Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12c712-0c6e-4fb5-90d9-c1f9158243ea/1/N6ulaMCOu2eeq9hjs7kdejW3kE0.roa
File:                     N6ulaMCOu2eeq9hjs7kdejW3kE0.roa (raw, json)
Hash identifier:          5YkcUx6XbLtq9vM32ps7U3EsPccBXHSS4ntV+zcmcV8=
Subject key identifier:   37:AB:A5:68:C0:8E:BB:67:9E:AB:D8:63:B3:B9:1D:7A:35:B7:90:4D
Certificate issuer:       /CN=9e456eb39c9cc06ce71c7754a03f3f3f009281dd
Certificate serial:       07567F57
Authority key identifier: 9E:45:6E:B3:9C:9C:C0:6C:E7:1C:77:54:A0:3F:3F:3F:00:92:81:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nkVus5ycwGznHHdUoD8_PwCSgd0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/12c712-0c6e-4fb5-90d9-c1f9158243ea/1/N6ulaMCOu2eeq9hjs7kdejW3kE0.roa
Signing time:             Sat 01 Jan 2022 15:05:47 +0000
ROA not before:           Sat 01 Jan 2022 15:05:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44264
IP address blocks:        91.199.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123109207 (0x7567f57)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e456eb39c9cc06ce71c7754a03f3f3f009281dd
        Validity
            Not Before: Jan  1 15:05:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=37aba568c08ebb679eabd863b3b91d7a35b7904d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:64:00:8d:fa:53:3d:50:d7:c1:26:4e:1d:5b:
                    e0:01:10:d9:90:4a:eb:88:a4:ae:35:97:d4:74:d1:
                    96:db:ae:02:a9:cc:ae:81:0a:21:c9:7f:0f:58:38:
                    ae:ac:26:5d:83:4e:74:58:f9:20:fb:1c:c6:9a:a6:
                    04:c2:3c:f9:0d:eb:e4:5c:66:4e:a2:26:d0:2c:59:
                    dd:61:b9:5d:a7:8a:22:68:95:58:cf:86:03:7a:02:
                    7c:fd:ea:69:a5:6d:9e:89:4f:9a:0f:54:9e:c0:dd:
                    bf:04:4a:74:11:06:a2:56:e4:d5:82:95:dc:a2:eb:
                    4c:cf:be:53:80:0e:a3:22:73:ae:85:c3:cc:ec:14:
                    b5:e8:0c:02:fe:83:5f:93:b0:9c:de:0d:c3:3c:c8:
                    76:98:a5:80:c3:31:a8:87:45:2c:52:23:b5:11:b7:
                    2a:9c:b0:29:75:37:2c:c1:04:ee:f9:66:fc:9f:99:
                    d4:64:e3:6b:77:92:6a:1b:c8:08:8f:1d:7c:5c:9b:
                    f1:ef:46:60:4b:38:87:72:66:03:d0:e4:cf:97:9e:
                    1c:fa:5b:a2:20:49:16:86:d3:65:79:cc:cc:90:9f:
                    08:62:50:f3:24:2b:48:59:09:42:b6:41:6c:9f:51:
                    bc:20:4b:22:0a:5e:02:88:66:9b:00:a3:8f:73:80:
                    13:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:AB:A5:68:C0:8E:BB:67:9E:AB:D8:63:B3:B9:1D:7A:35:B7:90:4D
            X509v3 Authority Key Identifier:
