Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/483241-3dba-4392-aab0-39765a3f9dbc/1/VRo88ocI4B3iPOBoHqvdjU12qeY.roa
File:                     VRo88ocI4B3iPOBoHqvdjU12qeY.roa (raw, json)
Hash identifier:          lo+8A+sG9mkgHqr2z/W83FK/gRLb289Hqn91D49sUW8=
Subject key identifier:   55:1A:3C:F2:87:08:E0:1D:E2:3C:E0:68:1E:AB:DD:8D:4D:76:A9:E6
Certificate issuer:       /CN=75d0ebd8f566e3fab7e2354b714060c6fa47e254
Certificate serial:       0527C4EE
Authority key identifier: 75:D0:EB:D8:F5:66:E3:FA:B7:E2:35:4B:71:40:60:C6:FA:47:E2:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ddDr2PVm4_q34jVLcUBgxvpH4lQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/483241-3dba-4392-aab0-39765a3f9dbc/1/VRo88ocI4B3iPOBoHqvdjU12qeY.roa
Signing time:             Sat 01 Jan 2022 09:54:35 +0000
ROA not before:           Sat 01 Jan 2022 09:54:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60510
IP address blocks:        91.238.34.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 86492398 (0x527c4ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75d0ebd8f566e3fab7e2354b714060c6fa47e254
        Validity
            Not Before: Jan  1 09:54:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=551a3cf28708e01de23ce0681eabdd8d4d76a9e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:59:c3:81:c2:29:cc:a8:dc:b9:0e:31:ec:56:
                    de:77:5d:23:14:43:3a:0c:75:1f:cf:10:5f:ac:16:
                    bb:4b:32:3d:d5:92:f8:44:6d:60:5c:b1:87:6c:b2:
                    7c:5d:b1:60:6e:d1:58:21:ed:bf:78:50:41:72:77:
                    06:ca:8e:39:3b:23:1c:f1:ee:a7:c9:c4:0e:5e:bc:
                    27:4b:fc:5b:e1:e9:29:0d:e5:ff:64:c7:74:e9:78:
                    4e:60:7b:4a:87:65:81:6b:b3:41:5a:0e:bb:77:f4:
                    b8:3e:7c:6e:5b:3b:51:ce:2e:d5:26:21:17:95:dc:
                    b6:93:00:32:d8:7f:2d:01:d4:ea:06:de:25:31:68:
                    7d:6a:71:d2:b2:ed:ff:5b:c7:49:57:dc:c9:b4:21:
                    a1:af:e2:8d:87:8b:0d:0b:e9:0b:f2:35:16:79:4c:
                    5b:1b:ef:3c:24:e5:2d:b6:9a:d2:59:6b:af:eb:6c:
                    a3:72:15:80:8a:fa:4e:85:a1:b6:78:de:e3:2d:90:
                    09:15:11:6b:c8:da:28:82:0d:dc:10:47:9c:fa:e7:
                    ae:7b:fe:80:75:b6:9a:47:5b:a1:ad:21:45:8b:9b:
                    f9:c7:ac:d1:89:ec:d0:bf:f4:25:aa:39:58:c1:65:
                    fc:57:bd:05:3f:ca:1f:28:d3:48:bb:b6:8d:d2:25:
                    65:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:1A:3C:F2:87:08:E0:1D:E2:3C:E0:68:1E:AB:DD:8D:4D:76:A9:E6
            X509v3 Authority Key Identifier:
                keyid:75:D0:EB:D8:F5:66:E3:FA:B7:E2:35:4B:71:40:60:C6:FA:47:E2:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddDr2PVm4_q34jVLcUBgxvpH4lQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/483241-3dba-4392-aab0-39765a3f9dbc/1/VRo88ocI4B3iPOBoHqvdjU12qeY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/483241-3dba-4392-aab0-39765a3f9dbc/1/ddDr2PVm4_q34jVLcUBgxvpH4lQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.238.34.0/23

