Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/lFjegpqJ8hSqgFkJf-LzSdireLY.roa
File:                     lFjegpqJ8hSqgFkJf-LzSdireLY.roa (raw, json)
Hash identifier:          cZL6Xx0dgcZ4e6ItkzOlH6RLhz3DGOLj0o8qsiDumcs=
Subject key identifier:   94:58:DE:82:9A:89:F2:14:AA:80:59:09:7F:E2:F3:49:D8:AB:78:B6
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       018410A57D9121552FCC7EB79F6FB75EA4F6
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/lFjegpqJ8hSqgFkJf-LzSdireLY.roa
Signing time:             Tue 25 Oct 2022 19:36:31 +0000
ROA not before:           Tue 25 Oct 2022 19:36:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398465
IP address blocks:        91.237.119.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:10:a5:7d:91:21:55:2f:cc:7e:b7:9f:6f:b7:5e:a4:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Oct 25 19:36:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9458de829a89f214aa8059097fe2f349d8ab78b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:72:82:6b:04:86:32:e6:c3:31:79:1d:1a:25:
                    b5:7a:ae:b6:5d:b8:0e:2d:7c:75:4a:47:b7:51:b9:
                    e3:f8:4d:dd:4b:95:f6:27:d1:ad:ba:4e:86:8d:80:
                    98:01:b5:65:1a:46:1d:26:ed:f4:ae:da:65:9e:89:
                    d7:60:2a:ac:75:39:de:92:b1:87:9c:7a:4b:6a:f9:
                    ce:66:c3:c2:f6:bb:d9:ff:89:71:1c:57:3f:cd:55:
                    d3:24:b7:3c:ea:fc:ff:25:1c:75:24:e7:7c:39:a1:
                    ed:aa:98:bf:12:58:64:c8:f3:5c:aa:a3:60:a5:06:
                    0a:77:4f:01:18:36:96:0d:66:14:96:80:26:82:2c:
                    b8:85:b9:61:5d:79:f7:b5:5b:e4:e4:c4:23:bc:b5:
                    cc:8a:95:16:0e:4c:ad:7e:b0:03:6d:6b:3c:a1:a5:
                    d0:95:7e:dc:f9:24:c0:e8:6c:34:06:b1:3c:28:aa:
                    82:39:45:ae:83:51:89:ab:c3:ca:eb:69:d2:4f:af:
                    b3:90:09:f2:06:b5:42:1c:2f:36:98:39:0e:d1:ce:
                    d2:80:e2:52:49:f0:8a:72:9b:79:ba:3a:70:bf:be:
                    4f:b7:9d:0f:21:bd:c2:71:a8:7a:c3:5a:02:ff:65:
                    7b:7c:6c:c8:41:1c:f0:55:3b:db:3e:3e:8b:c2:6c:
                    7d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:58:DE:82:9A:89:F2:14:AA:80:59:09:7F:E2:F3:49:D8:AB:78:B6
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/lFjegpqJ8hSqgFkJf-LzSdireLY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:47:8e:a0:d0:cf:3e:59:8d:94:7a:4e:d7:93:08:a0:9e:5f:
         12:dd:0a:71:d1:84:85:e7:f8:70:d2:92:71:b0:30:99:c3:3e:
         2f:27:95:7a:ac:de:5e:5e:21:ea:cb:6e:1b:fd:0e:35:dc:f7:
         a2:77:44:1f:f3:5b:af:67:00:6b:c2:75:36:06:1e:46:3b:fd:
         f3:ab:56:2a:4a:8e:bb:9b:03:50:29:c6:a3:a0:47:69:fb:59:
         97:90:9f:08:6c:5e:f9:d9:28:f1:ba:39:f4:90:7f:f9:e8:59:
         be:ae:c6:55:fb:c3:4a:15:5c:18:07:db:d7:3a:4e:f4:71:45:
         af:76:08:08:48:7b:2a:9e:de:5f:b1:aa:d4:cc:54:e3:61:65:
         03:79:c4:01:ab:b4:f0:b3:98:62:0a:2b:44:d0:72:2d:b1:a0:
         0a:79:e9:99:15:c3:ec:63:ca:9c:68:95:72:8f:72:e1:dd:ed:
         73:7f:50:5b:84:e5:6e:65:99:39:7d:d1:d5:10:ca:83:a1:0c:
         08:13:d7:a6:c1:6c:a9:0a:c7:14:b7:a0:54:f5:6f:91:62:63:
         7f:0a:9b:80:7a:ee:99:15:5c:cc:ea:35:4e:28:bd:45:da:ba:
         61:f7:06:a8:61:51:4a:89:bf:67:96:50:3e:bc:31:02:7e:6e:
         45:4d:a0:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQQpX2RIVUvzH63n2+3XqT2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjIxMDI1MTkzNjMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDU4ZGU4MjlhODlmMjE0YWE4MDU5MDk3ZmUyZjM0OWQ4YWI3OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3KCawSGMubDMXkdGiW1eq62XbgO
LXx1Ske3Ubnj+E3dS5X2J9Gtuk6GjYCYAbVlGkYdJu30rtplnonXYCqsdTnekrGH
nHpLavnOZsPC9rvZ/4lxHFc/zVXTJLc86vz/JRx1JOd8OaHtqpi/ElhkyPNcqqNg
pQYKd08BGDaWDWYUloAmgiy4hblhXXn3tVvk5MQjvLXMipUWDkytfrADbWs8oaXQ
lX7c+STA6Gw0BrE8KKqCOUWug1GJq8PK62nST6+zkAnyBrVCHC82mDkO0c7SgOJS
SfCKcpt5ujpwv75Pt50PIb3Ccah6w1oC/2V7fGzIQRzwVTvbPj6Lwmx9PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRY3oKaifIUqoBZCX/i80nYq3i2MB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvbEZqZWdwcUo4aFNxZ0ZrSmYtTHpTZGlyZUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+13MA0G
CSqGSIb3DQEBCwUAA4IBAQCOR46g0M8+WY2Uek7Xkwignl8S3Qpx0YSF5/hw0pJx
sDCZwz4vJ5V6rN5eXiHqy24b/Q413Peid0Qf81uvZwBrwnU2Bh5GO/3zq1YqSo67
mwNQKcajoEdp+1mXkJ8IbF752Sjxujn0kH/56Fm+rsZV+8NKFVwYB9vXOk70cUWv
dggISHsqnt5fsarUzFTjYWUDecQBq7Tws5hiCitE0HItsaAKeemZFcPsY8qcaJVy
j3Lh3e1zf1BbhOVuZZk5fdHVEMqDoQwIE9emwWypCscUt6BU9W+RYmN/CpuAeu6Z
FVzM6jVOKL1F2rph9waoYVFKib9nllA+vDECfm5FTaBw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org