Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/ml7gIhAf5Ih4LZ7GlTg0uIKozHQ.roa
File:                     ml7gIhAf5Ih4LZ7GlTg0uIKozHQ.roa (raw, json)
Hash identifier:          mVcHXm4OOWuw+o6QK2aoKC3aEWi3gNUfeqEdH3bkKik=
Subject key identifier:   9A:5E:E0:22:10:1F:E4:88:78:2D:9E:C6:95:38:34:B8:82:A8:CC:74
Certificate issuer:       /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial:       037D4DCA
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/ml7gIhAf5Ih4LZ7GlTg0uIKozHQ.roa
Signing time:             Sat 01 Jan 2022 01:59:19 +0000
ROA not before:           Sat 01 Jan 2022 01:59:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.20.255.0/24 maxlen: 24
                          91.239.62.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58543562 (0x37d4dca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
        Validity
            Not Before: Jan  1 01:59:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9a5ee022101fe488782d9ec6953834b882a8cc74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:1b:fe:4f:e5:fd:85:8e:0d:5d:bd:56:9f:a1:
                    6e:75:41:3e:78:29:ea:22:5f:8d:30:04:ca:17:6b:
                    c1:cb:07:01:50:6d:bc:f7:51:35:a1:3f:47:70:4c:
                    cb:e9:6a:de:e2:d7:97:ea:49:45:d6:f8:66:4f:bf:
                    d9:84:9b:f1:90:a9:30:69:0e:94:24:49:12:32:09:
                    e1:88:2c:7a:bf:4e:ab:42:4e:2c:b5:9f:a6:07:ac:
                    72:74:dd:b1:a3:2b:67:82:c5:78:d8:16:22:4c:5d:
                    5d:c8:6c:98:28:58:38:7a:6b:cc:49:34:52:f0:c9:
                    cc:ac:7e:91:46:f2:8e:1c:46:e1:6b:e9:5b:16:24:
                    c2:7a:28:87:bb:ac:aa:12:d9:97:99:19:5c:3c:48:
                    2b:45:69:03:ac:95:72:d7:6b:43:b1:65:6b:f5:17:
                    08:6a:99:bb:7b:b5:9b:e4:a7:0a:12:c9:c7:8e:38:
                    ee:2a:26:b0:0c:dc:dd:d4:25:be:55:04:97:60:cf:
                    26:e0:38:7c:50:10:8b:9a:6c:0e:9e:9c:f6:3e:15:
                    cd:f7:31:c5:a7:ca:8b:4c:7a:24:d6:0e:e9:99:e0:
                    3a:22:95:91:65:c0:ea:0f:d1:17:1c:39:f7:fa:36:
                    af:a0:71:69:e2:b3:0e:b7:9c:95:17:ac:7c:f0:1f:
                    ca:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:5E:E0:22:10:1F:E4:88:78:2D:9E:C6:95:38:34:B8:82:A8:CC:74
            X509v3 Authority Key Identifier:
                keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/ml7gIhAf5Ih4LZ7GlTg0uIKozHQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.62.0/24
                  185.20.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:4e:c3:15:f5:5c:65:6e:92:48:70:7c:da:82:d4:7a:0e:bb:
         18:ca:9d:85:17:41:1a:e5:74:b1:21:aa:91:80:cd:a5:fd:7d:
         25:dc:ce:a6:85:75:48:b9:68:29:3c:ac:0f:4d:2a:a1:f7:14:
         47:1f:02:bf:a5:d9:53:18:db:d2:80:bc:f6:01:ad:68:8b:dd:
         f0:f1:76:05:07:cb:7d:14:76:fd:ea:5c:53:66:3b:19:89:26:
         46:98:4c:93:76:4b:d2:55:29:85:7d:2d:dc:77:93:42:42:b4:
         af:b3:a2:af:47:8a:27:ac:3b:ab:5a:eb:cf:44:99:86:0f:af:
         18:82:af:55:c2:46:bd:cc:0e:98:f1:b1:1f:79:36:6b:d9:c6:
         d4:07:b8:d2:cb:e9:48:78:ae:db:2d:47:86:94:62:bf:56:5d:
         2c:4a:5a:a8:e1:27:c7:0c:bf:2d:8e:15:6f:e8:98:32:f2:20:
         30:36:e5:79:59:6e:52:3c:25:13:a0:0d:02:4f:13:8b:ff:7a:
         bf:26:f9:eb:1b:d4:00:7c:64:0a:ac:29:a3:b0:ad:54:2c:12:
         ac:6d:c4:a0:78:07:13:0f:01:f4:77:21:b4:f5:5e:05:33:70:
         c9:10:ea:75:30:2b:17:ee:a6:6f:e8:46:87:46:ea:f0:63:71:
         fa:fb:9e:a0
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA31NyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzA2YTgyYmIxMTVkNzM5M2UzOWZkNThiNzNiYmYyMGY2Y2QwYjFmMB4XDTIyMDEw
MTAxNTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE1ZWUwMjIxMDFm
ZTQ4ODc4MmQ5ZWM2OTUzODM0Yjg4MmE4Y2M3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsb/k/l/YWODV29Vp+hbnVBPngp6iJfjTAEyhdrwcsHAVBt
vPdRNaE/R3BMy+lq3uLXl+pJRdb4Zk+/2YSb8ZCpMGkOlCRJEjIJ4Ygser9Oq0JO
LLWfpgescnTdsaMrZ4LFeNgWIkxdXchsmChYOHprzEk0UvDJzKx+kUbyjhxG4Wvp
WxYkwnooh7usqhLZl5kZXDxIK0VpA6yVctdrQ7Fla/UXCGqZu3u1m+SnChLJx444
7iomsAzc3dQlvlUEl2DPJuA4fFAQi5psDp6c9j4VzfcxxafKi0x6JNYO6ZngOiKV
kWXA6g/RFxw59/o2r6BxaeKzDreclResfPAfyvkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSaXuAiEB/kiHgtnsaVODS4gqjMdDAfBgNVHSMEGDAWgBQcBqgrsRXXOT45
/Vi3O78g9s0LHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hBYW9LN0VWMXprLU9mMVl0enVfSVBiTkN4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvMTJlYWFkLThhNDUtNDc4OS1iYWI1LTcyNjA1N2ExZjJhNC8x
L21sN2dJaEFmNUloNExaN0dsVGcwdUlLb3pIUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
MTJlYWFkLThhNDUtNDc4OS1iYWI1LTcyNjA1N2ExZjJhNC8xL0hBYW9LN0VWMXpr
LU9mMVl0enVfSVBiTkN4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvvPgMEALkU/zANBgkqhkiG9w0B
AQsFAAOCAQEAck7DFfVcZW6SSHB82oLUeg67GMqdhRdBGuV0sSGqkYDNpf19JdzO
poV1SLloKTysD00qofcURx8Cv6XZUxjb0oC89gGtaIvd8PF2BQfLfRR2/epcU2Y7
GYkmRphMk3ZL0lUphX0t3HeTQkK0r7Oir0eKJ6w7q1rrz0SZhg+vGIKvVcJGvcwO
mPGxH3k2a9nG1Ae40svpSHiu2y1HhpRiv1ZdLEpaqOEnxwy/LY4Vb+iYMvIgMDbl
eVluUjwlE6ANAk8Ti/96vyb56xvUAHxkCqwpo7CtVCwSrG3EoHgHEw8B9HchtPVe
BTNwyRDqdTArF+6mb+hGh0bq8GNx+vueoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:01 2024 by rpki-client on console-ams.rpki-client.org