Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/i-Y5MGB0mKZUKV9-VdXHGd9LCDM.roa
File:                     i-Y5MGB0mKZUKV9-VdXHGd9LCDM.roa (raw, json)
Hash identifier:          slWSMJLFvLQy/WqZL+CTTGNaA2Z8r6mDJb7AirXyTTY=
Subject key identifier:   8B:E6:39:30:60:74:98:A6:54:29:5F:7E:55:D5:C7:19:DF:4B:08:33
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       053CC49F
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/i-Y5MGB0mKZUKV9-VdXHGd9LCDM.roa
Signing time:             Sat 18 Jun 2022 04:47:44 +0000
ROA not before:           Sat 18 Jun 2022 04:47:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        91.237.119.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 87868575 (0x53cc49f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Jun 18 04:47:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8be63930607498a654295f7e55d5c719df4b0833
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f8:1b:ff:1e:2a:34:d0:f7:a8:3f:2d:dc:0c:
                    0f:5b:e9:db:75:5b:a1:7f:7e:a4:09:b8:50:f4:13:
                    22:43:2d:bd:b9:46:1b:55:c3:67:68:e6:e6:47:a9:
                    73:bf:a1:8b:e6:e5:a3:45:09:dd:9f:c9:16:83:83:
                    02:e6:02:82:0c:b6:f6:59:1d:6b:5d:0e:1a:16:e8:
                    7a:ba:53:3e:99:d3:80:ff:cc:4a:ca:09:60:e2:59:
                    22:68:5e:35:4b:9c:7d:c9:78:34:08:4b:58:1d:82:
                    43:4c:dc:59:cc:a3:96:c7:89:28:73:2b:98:7d:b7:
                    ee:67:a9:cd:a4:13:3a:74:3b:3f:2c:12:b9:ed:20:
                    1f:c3:51:6a:5d:5f:fc:d6:a0:a4:29:6d:f5:69:b1:
                    92:35:b7:e3:63:ad:eb:06:20:4d:76:c9:dd:7b:0a:
                    e1:4c:f1:48:88:3a:a7:26:95:7b:ba:4e:29:de:a3:
                    a5:b8:17:43:5e:7f:2d:8a:df:e4:e6:38:3c:79:ca:
                    5d:8f:82:eb:b6:18:73:28:8c:76:b6:fe:db:07:1b:
                    03:7e:8a:09:87:b4:e1:53:b5:51:d5:e2:1a:2f:f6:
                    0d:df:00:62:4f:7b:bd:97:17:5d:dc:95:d4:26:4d:
                    72:25:06:27:86:f4:d7:9d:93:6d:0f:b5:8e:aa:86:
                    0e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:E6:39:30:60:74:98:A6:54:29:5F:7E:55:D5:C7:19:DF:4B:08:33
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/i-Y5MGB0mKZUKV9-VdXHGd9LCDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:85:f7:a4:41:86:64:fd:57:ea:56:b0:fe:9e:12:1e:df:c7:
         42:d0:83:e1:0f:f6:66:46:ea:0f:eb:4f:ba:67:ff:9c:f2:28:
         d3:fe:a1:87:eb:7e:52:91:d3:d1:26:5d:c4:57:6d:89:29:46:
         6d:18:ef:6a:81:db:24:e8:f9:b7:f4:c5:da:7d:06:58:c7:fd:
         80:0d:69:34:93:7c:2f:77:11:db:49:4c:d1:38:1a:03:52:37:
         98:03:59:a6:be:fe:a2:36:c8:c8:ea:84:7d:1c:8c:bd:78:6a:
         61:5c:67:43:68:22:24:2a:72:54:7b:ba:dd:d6:ed:4e:48:c7:
         8f:33:a2:6d:9d:c5:4c:3a:0a:16:02:94:b0:60:4e:3b:f4:00:
         2f:e5:36:59:4d:d5:8f:ba:c0:f4:72:07:b7:c7:88:b8:fc:63:
         f1:11:b9:52:e9:02:d5:d9:a2:09:4f:f8:67:ac:01:e2:00:84:
         ad:c2:47:ac:f2:12:8d:3d:d1:24:41:fc:b8:57:25:df:5c:8b:
         9e:be:c1:78:08:f3:12:0f:34:3b:3c:b8:18:81:2b:52:1f:e9:
         ab:8c:1e:f9:b6:68:59:32:1a:55:21:61:9d:c3:3e:fd:a3:98:
         a2:ee:ff:74:f7:19:9b:4f:b7:0a:42:a0:f0:5a:3c:1d:41:12:
         dc:4e:ea:eb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBTzEnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODA2ZGE1YTU5MjUxMjc1Y2ViMTg2OTRlMTc0MTUzNTJhZWRkNmFhMB4XDTIyMDYx
ODA0NDc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJlNjM5MzA2MDc0
OThhNjU0Mjk1ZjdlNTVkNWM3MTlkZjRiMDgzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANn4G/8eKjTQ96g/LdwMD1vp23VboX9+pAm4UPQTIkMtvblG
G1XDZ2jm5kepc7+hi+blo0UJ3Z/JFoODAuYCggy29lkda10OGhboerpTPpnTgP/M
SsoJYOJZImheNUucfcl4NAhLWB2CQ0zcWcyjlseJKHMrmH237mepzaQTOnQ7PywS
ue0gH8NRal1f/NagpClt9WmxkjW342Ot6wYgTXbJ3XsK4UzxSIg6pyaVe7pOKd6j
pbgXQ15/LYrf5OY4PHnKXY+C67YYcyiMdrb+2wcbA36KCYe04VO1UdXiGi/2Dd8A
Yk97vZcXXdyV1CZNciUGJ4b0152TbQ+1jqqGDq0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSL5jkwYHSYplQpX35V1ccZ30sIMzAfBgNVHSMEGDAWgBRYBtpaWSUSdc6x
hpThdBU1Ku3WqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dBYmFXbGtsRW5YT3NZYVU0WFFWTlNydDFxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNWRmMTE5LWIxZGYtNGNlYi1iZDRmLWY3OWNjYzNmNGVhZi8x
L2ktWTVNR0IwbUtaVUtWOS1WZFhIR2Q5TENETS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NWRmMTE5LWIxZGYtNGNlYi1iZDRmLWY3OWNjYzNmNGVhZi8xL1dBYmFXbGtsRW5Y
T3NZYVU0WFFWTlNydDFxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvtdzANBgkqhkiG9w0BAQsFAAOC
AQEAZ4X3pEGGZP1X6law/p4SHt/HQtCD4Q/2ZkbqD+tPumf/nPIo0/6hh+t+UpHT
0SZdxFdtiSlGbRjvaoHbJOj5t/TF2n0GWMf9gA1pNJN8L3cR20lM0TgaA1I3mANZ
pr7+ojbIyOqEfRyMvXhqYVxnQ2giJCpyVHu63dbtTkjHjzOibZ3FTDoKFgKUsGBO
O/QAL+U2WU3Vj7rA9HIHt8eIuPxj8RG5UukC1dmiCU/4Z6wB4gCErcJHrPISjT3R
JEH8uFcl31yLnr7BeAjzEg80Ozy4GIErUh/pq4we+bZoWTIaVSFhncM+/aOYou7/
dPcZm0+3CkKg8Fo8HUES3E7q6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org