    Signature Algorithm: sha256WithRSAEncryption
         07:d5:97:3b:ce:2a:72:c5:c5:b4:b6:3f:29:40:16:e3:a6:54:
         61:7e:d1:1a:27:80:ec:3b:e3:68:03:7c:c2:2e:d4:5b:e1:b3:
         af:7f:6b:3c:29:91:60:5b:75:56:3f:a4:b5:14:e9:1b:21:f0:
         b6:cf:b0:5d:32:db:39:f9:ba:06:35:93:a9:5b:2c:63:1d:1a:
         0d:f2:4f:0d:42:44:ee:74:a4:11:f6:11:71:f7:9a:75:58:1a:
         02:0b:45:51:1a:fe:58:b9:d1:00:c9:66:ab:3b:6d:1d:bd:d0:
         d3:cb:6f:6e:ab:d3:91:0f:63:bc:11:cc:1f:ff:fa:ef:c3:a5:
         bd:f8:eb:ce:df:41:50:08:86:74:0e:14:56:16:bf:20:b7:53:
         3e:53:64:b5:ad:08:bc:9e:e9:00:f8:7e:94:5b:b2:c7:67:e2:
         8d:13:92:01:02:3c:cd:e6:77:45:47:30:38:62:0d:31:f7:87:
         94:25:e4:21:8e:97:90:6a:31:9f:a3:fa:73:32:c2:bb:db:6b:
         9c:48:b6:75:35:9d:67:f3:71:1c:b1:62:46:bb:12:e6:ed:a5:
         2b:2f:7b:bf:83:37:53:e5:5d:ad:c9:7e:9c:3a:fb:43:ad:5d:
         cb:ee:7f:15:5a:78:03:0b:bb:eb:39:4d:7d:fe:5a:10:5d:0f:
         68:51:1d:4e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBSfE7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NWQwZWJkOGY1NjZlM2ZhYjdlMjM1NGI3MTQwNjBjNmZhNDdlMjU0MB4XDTIyMDEw
MTA5NTQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTUxYTNjZjI4NzA4
ZTAxZGUyM2NlMDY4MWVhYmRkOGQ0ZDc2YTllNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZZw4HCKcyo3LkOMexW3nddIxRDOgx1H88QX6wWu0syPdWS
+ERtYFyxh2yyfF2xYG7RWCHtv3hQQXJ3BsqOOTsjHPHup8nEDl68J0v8W+HpKQ3l
/2THdOl4TmB7SodlgWuzQVoOu3f0uD58bls7Uc4u1SYhF5XctpMAMth/LQHU6gbe
JTFofWpx0rLt/1vHSVfcybQhoa/ijYeLDQvpC/I1FnlMWxvvPCTlLbaa0llrr+ts
o3IVgIr6ToWhtnje4y2QCRURa8jaKIIN3BBHnPrnrnv+gHW2mkdboa0hRYub+ces
0Yns0L/0Jao5WMFl/Fe9BT/KHyjTSLu2jdIlZTMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRVGjzyhwjgHeI84Ggeq92NTXap5jAfBgNVHSMEGDAWgBR10OvY9Wbj+rfi
NUtxQGDG+kfiVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RkRHIyUFZtNF9xMzRqVkxjVUJneHZwSDRsUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvNDgzMjQxLTNkYmEtNDM5Mi1hYWIwLTM5NzY1YTNmOWRiYy8x
L1ZSbzg4b2NJNEIzaVBPQm9IcXZkalUxMnFlWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
NDgzMjQxLTNkYmEtNDM5Mi1hYWIwLTM5NzY1YTNmOWRiYy8xL2RkRHIyUFZtNF9x
MzRqVkxjVUJneHZwSDRsUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvuIjANBgkqhkiG9w0BAQsFAAOC
AQEAB9WXO84qcsXFtLY/KUAW46ZUYX7RGieA7DvjaAN8wi7UW+Gzr39rPCmRYFt1
Vj+ktRTpGyHwts+wXTLbOfm6BjWTqVssYx0aDfJPDUJE7nSkEfYRcfeadVgaAgtF
URr+WLnRAMlmqzttHb3Q08tvbqvTkQ9jvBHMH//678Olvfjrzt9BUAiGdA4UVha/
ILdTPlNkta0IvJ7pAPh+lFuyx2fijROSAQI8zeZ3RUcwOGINMfeHlCXkIY6XkGox
n6P6czLCu9trnEi2dTWdZ/NxHLFiRrsS5u2lKy97v4M3U+Vdrcl+nDr7Q61dy+5/
FVp4Awu76zlNff5aEF0PaFEdTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:27 2024 by rpki-client on console-fra.rpki-client.org