Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Ig1BeNfxcwF0b_TPpBr08HShz10.roa
File:                     Ig1BeNfxcwF0b_TPpBr08HShz10.roa (raw, json)
Hash identifier:          p5g4KHabB5zrcsiF4m3qS0NmhcX+OBtz7/C4uIl9zts=
Subject key identifier:   22:0D:41:78:D7:F1:73:01:74:6F:F4:CF:A4:1A:F4:F0:74:A1:CF:5D
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0183C38639836B7B94BE21F5281FADAA876D
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Ig1BeNfxcwF0b_TPpBr08HShz10.roa
Signing time:             Mon 10 Oct 2022 20:11:37 +0000
ROA not before:           Mon 10 Oct 2022 20:11:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205220
IP address blocks:        91.186.216.0/22 maxlen: 24
                          91.186.220.0/22 maxlen: 24
                          178.253.38.0/23 maxlen: 24
                          178.253.44.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c3:86:39:83:6b:7b:94:be:21:f5:28:1f:ad:aa:87:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Oct 10 20:11:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=220d4178d7f17301746ff4cfa41af4f074a1cf5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:79:c4:65:22:09:6d:13:11:20:3f:2e:f0:02:
                    29:52:16:67:cc:78:7c:51:83:e8:65:9a:20:25:22:
                    4d:7b:5a:ba:fc:42:3b:a4:92:82:7d:02:cd:ce:b3:
                    30:df:dd:69:15:e6:1a:81:0b:27:a9:80:79:0e:1a:
                    b9:36:5f:c0:dd:ce:5b:e2:bf:e1:7f:d4:08:6b:16:
                    ce:66:e3:e7:6b:76:76:9c:4c:b2:f5:e3:40:c5:ed:
                    5a:00:0d:be:c8:e2:fb:f5:b2:f3:a6:89:41:ef:53:
                    8e:83:89:82:27:85:89:b4:e4:62:18:ea:7e:98:56:
                    47:3d:31:48:a2:21:d3:f8:16:7b:06:0f:30:ca:7b:
                    71:fc:8d:f2:23:f0:50:5f:ed:96:e1:9b:c1:3a:ac:
                    20:c5:3e:9b:e5:a3:ba:65:90:a6:d7:2e:7b:72:e0:
                    12:36:d4:a7:5f:25:aa:7a:0e:28:08:c5:40:a4:1f:
                    08:54:95:c7:db:6b:cf:46:b3:18:2f:d0:1e:31:2f:
                    52:19:a2:c1:11:e2:9a:f3:0f:bb:83:ff:5b:fe:63:
                    c4:ee:a9:c4:ce:dc:b2:b8:42:c2:a5:37:01:4b:7b:
                    77:46:de:16:48:4d:20:d8:65:81:3e:c8:c6:39:e0:
                    9e:00:c7:59:16:e1:b3:2e:e5:8c:ab:35:cd:fc:70:
                    81:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:0D:41:78:D7:F1:73:01:74:6F:F4:CF:A4:1A:F4:F0:74:A1:CF:5D
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Ig1BeNfxcwF0b_TPpBr08HShz10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.186.216.0/21
                  178.253.38.0/23
                  178.253.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         65:ce:61:24:14:89:9e:31:14:99:c5:b1:a0:a7:c6:51:dc:9d:
         54:d8:e2:92:e7:2a:a9:54:f6:ec:f0:46:da:93:e2:30:78:b9:
         2c:b0:dc:ef:7e:54:8c:6b:0b:63:ce:35:1d:67:82:e6:6e:db:
         4a:10:2f:b9:c1:41:cd:61:43:fd:5b:97:7b:39:c2:9c:87:6a:
         59:a6:a8:ce:2c:42:d0:71:69:75:49:0f:ae:0f:13:2c:f3:89:
         34:e8:75:28:4d:e1:e2:66:16:81:b5:b5:f8:f4:09:63:a1:57:
         7e:54:7d:c5:73:f4:84:2d:14:2f:ad:4a:f3:cb:fd:58:0f:64:
         ab:22:b6:c1:fd:0d:f5:5f:a2:7e:d2:8c:96:3e:be:f5:39:b4:
         30:3d:6d:42:a4:fd:18:11:d2:af:6b:b5:5b:85:13:06:26:28:
         e5:39:6b:1a:a5:21:a6:b2:0f:0f:74:6a:33:6c:d6:39:a5:49:
         f6:9e:db:31:04:8c:e0:c6:ab:7e:ee:22:ec:46:38:c5:7c:5f:
         46:61:29:0f:09:5f:76:0d:7c:10:b5:6e:03:d7:5e:17:63:69:
         59:9d:26:d0:36:6c:b5:8d:36:80:c0:0f:a0:cd:e7:dd:0e:32:
         02:26:73:3b:69:47:0f:72:c9:61:41:3b:29:cf:8b:e1:31:41:
         53:3e:17:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPDhjmDa3uUviH1KB+tqodtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMDEwMjAxMTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjBkNDE3OGQ3ZjE3MzAxNzQ2ZmY0Y2ZhNDFhZjRmMDc0YTFjZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonnEZSIJbRMRID8u8AIpUhZnzHh8
UYPoZZogJSJNe1q6/EI7pJKCfQLNzrMw391pFeYagQsnqYB5Dhq5Nl/A3c5b4r/h
f9QIaxbOZuPna3Z2nEyy9eNAxe1aAA2+yOL79bLzpolB71OOg4mCJ4WJtORiGOp+
mFZHPTFIoiHT+BZ7Bg8wyntx/I3yI/BQX+2W4ZvBOqwgxT6b5aO6ZZCm1y57cuAS
NtSnXyWqeg4oCMVApB8IVJXH22vPRrMYL9AeMS9SGaLBEeKa8w+7g/9b/mPE7qnE
ztyyuELCpTcBS3t3Rt4WSE0g2GWBPsjGOeCeAMdZFuGzLuWMqzXN/HCBUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCINQXjX8XMBdG/0z6Qa9PB0oc9dMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvSWcxQmVOZnhjd0YwYl9UUHBCcjA4SFNoejEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW7rYAwQB
sv0mAwQBsv0sMA0GCSqGSIb3DQEBCwUAA4IBAQBlzmEkFImeMRSZxbGgp8ZR3J1U
2OKS5yqpVPbs8Ebak+IweLkssNzvflSMawtjzjUdZ4LmbttKEC+5wUHNYUP9W5d7
OcKch2pZpqjOLELQcWl1SQ+uDxMs84k06HUoTeHiZhaBtbX49AljoVd+VH3Fc/SE
LRQvrUrzy/1YD2SrIrbB/Q31X6J+0oyWPr71ObQwPW1CpP0YEdKva7VbhRMGJijl
OWsapSGmsg8PdGozbNY5pUn2ntsxBIzgxqt+7iLsRjjFfF9GYSkPCV92DXwQtW4D
114XY2lZnSbQNmy1jTaAwA+gzefdDjICJnM7aUcPcslhQTspz4vhMUFTPhdo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org