Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/YKtIqp_xB6yzUTMPAGK12Bkd2qA.roa
File:                     YKtIqp_xB6yzUTMPAGK12Bkd2qA.roa (raw, json)
Hash identifier:          mlfrscih0FvoyV8Laf+oAqPx0zETrJW3X5e9AXlnG64=
Subject key identifier:   60:AB:48:AA:9F:F1:07:AC:B3:51:33:0F:00:62:B5:D8:19:1D:DA:A0
Certificate issuer:       /CN=e19cbb88d2b1a896658506778662e75c732a67e7
Certificate serial:       0182FCF7021AEFDFC9B4CDCCDFB77D76B934
Authority key identifier: E1:9C:BB:88:D2:B1:A8:96:65:85:06:77:86:62:E7:5C:73:2A:67:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/YKtIqp_xB6yzUTMPAGK12Bkd2qA.roa
Signing time:             Fri 02 Sep 2022 06:50:22 +0000
ROA not before:           Fri 02 Sep 2022 06:50:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48954
IP address blocks:        185.220.91.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:fc:f7:02:1a:ef:df:c9:b4:cd:cc:df:b7:7d:76:b9:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e19cbb88d2b1a896658506778662e75c732a67e7
        Validity
            Not Before: Sep  2 06:50:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=60ab48aa9ff107acb351330f0062b5d8191ddaa0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:81:d4:9d:a2:bb:c4:18:e4:f7:bf:9c:eb:7b:
                    8b:fe:82:71:88:34:fc:64:aa:5a:2a:29:3d:97:90:
                    69:01:54:bf:e3:11:9a:48:cd:e0:c1:9d:14:db:a4:
                    29:8e:4a:33:0f:a3:99:58:d3:d3:c8:f0:de:95:ff:
                    ba:ff:90:fc:1d:ca:67:2e:5f:6d:7e:46:86:90:4e:
                    87:66:87:46:a1:96:ed:e5:d3:f8:91:c1:e2:b2:85:
                    15:78:83:13:b3:7c:2f:94:02:65:04:3a:c1:a6:71:
                    d4:7b:b5:95:9d:fb:e7:05:ac:ca:90:ea:cd:bc:c5:
                    a8:4b:b5:2e:10:9f:22:fe:16:cd:cd:ce:1b:17:ee:
                    3e:74:dd:c9:28:8f:1c:95:5f:44:ab:f7:9d:d3:bc:
                    ac:15:71:c0:18:04:4f:77:a8:24:2b:0d:fa:65:f6:
                    39:c2:74:5b:db:08:f1:f0:2c:d1:31:f5:fc:39:f7:
                    1c:30:e8:ce:ec:b7:e7:90:c7:17:1f:95:96:cc:e9:
                    0f:d4:f2:33:2d:da:27:f4:ac:a0:3b:2f:95:3b:1e:
                    0a:14:7f:41:7f:6f:1a:12:7f:c9:5f:34:b4:b9:3a:
                    28:eb:eb:fb:84:ad:8f:50:99:f3:fb:ed:44:c1:83:
                    1f:f6:06:0e:d1:57:e6:99:9e:17:60:38:d8:2d:95:
                    20:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:AB:48:AA:9F:F1:07:AC:B3:51:33:0F:00:62:B5:D8:19:1D:DA:A0
            X509v3 Authority Key Identifier:
                keyid:E1:9C:BB:88:D2:B1:A8:96:65:85:06:77:86:62:E7:5C:73:2A:67:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/YKtIqp_xB6yzUTMPAGK12Bkd2qA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:01:f8:1c:9f:f5:73:5b:c0:b9:88:a7:43:b9:43:53:69:d2:
