MDFkYkNTN0ZnY3JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW5XkAwQC
W5X4MA0GCSqGSIb3DQEBCwUAA4IBAQCnx7MU6oNkC+7kHBcs65KTK6tCdo0oSQ0N
cOiu3JfMvki5Kpsqam1yoRvFDqhGoW5KSz/cab7DX8bIkQUAzy52HcBA+ugWYVkR
6VY1pBYDZG/wmQpqSAfB2dOfst9OwXUfbraXUtfxO8j79SfQ+Q/98o4+SUiD5UES
L4YEaEL4UGldzOdl0IYKbQvjIKEyUMMqcywJnjgLLGXIKGvTRrzAa6Rfjhmwste1
hc4+MkvP7atBfs0tfFWfhZVzmmJy0S5BYaSy/R1BQm66FPUCCMJOfrAJZ/ZA1Wpk
1482wbaGHVbptchHFN5hwBvC33nr+/5elpyoyq5LZjN1hvSN0EoW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org