                keyid:9E:45:6E:B3:9C:9C:C0:6C:E7:1C:77:54:A0:3F:3F:3F:00:92:81:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkVus5ycwGznHHdUoD8_PwCSgd0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12c712-0c6e-4fb5-90d9-c1f9158243ea/1/N6ulaMCOu2eeq9hjs7kdejW3kE0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12c712-0c6e-4fb5-90d9-c1f9158243ea/1/nkVus5ycwGznHHdUoD8_PwCSgd0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:65:e5:fe:3a:e4:83:53:61:da:4e:87:5a:59:d1:7e:ea:8f:
         36:02:83:65:67:cc:15:61:21:b9:35:0d:b4:77:10:92:31:14:
         7c:46:e6:fb:fb:e0:ad:33:d9:ba:a0:6c:7f:56:a3:fa:54:b5:
         68:9d:1d:0f:3f:49:bb:ac:8b:5c:07:96:26:52:c1:64:5b:ee:
         37:82:7d:7a:8c:17:7d:ce:0c:f3:7b:af:4b:43:4d:db:2a:01:
         a0:2c:44:f9:92:7a:24:be:6f:e4:34:0a:e7:3c:23:c5:35:e4:
         25:42:23:76:6e:b6:60:cf:7b:4b:40:a5:c9:c5:13:3e:95:91:
         7a:a4:1d:ed:a6:cc:ed:ea:34:2e:33:d3:46:cc:07:e3:ef:29:
         d6:6e:81:06:7a:46:51:28:6d:c4:e4:ca:9b:4b:f1:f4:13:88:
         3c:f0:0b:8b:e5:ff:0f:62:0a:aa:c0:26:fb:40:b0:2b:ea:48:
         d9:79:e9:83:20:68:bc:e8:54:2d:99:2f:19:61:0e:81:3a:4e:
         fb:6e:f4:d3:5e:03:e3:f3:f9:ec:e6:91:49:25:14:d5:fb:b8:
         76:d9:29:15:5c:e4:7c:f9:5b:d7:7f:4c:a3:13:2d:51:cf:fa:
         ab:5d:8b:a4:e5:99:19:27:ec:f8:2c:b1:21:14:45:d3:85:20:
         d7:49:da:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB1Z/VzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTQ1NmViMzljOWNjMDZjZTcxYzc3NTRhMDNmM2YzZjAwOTI4MWRkMB4XDTIyMDEw
MTE1MDU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdhYmE1NjhjMDhl
YmI2NzllYWJkODYzYjNiOTFkN2EzNWI3OTA0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1kAI36Uz1Q18EmTh1b4AEQ2ZBK64ikrjWX1HTRltuuAqnM
roEKIcl/D1g4rqwmXYNOdFj5IPscxpqmBMI8+Q3r5FxmTqIm0CxZ3WG5XaeKImiV
WM+GA3oCfP3qaaVtnolPmg9UnsDdvwRKdBEGolbk1YKV3KLrTM++U4AOoyJzroXD
zOwUtegMAv6DX5OwnN4NwzzIdpilgMMxqIdFLFIjtRG3KpywKXU3LMEE7vlm/J+Z
1GTja3eSahvICI8dfFyb8e9GYEs4h3JmA9Dkz5eeHPpboiBJFobTZXnMzJCfCGJQ
8yQrSFkJQrZBbJ9RvCBLIgpeAohmmwCjj3OAE/MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ3q6VowI67Z56r2GOzuR16NbeQTTAfBgNVHSMEGDAWgBSeRW6znJzAbOcc
d1SgPz8/AJKB3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25rVnVzNXljd0d6bkhIZFVvRDhfUHdDU2dkMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvMTJjNzEyLTBjNmUtNGZiNS05MGQ5LWMxZjkxNTgyNDNlYS8x
L042dWxhTUNPdTJlZXE5aGpzN2tkZWpXM2tFMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
MTJjNzEyLTBjNmUtNGZiNS05MGQ5LWMxZjkxNTgyNDNlYS8xL25rVnVzNXljd0d6
bkhIZFVvRDhfUHdDU2dkMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvHSDANBgkqhkiG9w0BAQsFAAOC
AQEAc2Xl/jrkg1Nh2k6HWlnRfuqPNgKDZWfMFWEhuTUNtHcQkjEUfEbm+/vgrTPZ
uqBsf1aj+lS1aJ0dDz9Ju6yLXAeWJlLBZFvuN4J9eowXfc4M83uvS0NN2yoBoCxE
+ZJ6JL5v5DQK5zwjxTXkJUIjdm62YM97S0ClycUTPpWReqQd7abM7eo0LjPTRswH
4+8p1m6BBnpGUShtxOTKm0vx9BOIPPALi+X/D2IKqsAm+0CwK+pI2XnpgyBovOhU
LZkvGWEOgTpO+270014D4/P57OaRSSUU1fu4dtkpFVzkfPlb139MoxMtUc/6q12L
pOWZGSfs+CyxIRRF04Ug10naVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:01 2024 by rpki-client on console-ams.rpki-client.org