         c7:22:cb:5e:e5:99:87:c7:66:3e:af:dd:89:3d:79:c5:33:13:
         db:02:3f:42:d4:59:68:93:62:69:48:ba:a6:a8:80:ed:3c:f5:
         8b:2d:01:96:de:33:cd:5b:17:cf:bb:15:af:21:59:42:9d:dd:
         20:1c:de:da:65:9d:13:5c:13:b5:cf:9a:48:45:28:4a:54:61:
         e4:a3:b9:c4:80:60:a8:59:08:0e:fd:6c:d6:86:7f:02:b4:34:
         58:38:c3:1d:85:ea:0f:bb:65:51:17:df:55:3a:60:6f:de:4c:
         b4:37:fd:d4:b2:ec:8a:f0:42:25:e2:ca:9c:54:6c:f9:67:2a:
         f4:01:f9:a7:29:88:0c:62:11:51:c9:69:b3:00:1f:d9:e9:0c:
         26:c3:c1:4f:a7:db:85:50:ab:b9:cd:61:5e:b7:41:41:bb:6d:
         10:80:c2:17:62:51:2a:a2:3e:37:21:38:82:51:c9:f7:35:23:
         f0:e0:73:70:1f:70:a0:47:f0:34:52:9f:a8:cb:8b:c4:1b:af:
         0a:73:62:b0:0c:2d:9d:03:a4:40:db:0c:16:7d:27:2b:d1:f6:
         65:76:92:6a:df:f1:63:0e:dc:84:c0:b5:fa:b8:ba:b8:30:03:
         fd:e0:a0:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL89wIa79/JtM3M37d9drk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxOWNiYjg4ZDJiMWE4OTY2NTg1MDY3Nzg2NjJlNzVjNzMy
YTY3ZTcwHhcNMjIwOTAyMDY1MDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGFiNDhhYTlmZjEwN2FjYjM1MTMzMGYwMDYyYjVkODE5MWRkYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoHUnaK7xBjk97+c63uL/oJxiDT8
ZKpaKik9l5BpAVS/4xGaSM3gwZ0U26QpjkozD6OZWNPTyPDelf+6/5D8HcpnLl9t
fkaGkE6HZodGoZbt5dP4kcHisoUVeIMTs3wvlAJlBDrBpnHUe7WVnfvnBazKkOrN
vMWoS7UuEJ8i/hbNzc4bF+4+dN3JKI8clV9Eq/ed07ysFXHAGARPd6gkKw36ZfY5
wnRb2wjx8CzRMfX8OfccMOjO7LfnkMcXH5WWzOkP1PIzLdon9KygOy+VOx4KFH9B
f28aEn/JXzS0uToo6+v7hK2PUJnz++1EwYMf9gYO0VfmmZ4XYDjYLZUgxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGCrSKqf8Qess1EzDwBitdgZHdqgMB8GA1UdIwQY
MBaAFOGcu4jSsaiWZYUGd4Zi51xzKmfnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFp5N2lOS3hxSlpsaFFaM2htTG5YSE1xWi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hZDEyMTYtYjcxZC00NTU3LWEwODYt
ZWZlYTYzZDA2ZjgwLzEvWUt0SXFwX3hCNnl6VVRNUEFHSzEyQmtkMnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hZDEyMTYtYjcxZC00NTU3LWEwODYtZWZlYTYzZDA2Zjgw
LzEvNFp5N2lOS3hxSlpsaFFaM2htTG5YSE1xWi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudxbMA0G
CSqGSIb3DQEBCwUAA4IBAQAcAfgcn/VzW8C5iKdDuUNTadLHIste5ZmHx2Y+r92J
PXnFMxPbAj9C1Flok2JpSLqmqIDtPPWLLQGW3jPNWxfPuxWvIVlCnd0gHN7aZZ0T
XBO1z5pIRShKVGHko7nEgGCoWQgO/WzWhn8CtDRYOMMdheoPu2VRF99VOmBv3ky0
N/3UsuyK8EIl4sqcVGz5Zyr0AfmnKYgMYhFRyWmzAB/Z6Qwmw8FPp9uFUKu5zWFe
t0FBu20QgMIXYlEqoj43ITiCUcn3NSPw4HNwH3CgR/A0Up+oy4vEG68Kc2KwDC2d
A6RA2wwWfScr0fZldpJq3/FjDtyEwLX6uLq4MAP94KAd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:11 2024 by rpki-client on console-ams.rpki-client.org