Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/1-nM_s_QdyDDkY6yx2-KcJxQYY04.roa
File:                     1-nM_s_QdyDDkY6yx2-KcJxQYY04.roa (raw, json)
Hash identifier:          AcBj15bBKT6hID+VtamPuF95rZ1NTSGLm9TwMrvUvq4=
Subject key identifier:   FA:73:3F:B3:F4:1D:C8:30:E4:63:AC:B1:DB:E2:9C:27:14:18:63:4E
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       07E137BE
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/1-nM_s_QdyDDkY6yx2-KcJxQYY04.roa
Signing time:             Fri 18 Feb 2022 12:41:03 +0000
ROA not before:           Fri 18 Feb 2022 12:41:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        91.244.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 132200382 (0x7e137be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: Feb 18 12:41:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa733fb3f41dc830e463acb1dbe29c271418634e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:41:1c:4a:6e:d3:10:a0:a3:f1:a7:bb:fd:d5:
                    69:31:b9:71:6b:6b:45:b8:77:c1:e4:82:50:01:4e:
                    9b:91:05:d0:5b:de:1c:67:1f:fd:d0:60:d4:50:13:
                    74:cd:af:ae:de:54:b2:29:c5:a2:53:d8:16:71:09:
                    2d:e6:b9:2a:68:37:51:e3:94:22:26:63:d2:5f:fc:
                    44:a3:01:ac:f2:80:7b:6d:fe:8c:95:10:6e:a4:70:
                    4e:00:1e:ba:56:11:85:66:7d:56:1c:38:96:8d:f5:
                    26:13:79:0c:36:9e:71:29:d2:79:4c:1e:9d:e4:3c:
                    b5:3e:2b:13:a3:4e:97:ab:5c:be:8e:59:6e:d1:3e:
                    5f:94:6d:3a:87:0f:df:f3:3b:4b:cd:9c:20:cb:d8:
                    7c:58:0b:e0:6d:a9:8d:90:d0:fc:3b:7c:ab:57:dc:
                    48:65:eb:22:52:65:a1:3f:47:23:40:55:10:f6:34:
                    24:ed:1d:7a:e0:b5:1b:cd:30:16:79:35:47:bf:9c:
                    19:a7:e6:f1:f9:df:1c:78:67:db:f2:c5:2e:fa:f6:
                    68:30:8c:ab:7a:84:28:d7:e0:25:9f:eb:b5:5f:4c:
                    04:a5:67:49:44:c8:29:1a:27:5d:02:ca:aa:43:60:
                    4b:a6:85:93:de:cd:df:62:c1:17:43:59:3b:f5:46:
                    28:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:73:3F:B3:F4:1D:C8:30:E4:63:AC:B1:DB:E2:9C:27:14:18:63:4E
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/1-nM_s_QdyDDkY6yx2-KcJxQYY04.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.244.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c8:92:2d:fa:b2:55:56:e5:66:47:ee:cb:d1:cc:04:91:5b:53:
         26:4e:b1:fa:c8:35:2a:b5:be:49:1d:5a:73:61:44:ac:30:f4:
         c3:49:0e:f0:41:2d:d2:9b:9c:e9:68:f4:d2:d3:ec:e6:b0:07:
         12:d0:63:22:90:d1:e4:10:c8:1d:19:b1:7f:39:d6:9e:9d:ae:
         7a:d4:e4:c3:b9:0c:1b:e0:cc:c4:f0:ea:c4:0c:cc:ce:d6:8b:
         1f:9d:e9:be:20:aa:dd:e2:d5:cf:69:0a:58:04:2e:8e:a8:6f:
         71:d4:0c:f3:ab:e2:45:d2:61:0e:c1:55:21:a3:c2:ac:31:c2:
         cc:f7:8d:72:0b:b4:9c:14:be:f0:3a:65:8d:2f:73:c4:07:46:
         d6:47:2d:b9:c3:e5:83:e4:c8:1e:08:dc:ce:e7:7c:97:23:8c:
         6f:90:45:fb:f0:4c:08:d6:2f:b4:5e:d1:16:e3:6d:04:23:32:
         fb:bb:7d:58:d8:28:7e:ba:34:e7:d8:0a:94:cb:57:16:a1:c0:
         4f:9f:6e:68:c7:b5:a0:d9:a5:94:4f:1a:54:a1:61:33:73:df:
         c0:eb:8d:79:5c:4b:4d:49:64:85:e0:ed:74:2c:3b:6b:fa:ad:
         e3:3e:0a:f2:a5:f9:16:72:8a:e2:d1:90:6c:2a:7a:b8:9e:b0:
         7b:f5:65:11
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEB+E3vjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDIx
ODEyNDEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE3MzNmYjNmNDFk
YzgzMGU0NjNhY2IxZGJlMjljMjcxNDE4NjM0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNBHEpu0xCgo/Gnu/3VaTG5cWtrRbh3weSCUAFOm5EF0Fve
HGcf/dBg1FATdM2vrt5UsinFolPYFnEJLea5Kmg3UeOUIiZj0l/8RKMBrPKAe23+
jJUQbqRwTgAeulYRhWZ9Vhw4lo31JhN5DDaecSnSeUweneQ8tT4rE6NOl6tcvo5Z
btE+X5RtOocP3/M7S82cIMvYfFgL4G2pjZDQ/Dt8q1fcSGXrIlJloT9HI0BVEPY0
JO0deuC1G80wFnk1R7+cGafm8fnfHHhn2/LFLvr2aDCMq3qEKNfgJZ/rtV9MBKVn
SUTIKRonXQLKqkNgS6aFk97N32LBF0NZO/VGKH8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6cz+z9B3IMORjrLHb4pwnFBhjTjAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
LzEtbk1fc19RZHlERGtZNnl4Mi1LY0p4UVlZMDQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Iw
LzBlYzZkMi1mMWQ3LTRiMGEtYWQzMy1lOGVmMmYwOTU5OGUvMS9td3dOQkNKVlp0
dVY2YTA3THZZRkFVbDFxcUkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb9MYwDQYJKoZIhvcNAQELBQAD
ggEBAMiSLfqyVVblZkfuy9HMBJFbUyZOsfrINSq1vkkdWnNhRKww9MNJDvBBLdKb
nOlo9NLT7OawBxLQYyKQ0eQQyB0ZsX851p6drnrU5MO5DBvgzMTw6sQMzM7Wix+d
6b4gqt3i1c9pClgELo6ob3HUDPOr4kXSYQ7BVSGjwqwxwsz3jXILtJwUvvA6ZY0v
c8QHRtZHLbnD5YPkyB4I3M7nfJcjjG+QRfvwTAjWL7Re0RbjbQQjMvu7fVjYKH66
NOfYCpTLVxahwE+fbmjHtaDZpZRPGlShYTNz38DrjXlcS01JZIXg7XQsO2v6reM+
CvKl+RZyiuLRkGwqeriesHv1ZRE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:42 2024 by rpki-client on console-ams.rpki-client.org