Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/O16DAxptRxUZklTgJ2WHv31GBNs.roa
File:                     O16DAxptRxUZklTgJ2WHv31GBNs.roa (raw, json)
Hash identifier:          IEpvY1xcsYvanlHG6Z0F2/gtrF/GBEv1aOWdOmqoUOs=
Subject key identifier:   3B:5E:83:03:1A:6D:47:15:19:92:54:E0:27:65:87:BF:7D:46:04:DB
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       0756FFC0
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/O16DAxptRxUZklTgJ2WHv31GBNs.roa
Signing time:             Sat 01 Jan 2022 03:51:26 +0000
ROA not before:           Sat 01 Jan 2022 03:51:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15440
IP address blocks:        91.244.197.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123142080 (0x756ffc0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: Jan  1 03:51:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3b5e83031a6d4715199254e0276587bf7d4604db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c0:40:ab:0b:75:c0:b9:7e:4d:f4:77:76:e2:
                    81:06:01:2a:a4:f0:47:33:7d:0e:8b:58:38:56:6b:
                    09:c2:b7:b3:74:5f:b7:8e:42:86:68:fc:9f:f6:3f:
                    e3:0f:97:85:a8:ed:ac:77:52:2e:5a:56:72:c8:17:
                    88:59:a0:bc:ab:26:c3:f7:63:65:da:cd:5c:cf:2d:
                    15:a4:3b:f4:93:7d:00:e8:b5:70:06:c9:db:e3:f1:
                    ae:36:eb:46:81:92:4d:e9:e7:a2:2b:73:f4:0c:d0:
                    5c:3e:f9:fe:04:13:be:8b:98:84:cc:1c:9e:bb:e9:
                    b7:35:dc:4c:6b:eb:ad:f4:d5:f9:07:a3:ae:99:75:
                    b2:3f:a2:9c:3a:be:49:77:49:12:5a:55:eb:16:84:
                    e3:a7:0b:46:a9:56:00:1f:5c:3e:f1:64:c2:92:42:
                    d6:f2:c9:29:58:9a:1c:2e:e7:05:6f:8d:95:67:7d:
                    15:81:2b:0f:6e:0c:0b:78:d7:e1:f0:7c:5c:26:3c:
                    fb:32:37:98:d5:55:5b:bb:00:c6:fe:de:7d:7c:31:
                    76:c9:cc:6b:30:1d:36:64:13:49:97:e8:79:36:8d:
                    3f:19:6c:36:a5:04:52:0e:8d:b9:14:98:ec:32:cc:
                    90:ad:48:14:11:75:e6:35:50:55:f0:99:aa:29:ab:
                    95:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:5E:83:03:1A:6D:47:15:19:92:54:E0:27:65:87:BF:7D:46:04:DB
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/O16DAxptRxUZklTgJ2WHv31GBNs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.244.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:2c:9a:c3:60:1b:5e:41:2b:41:c7:d5:93:51:cf:6e:d9:d4:
         49:8b:51:11:d7:7e:64:99:6b:77:d6:74:62:8b:1f:44:41:1e:
         3e:ce:19:0e:91:10:60:07:ab:dc:fa:da:03:90:f3:ca:5d:50:
         c5:cb:ac:9f:7d:72:68:ad:07:32:02:fb:0a:67:92:36:7b:c3:
         91:9a:7c:c2:91:ee:d7:7f:f9:d7:f7:a7:5f:2f:31:4e:59:99:
         e2:f2:5d:8c:a9:9c:0a:a4:80:7b:ae:5f:aa:67:a7:4f:28:04:
         ce:8c:fa:ae:d7:4e:24:52:02:54:8a:cf:9b:3d:fa:a1:46:07:
         48:29:8e:97:b1:94:9b:86:c1:e5:58:f0:e6:3a:8e:ae:dd:10:
         e0:ab:38:0c:ad:5d:27:37:9b:1a:b9:1c:4b:50:7d:01:2e:63:
         cb:ce:1d:8d:02:4d:ef:c2:bc:5f:00:c6:d8:88:02:59:cc:3e:
         c9:eb:53:37:07:52:71:de:52:b0:d7:59:64:78:39:aa:20:ec:
         5e:a9:61:60:5f:c9:68:3d:24:6c:05:10:bb:47:31:37:9f:ae:
         7d:41:ca:00:0f:c9:97:90:4e:b5:dc:f4:d6:44:7d:03:87:9a:
         b0:60:65:f8:67:8f:36:1b:6a:d5:b9:25:88:82:e0:91:c7:5e:
         f7:96:a9:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB1b/wDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDEw
MTAzNTEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2I1ZTgzMDMxYTZk
NDcxNTE5OTI1NGUwMjc2NTg3YmY3ZDQ2MDRkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnAQKsLdcC5fk30d3bigQYBKqTwRzN9DotYOFZrCcK3s3Rf
t45Chmj8n/Y/4w+XhajtrHdSLlpWcsgXiFmgvKsmw/djZdrNXM8tFaQ79JN9AOi1
cAbJ2+PxrjbrRoGSTennoitz9AzQXD75/gQTvouYhMwcnrvptzXcTGvrrfTV+Qej
rpl1sj+inDq+SXdJElpV6xaE46cLRqlWAB9cPvFkwpJC1vLJKViaHC7nBW+NlWd9
FYErD24MC3jX4fB8XCY8+zI3mNVVW7sAxv7efXwxdsnMazAdNmQTSZfoeTaNPxls
NqUEUg6NuRSY7DLMkK1IFBF15jVQVfCZqimrlUECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ7XoMDGm1HFRmSVOAnZYe/fUYE2zAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L08xNkRBeHB0UnhVWmtsVGdKMldIdjMxR0JOcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFv0xTANBgkqhkiG9w0BAQsFAAOC
AQEARyyaw2AbXkErQcfVk1HPbtnUSYtREdd+ZJlrd9Z0YosfREEePs4ZDpEQYAer
3PraA5Dzyl1Qxcusn31yaK0HMgL7CmeSNnvDkZp8wpHu13/51/enXy8xTlmZ4vJd
jKmcCqSAe65fqmenTygEzoz6rtdOJFICVIrPmz36oUYHSCmOl7GUm4bB5Vjw5jqO
rt0Q4Ks4DK1dJzebGrkcS1B9AS5jy84djQJN78K8XwDG2IgCWcw+yetTNwdScd5S
sNdZZHg5qiDsXqlhYF/JaD0kbAUQu0cxN5+ufUHKAA/Jl5BOtdz01kR9A4easGBl
+GePNhtq1bkliILgkcde95apdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:42 2024 by rpki-client on console-ams.rpki-client.org