Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/a4d378-485c-4b51-a726-ea8411d572ae/1/fBiZVwIq36JmEZubWPvcJxBP6CU.roa
File:                     fBiZVwIq36JmEZubWPvcJxBP6CU.roa (raw, json)
Hash identifier:          aWszsEcy6Dm3Aj/fFUxo/gIJET2CkQ5Ii4fomaqtBt8=
Subject key identifier:   7C:18:99:57:02:2A:DF:A2:66:11:9B:9B:58:FB:DC:27:10:4F:E8:25
Certificate issuer:       /CN=f5f80738351dcfc75af996993a2929c37134a208
Certificate serial:       015600A9
Authority key identifier: F5:F8:07:38:35:1D:CF:C7:5A:F9:96:99:3A:29:29:C3:71:34:A2:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9fgHODUdz8da-ZaZOikpw3E0ogg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/a4d378-485c-4b51-a726-ea8411d572ae/1/fBiZVwIq36JmEZubWPvcJxBP6CU.roa
Signing time:             Sat 01 Jan 2022 14:55:20 +0000
ROA not before:           Sat 01 Jan 2022 14:55:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39497
IP address blocks:        91.198.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22413481 (0x15600a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5f80738351dcfc75af996993a2929c37134a208
        Validity
            Not Before: Jan  1 14:55:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7c189957022adfa266119b9b58fbdc27104fe825
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:bc:55:69:65:25:57:41:82:a2:45:3b:87:8a:
                    23:f2:a8:28:3c:20:b4:3b:03:7a:5f:ea:bc:34:ab:
                    8b:70:12:97:e7:03:29:c1:2b:ed:74:70:11:dc:cb:
                    bf:ed:8a:83:8e:06:48:06:ea:ae:d8:cb:8c:a2:f3:
                    e0:a7:4f:0c:7e:5e:f8:6f:8a:be:07:0b:03:d8:19:
                    7f:dd:23:22:b6:4d:a8:e4:7b:19:de:75:49:ea:d1:
                    29:e3:78:56:1c:3a:3d:ee:82:2b:b5:21:2e:30:a8:
                    af:2f:cb:fb:ba:16:af:2c:77:0b:9a:cf:dd:59:88:
                    86:13:03:a6:55:38:a9:e9:d8:ae:f7:66:73:43:ca:
                    30:bc:7a:d5:1c:e1:f6:29:af:f3:66:2a:31:9e:f0:
                    bc:3f:06:35:2b:ad:a7:08:68:6a:66:4a:6e:f7:90:
                    dd:a9:9b:a9:fe:c8:1c:17:ad:49:36:f7:b5:c0:2f:
                    e1:5c:f4:af:eb:e0:e5:55:65:d4:85:75:5d:6f:92:
                    e4:00:e5:2a:ed:ea:bf:bc:80:3b:78:6e:5c:99:ac:
                    ae:fa:5d:99:91:1c:e0:f7:d7:05:a1:33:ce:06:65:
                    0a:a5:73:d4:bf:50:d5:aa:14:ff:1e:fd:c8:cf:9f:
                    aa:39:ac:ce:42:c9:6d:b4:d7:91:6f:56:92:3b:a0:
                    e3:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:18:99:57:02:2A:DF:A2:66:11:9B:9B:58:FB:DC:27:10:4F:E8:25
            X509v3 Authority Key Identifier:
