Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/FssbUa8zgHOI6fxmUrAOMVI4QIk.roa
File:                     FssbUa8zgHOI6fxmUrAOMVI4QIk.roa (raw, json)
Hash identifier:          CZ9RyUFRBjzrsq60FPDuxxN4Y7xe9nmvU5wmWmsMzog=
Subject key identifier:   16:CB:1B:51:AF:33:80:73:88:E9:FC:66:52:B0:0E:31:52:38:40:89
Certificate issuer:       /CN=2f920d9912b3a728b94818188ef3e3e57f8d3f9c
Certificate serial:       03D1DC02
Authority key identifier: 2F:92:0D:99:12:B3:A7:28:B9:48:18:18:8E:F3:E3:E5:7F:8D:3F:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L5INmRKzpyi5SBgYjvPj5X-NP5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/FssbUa8zgHOI6fxmUrAOMVI4QIk.roa
Signing time:             Sat 01 Jan 2022 06:54:55 +0000
ROA not before:           Sat 01 Jan 2022 06:54:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204991
IP address blocks:        91.203.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64084994 (0x3d1dc02)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f920d9912b3a728b94818188ef3e3e57f8d3f9c
        Validity
            Not Before: Jan  1 06:54:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=16cb1b51af33807388e9fc6652b00e3152384089
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a0:0d:3a:06:07:5c:18:75:f6:87:52:b6:19:
                    44:1c:b3:ea:44:f0:97:ff:ad:39:be:74:cf:d5:04:
                    70:4b:0d:e0:5e:8c:94:9d:40:41:30:3c:a5:cc:41:
                    7a:b0:52:75:3e:75:41:91:89:a4:8f:8b:df:52:91:
                    97:2d:58:62:4e:df:55:15:ca:8d:f7:09:42:ea:15:
                    61:f5:a3:a6:9c:0d:5d:47:59:5b:bb:ad:75:fc:ea:
                    04:52:29:ad:3a:35:c2:26:0e:66:b8:b1:d0:24:a1:
                    5d:aa:28:36:c0:31:ae:8e:df:ca:83:5b:c9:16:c3:
                    f5:94:99:e7:28:f1:b9:8b:34:75:bf:c3:c2:8c:b8:
                    58:25:92:47:f1:95:81:92:e6:ba:e3:91:d3:db:a5:
                    08:2d:64:ce:3f:9b:eb:0f:51:9c:54:2f:fa:5f:ba:
                    d4:31:ed:52:20:3b:db:13:05:bf:36:cc:8d:4b:f1:
                    06:33:08:2d:a0:c5:bc:c8:7c:2d:a7:fa:7b:cb:5a:
                    29:c9:ac:c4:78:4b:48:d7:12:34:ee:90:f4:40:9b:
                    49:98:60:b7:05:25:41:d9:90:0c:17:d3:81:29:08:
                    53:c1:92:45:96:50:f0:e6:ab:d4:bf:80:4d:4f:a8:
                    45:a4:4d:f2:3d:87:0c:12:73:dc:33:d7:55:0e:3e:
                    6e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:CB:1B:51:AF:33:80:73:88:E9:FC:66:52:B0:0E:31:52:38:40:89
            X509v3 Authority Key Identifier:
                keyid:2F:92:0D:99:12:B3:A7:28:B9:48:18:18:8E:F3:E3:E5:7F:8D:3F:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5INmRKzpyi5SBgYjvPj5X-NP5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/FssbUa8zgHOI6fxmUrAOMVI4QIk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/L5INmRKzpyi5SBgYjvPj5X-NP5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.203.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:50:e1:88:e6:b0:b4:12:40:57:b2:34:6d:ab:ef:bd:10:a4:
