Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/xJv934rUb2uyh4LVZ1sKw1Uj4T4.roa
File:                     xJv934rUb2uyh4LVZ1sKw1Uj4T4.roa (raw, json)
Hash identifier:          VvK2zrtBDQ6h47FLRQ1P+RbdofB9+jjf97NLaXs1Uio=
Subject key identifier:   C4:9B:FD:DF:8A:D4:6F:6B:B2:87:82:D5:67:5B:0A:C3:55:23:E1:3E
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       0184FD88A20275DE0C66D1EF8640DD7E1D53
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/xJv934rUb2uyh4LVZ1sKw1Uj4T4.roa
Signing time:             Sat 10 Dec 2022 19:35:00 +0000
ROA not before:           Sat 10 Dec 2022 19:35:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        185.220.146.0/23 maxlen: 24
                          91.237.119.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:fd:88:a2:02:75:de:0c:66:d1:ef:86:40:dd:7e:1d:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Dec 10 19:35:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c49bfddf8ad46f6bb28782d5675b0ac35523e13e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d7:8e:d9:fe:8b:ce:07:a8:b0:02:9d:31:ba:
                    57:5a:b4:6f:c1:3f:94:dc:00:af:6c:e9:a8:48:7c:
                    42:c0:49:97:83:08:e9:5c:a1:0e:e3:48:4e:c1:40:
                    87:e7:0b:bd:93:ce:3c:c9:ae:2f:1b:02:d7:f0:df:
                    42:2b:ae:50:04:31:10:84:ba:55:08:ab:b9:38:fa:
                    40:32:a5:a4:75:96:ff:4b:b4:26:57:a6:d6:f7:c3:
                    a5:db:5d:c9:63:d9:c8:ac:28:ee:17:0c:ea:cd:5a:
                    5e:8b:6c:22:c9:cd:8a:ab:c4:a8:ac:e8:16:d6:32:
                    b6:59:45:c8:c7:67:57:ce:2e:b3:f0:cb:8c:59:ea:
                    41:43:da:01:cf:c7:ed:9f:0b:77:60:0b:ee:a0:8a:
                    62:7e:4a:be:13:dd:82:5c:d4:c5:47:8f:8e:c1:69:
                    c3:2f:24:51:ee:91:f0:dc:3e:f5:ea:3c:da:44:e2:
                    52:b3:0b:16:4b:9b:9e:1a:13:20:90:33:fe:65:41:
                    24:fe:34:76:45:de:63:a2:d8:c7:12:ea:54:b8:df:
                    95:bb:fa:8a:5b:0a:68:d0:e3:47:a5:72:9d:4b:9b:
                    a0:95:27:b8:1c:54:d7:53:c1:99:79:4b:7d:0b:ef:
                    33:e4:a6:c6:16:93:c2:7d:60:bd:70:33:f4:7d:6d:
                    43:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:9B:FD:DF:8A:D4:6F:6B:B2:87:82:D5:67:5B:0A:C3:55:23:E1:3E
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/xJv934rUb2uyh4LVZ1sKw1Uj4T4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.119.0/24
                  185.220.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1b:f4:3d:a1:8f:e7:0f:6a:cd:a2:57:f4:3e:48:ab:3b:af:32:
         18:dc:cb:8a:93:e6:1e:26:a1:b6:fe:e3:c0:80:dc:e5:b6:93:
         cc:74:84:7b:91:80:13:a8:f0:2a:d7:99:64:81:0c:7c:b7:02:
         98:73:33:dc:cc:e0:02:d5:d6:bf:f7:1d:94:43:1c:54:81:53:
         5a:fb:30:30:21:87:fa:13:ce:90:75:55:28:75:8f:bb:c3:55:
         63:43:84:25:e1:c6:47:50:e1:d0:7c:1f:52:c5:ee:0b:2e:1a:
         7a:51:c7:97:2a:47:6e:b7:c1:0d:81:85:33:f5:aa:07:ad:56:
         4c:07:a0:f9:23:cd:b6:97:5e:bf:df:cb:82:64:58:ac:7f:f5:
         fe:5a:0b:0e:90:9a:5d:9a:87:37:ea:99:bf:4e:d5:70:b8:19:
         8d:f2:08:b8:47:8b:88:52:a3:59:3f:78:97:35:ed:07:78:25:
         01:f8:4e:42:a8:64:94:e0:45:37:1c:55:69:d8:e7:76:44:34:
         2b:dc:2f:0c:b2:9a:cf:4a:7e:be:59:c7:15:6f:a4:c0:b9:7e:
         cf:a4:ae:aa:50:03:95:50:fc:59:71:d0:66:74:63:c3:e8:3c:
         00:9f:93:f8:45:98:ee:75:f7:5a:c8:c2:95:bb:dd:8f:56:2c:
         2a:38:81:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYT9iKICdd4MZtHvhkDdfh1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjIxMjEwMTkzNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDliZmRkZjhhZDQ2ZjZiYjI4NzgyZDU2NzViMGFjMzU1MjNlMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdeO2f6LzgeosAKdMbpXWrRvwT+U
3ACvbOmoSHxCwEmXgwjpXKEO40hOwUCH5wu9k848ya4vGwLX8N9CK65QBDEQhLpV
CKu5OPpAMqWkdZb/S7QmV6bW98Ol213JY9nIrCjuFwzqzVpei2wiyc2Kq8SorOgW
1jK2WUXIx2dXzi6z8MuMWepBQ9oBz8ftnwt3YAvuoIpifkq+E92CXNTFR4+OwWnD
LyRR7pHw3D716jzaROJSswsWS5ueGhMgkDP+ZUEk/jR2Rd5jotjHEupUuN+Vu/qK
Wwpo0ONHpXKdS5uglSe4HFTXU8GZeUt9C+8z5KbGFpPCfWC9cDP0fW1DFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMSb/d+K1G9rsoeC1WdbCsNVI+E+MB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEveEp2OTM0clViMnV5aDRMVloxc0t3MVVqNFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+13AwQB
udySMA0GCSqGSIb3DQEBCwUAA4IBAQAb9D2hj+cPas2iV/Q+SKs7rzIY3MuKk+Ye
JqG2/uPAgNzltpPMdIR7kYATqPAq15lkgQx8twKYczPczOAC1da/9x2UQxxUgVNa
+zAwIYf6E86QdVUodY+7w1VjQ4Ql4cZHUOHQfB9Sxe4LLhp6UceXKkdut8ENgYUz
9aoHrVZMB6D5I822l16/38uCZFisf/X+WgsOkJpdmoc36pm/TtVwuBmN8gi4R4uI
UqNZP3iXNe0HeCUB+E5CqGSU4EU3HFVp2Od2RDQr3C8MsprPSn6+WccVb6TAuX7P
pK6qUAOVUPxZcdBmdGPD6DwAn5P4RZjudfdayMKVu92PViwqOIE5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:58 2024 by rpki-client on console-ams.rpki-client.org