Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/uHyHsDDsV9mvCIqchzH3bEGJ-Ck.roa
File:                     uHyHsDDsV9mvCIqchzH3bEGJ-Ck.roa (raw, json)
Hash identifier:          XEgbnRK1Ol3IqGHbK9lg5BUHbcBYJpibbWZycZBr7yY=
Subject key identifier:   B8:7C:87:B0:30:EC:57:D9:AF:08:8A:9C:87:31:F7:6C:41:89:F8:29
Certificate issuer:       /CN=035e5285dedc35ab63527048b366ee553806ce04
Certificate serial:       06C0F88B
Authority key identifier: 03:5E:52:85:DE:DC:35:AB:63:52:70:48:B3:66:EE:55:38:06:CE:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/uHyHsDDsV9mvCIqchzH3bEGJ-Ck.roa
Signing time:             Sat 01 Jan 2022 09:00:35 +0000
ROA not before:           Sat 01 Jan 2022 09:00:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31463
IP address blocks:        91.213.208.0/24 maxlen: 24
                          91.213.217.0/24 maxlen: 24
                          91.213.215.0/24 maxlen: 24
                          91.213.220.0/24 maxlen: 24
                          2a0f:64c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113309835 (0x6c0f88b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=035e5285dedc35ab63527048b366ee553806ce04
        Validity
            Not Before: Jan  1 09:00:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b87c87b030ec57d9af088a9c8731f76c4189f829
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:01:69:a9:60:1e:e6:b2:57:a4:a2:db:9f:9c:
                    d6:41:db:6c:9f:f8:2d:13:3e:e5:61:3d:32:bb:fe:
                    16:03:77:35:05:88:e2:df:e2:04:40:20:7c:33:13:
                    60:3c:19:f0:69:81:e0:ab:05:bd:81:f3:8c:b5:f8:
                    a9:64:82:f6:97:ea:ce:17:14:53:ff:ea:c0:94:63:
                    88:31:7c:43:16:19:3f:00:27:0f:33:96:72:04:4b:
                    68:4c:47:2f:c0:01:99:11:61:53:8e:a5:c4:76:d8:
                    d8:42:ae:8a:0d:28:ba:57:75:c7:17:3c:a5:6a:89:
                    90:3f:3a:ec:99:81:c5:ef:4d:96:db:03:1e:81:fe:
                    d1:bd:b3:96:f5:53:77:c9:02:17:a4:85:b1:f3:d8:
                    ed:62:c7:95:28:e9:0a:22:42:8f:6d:fd:98:b8:f0:
                    62:a1:ce:bb:fa:b1:02:c1:93:84:a5:f8:3b:ca:f3:
                    d4:67:8f:6d:17:65:a7:70:01:44:68:43:bd:86:29:
                    60:3a:f5:7f:2a:7a:8a:8d:49:58:10:a4:f6:a5:fc:
                    8d:db:73:89:fb:cc:b1:9d:51:11:42:75:c7:fa:2c:
                    0a:75:4f:67:e8:88:ce:a3:6b:0c:29:94:1e:cb:83:
                    73:95:2e:6b:b1:28:58:20:ba:1c:4d:ab:a1:d5:c0:
                    35:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:7C:87:B0:30:EC:57:D9:AF:08:8A:9C:87:31:F7:6C:41:89:F8:29
            X509v3 Authority Key Identifier:
                keyid:03:5E:52:85:DE:DC:35:AB:63:52:70:48:B3:66:EE:55:38:06:CE:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/uHyHsDDsV9mvCIqchzH3bEGJ-Ck.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.208.0/24