                keyid:F5:F8:07:38:35:1D:CF:C7:5A:F9:96:99:3A:29:29:C3:71:34:A2:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fgHODUdz8da-ZaZOikpw3E0ogg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/a4d378-485c-4b51-a726-ea8411d572ae/1/fBiZVwIq36JmEZubWPvcJxBP6CU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/a4d378-485c-4b51-a726-ea8411d572ae/1/9fgHODUdz8da-ZaZOikpw3E0ogg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:71:9d:38:39:d9:c0:e4:7a:43:43:ad:ce:05:2d:1a:04:bd:
         76:7a:3f:b4:fb:a9:45:ca:78:0a:ab:10:c7:05:74:8e:02:59:
         ba:4d:1c:dc:46:01:bc:6b:58:cd:f5:c9:b7:bc:78:7d:36:ff:
         11:a1:9b:b5:60:22:56:2d:e0:79:6d:0c:5a:45:3e:a8:13:61:
         eb:2d:a2:44:d3:79:a1:8e:d5:57:1d:d4:41:2d:32:1b:1a:7a:
         6c:7a:af:59:b6:5d:b2:94:40:1e:3e:a2:2e:7f:59:bd:8b:cd:
         b8:11:02:37:a0:4d:5f:58:45:33:79:ef:ab:3c:34:08:d2:a9:
         2e:93:df:00:78:5b:7d:5a:2a:a6:88:e9:3c:40:d8:fd:7a:34:
         50:7d:d8:7e:0d:3d:eb:be:28:09:87:6a:a8:2f:c1:81:44:1f:
         f6:ef:ad:66:34:19:7c:94:de:f1:3e:69:47:93:23:f0:a8:7c:
         19:1d:fe:38:51:be:27:2a:28:54:58:ad:c1:e7:85:7b:f7:9b:
         39:1d:99:cb:db:92:49:fe:ac:59:00:04:6b:8f:a4:fb:87:a9:
         69:47:5c:e7:af:5f:ef:5e:ac:17:0c:96:6d:df:04:3b:f3:00:
         69:fc:0b:4f:af:67:3f:b0:41:82:6d:6e:74:22:16:e4:f4:99:
         83:60:5c:96
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAVYAqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NWY4MDczODM1MWRjZmM3NWFmOTk2OTkzYTI5MjljMzcxMzRhMjA4MB4XDTIyMDEw
MTE0NTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2MxODk5NTcwMjJh
ZGZhMjY2MTE5YjliNThmYmRjMjcxMDRmZTgyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMC8VWllJVdBgqJFO4eKI/KoKDwgtDsDel/qvDSri3ASl+cD
KcEr7XRwEdzLv+2Kg44GSAbqrtjLjKLz4KdPDH5e+G+KvgcLA9gZf90jIrZNqOR7
Gd51SerRKeN4Vhw6Pe6CK7UhLjCory/L+7oWryx3C5rP3VmIhhMDplU4qenYrvdm
c0PKMLx61Rzh9imv82YqMZ7wvD8GNSutpwhoamZKbveQ3ambqf7IHBetSTb3tcAv
4Vz0r+vg5VVl1IV1XW+S5ADlKu3qv7yAO3huXJmsrvpdmZEc4PfXBaEzzgZlCqVz
1L9Q1aoU/x79yM+fqjmszkLJbbTXkW9Wkjug428CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR8GJlXAirfomYRm5tY+9wnEE/oJTAfBgNVHSMEGDAWgBT1+Ac4NR3Px1r5
lpk6KSnDcTSiCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlmZ0hPRFVkejhkYS1aYVpPaWtwdzNFMG9nZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvYTRkMzc4LTQ4NWMtNGI1MS1hNzI2LWVhODQxMWQ1NzJhZS8x
L2ZCaVpWd0lxMzZKbUVadWJXUHZjSnhCUDZDVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
YTRkMzc4LTQ4NWMtNGI1MS1hNzI2LWVhODQxMWQ1NzJhZS8xLzlmZ0hPRFVkejhk
YS1aYVpPaWtwdzNFMG9nZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvGNDANBgkqhkiG9w0BAQsFAAOC
AQEAXnGdODnZwOR6Q0OtzgUtGgS9dno/tPupRcp4CqsQxwV0jgJZuk0c3EYBvGtY
zfXJt7x4fTb/EaGbtWAiVi3geW0MWkU+qBNh6y2iRNN5oY7VVx3UQS0yGxp6bHqv
WbZdspRAHj6iLn9ZvYvNuBECN6BNX1hFM3nvqzw0CNKpLpPfAHhbfVoqpojpPEDY
/Xo0UH3Yfg09674oCYdqqC/BgUQf9u+tZjQZfJTe8T5pR5Mj8Kh8GR3+OFG+Jyoo
VFitweeFe/ebOR2Zy9uSSf6sWQAEa4+k+4epaUdc569f716sFwyWbd8EO/MAafwL
T69nP7BBgm1udCIW5PSZg2Bclg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:39 2024 by rpki-client on console-fra.rpki-client.org