         ae:22:2c:cc:f8:d8:c4:63:b0:be:6e:08:43:f9:cc:f9:14:cc:
         06:63:8f:0a:ff:5d:28:b5:f6:d1:f9:ea:a1:9a:fc:8d:5d:44:
         d3:67:cb:9f:89:10:50:f0:c7:ff:85:50:07:a4:74:88:bb:60:
         cc:96:70:e5:6f:e5:e1:fd:78:7d:15:0a:10:53:71:41:56:ad:
         e2:09:72:85:e5:7c:c3:ed:47:79:92:e6:aa:3f:6d:9e:32:88:
         04:82:2f:16:48:75:10:5e:f0:28:56:b8:cd:c9:0c:7e:2a:2b:
         51:2a:3b:05:f2:3f:e5:82:62:0b:cb:e2:fb:6d:2b:a9:cd:2a:
         2a:08:c9:56:db:91:4f:87:b2:ca:ad:d0:1e:19:ba:2b:89:42:
         b9:03:03:ab:da:ef:8a:8f:e6:47:84:05:ad:c8:e7:39:de:aa:
         13:26:81:95:86:a6:68:22:9d:17:2d:cc:82:d1:89:85:2b:09:
         46:97:8f:55:6a:9c:3b:9e:e3:d6:f4:28:1e:d5:1f:bf:17:a2:
         2e:48:57:c0:78:a6:de:57:9b:3e:b3:77:11:49:86:f5:d8:5a:
         2c:e1:2a:24:ce:9b:ad:10:30:f4:41:3d:1b:dc:e0:60:48:cb:
         65:d0:b5:c9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9HcAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjkyMGQ5OTEyYjNhNzI4Yjk0ODE4MTg4ZWYzZTNlNTdmOGQzZjljMB4XDTIyMDEw
MTA2NTQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTZjYjFiNTFhZjMz
ODA3Mzg4ZTlmYzY2NTJiMDBlMzE1MjM4NDA4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqgDToGB1wYdfaHUrYZRByz6kTwl/+tOb50z9UEcEsN4F6M
lJ1AQTA8pcxBerBSdT51QZGJpI+L31KRly1YYk7fVRXKjfcJQuoVYfWjppwNXUdZ
W7utdfzqBFIprTo1wiYOZrix0CShXaooNsAxro7fyoNbyRbD9ZSZ5yjxuYs0db/D
woy4WCWSR/GVgZLmuuOR09ulCC1kzj+b6w9RnFQv+l+61DHtUiA72xMFvzbMjUvx
BjMILaDFvMh8Laf6e8taKcmsxHhLSNcSNO6Q9ECbSZhgtwUlQdmQDBfTgSkIU8GS
RZZQ8Oar1L+ATU+oRaRN8j2HDBJz3DPXVQ4+bjcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQWyxtRrzOAc4jp/GZSsA4xUjhAiTAfBgNVHSMEGDAWgBQvkg2ZErOnKLlI
GBiO8+Plf40/nDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w1SU5tUkt6cHlpNVNCZ1lqdlBqNVgtTlA1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvNjI2NTI1LTZhYzQtNGFkMy1iOGQyLTljMzAwMDI0NTY3Ni8x
L0Zzc2JVYTh6Z0hPSTZmeG1VckFPTVZJNFFJay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
NjI2NTI1LTZhYzQtNGFkMy1iOGQyLTljMzAwMDI0NTY3Ni8xL0w1SU5tUkt6cHlp
NVNCZ1lqdlBqNVgtTlA1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvL4jANBgkqhkiG9w0BAQsFAAOC
AQEAP1DhiOawtBJAV7I0bavvvRCkriIszPjYxGOwvm4IQ/nM+RTMBmOPCv9dKLX2
0fnqoZr8jV1E02fLn4kQUPDH/4VQB6R0iLtgzJZw5W/l4f14fRUKEFNxQVat4gly
heV8w+1HeZLmqj9tnjKIBIIvFkh1EF7wKFa4zckMfiorUSo7BfI/5YJiC8vi+20r
qc0qKgjJVtuRT4eyyq3QHhm6K4lCuQMDq9rvio/mR4QFrcjnOd6qEyaBlYamaCKd
Fy3MgtGJhSsJRpePVWqcO57j1vQoHtUfvxeiLkhXwHim3lebPrN3EUmG9dhaLOEq
JM6brRAw9EE9G9zgYEjLZdC1yQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:29 2024 by rpki-client on console-ams.rpki-client.org