                  91.213.215.0/24
                  91.213.217.0/24
                  91.213.220.0/24
                IPv6:
                  2a0f:64c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         04:5a:8a:93:63:38:a0:39:be:62:12:20:ba:07:4b:c8:24:68:
         5c:2e:5e:0e:a4:47:28:8e:09:8f:3b:5e:f6:89:a2:27:1b:4d:
         bb:9b:63:11:df:6b:bb:22:90:ad:4e:47:e6:e4:c9:b6:ee:4c:
         60:3c:60:d1:d5:11:c1:8d:c7:45:29:35:35:58:ba:68:46:c9:
         32:01:3a:78:16:a1:0b:89:c1:d7:5b:1e:c3:32:73:da:c4:fc:
         1e:b7:f7:0c:ae:44:5e:bc:29:02:20:ae:6b:5f:b7:60:82:ba:
         96:95:8c:18:52:e0:39:8d:35:6c:df:ca:af:9f:af:ec:d8:f3:
         68:56:8f:cb:26:2b:e1:9b:9d:76:93:77:de:cc:51:04:cc:21:
         5a:f9:1d:7a:3d:d2:db:70:a7:83:a8:9f:b2:dc:45:8a:e6:8c:
         2e:90:52:c0:58:b8:bd:c7:08:8c:c4:dc:2c:b1:5a:c2:d4:42:
         af:ce:f2:b2:c2:2b:c4:ac:b2:48:b9:05:3f:c5:6d:51:1c:e6:
         a3:9e:67:f8:1f:eb:d2:12:ce:9d:c3:5b:14:24:e2:03:47:30:
         71:1b:16:15:4a:d8:77:f3:07:d4:8d:c6:57:25:0d:b6:02:5c:
         9b:0c:41:31:d6:be:67:e1:14:26:96:c1:c0:34:c6:38:56:22:
         a8:be:ce:7d
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBsD4izANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzVlNTI4NWRlZGMzNWFiNjM1MjcwNDhiMzY2ZWU1NTM4MDZjZTA0MB4XDTIyMDEw
MTA5MDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjg3Yzg3YjAzMGVj
NTdkOWFmMDg4YTljODczMWY3NmM0MTg5ZjgyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMBaalgHuayV6Si25+c1kHbbJ/4LRM+5WE9Mrv+FgN3NQWI
4t/iBEAgfDMTYDwZ8GmB4KsFvYHzjLX4qWSC9pfqzhcUU//qwJRjiDF8QxYZPwAn
DzOWcgRLaExHL8ABmRFhU46lxHbY2EKuig0ould1xxc8pWqJkD867JmBxe9NltsD
HoH+0b2zlvVTd8kCF6SFsfPY7WLHlSjpCiJCj239mLjwYqHOu/qxAsGThKX4O8rz
1GePbRdlp3ABRGhDvYYpYDr1fyp6io1JWBCk9qX8jdtzifvMsZ1REUJ1x/osCnVP
Z+iIzqNrDCmUHsuDc5Uua7EoWCC6HE2rodXANXMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBS4fIewMOxX2a8IipyHMfdsQYn4KTAfBgNVHSMEGDAWgBQDXlKF3tw1q2NS
cEizZu5VOAbOBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ExNVNoZDdjTmF0alVuQklzMmJ1VlRnR3pnUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWQvZjE5NDRiLTEwMWEtNDE4MS1hMzZiLTJjMjcwNzczNmZkYi8x
L3VIeUhzRERzVjltdkNJcWNoekgzYkVHSi1Day5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQv
ZjE5NDRiLTEwMWEtNDE4MS1hMzZiLTJjMjcwNzczNmZkYi8xL0ExNVNoZDdjTmF0
alVuQklzMmJ1VlRnR3pnUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAFvV0AMEAFvV1wMEAFvV2QMEAFvV
3DANBAIAAjAHAwUDKg9kwDANBgkqhkiG9w0BAQsFAAOCAQEABFqKk2M4oDm+YhIg
ugdLyCRoXC5eDqRHKI4Jjzte9omiJxtNu5tjEd9ruyKQrU5H5uTJtu5MYDxg0dUR
wY3HRSk1NVi6aEbJMgE6eBahC4nB11sewzJz2sT8Hrf3DK5EXrwpAiCua1+3YIK6
lpWMGFLgOY01bN/Kr5+v7NjzaFaPyyYr4ZuddpN33sxRBMwhWvkdej3S23Cng6if
stxFiuaMLpBSwFi4vccIjMTcLLFawtRCr87yssIrxKyySLkFP8VtURzmo55n+B/r
0hLOncNbFCTiA0cwcRsWFUrYd/MH1I3GVyUNtgJcmwxBMda+Z+EUJpbBwDTGOFYi
qL7OfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:16 2024 by rpki-client on console-ams.rpki-client.org