Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/bhv5_MnQGk-osn3360RIYaLFBrE.roa
File:                     bhv5_MnQGk-osn3360RIYaLFBrE.roa (raw, json)
Hash identifier:          tGg1IDaVnm6FWhNCk6ZyP3gT2OLKB9aN0Ur1p+VgsnI=
Subject key identifier:   6E:1B:F9:FC:C9:D0:1A:4F:A8:B2:7D:F7:EB:44:48:61:A2:C5:06:B1
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       01822585D1D94AED74C611B8691E1F7A4099
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/bhv5_MnQGk-osn3360RIYaLFBrE.roa
Signing time:             Fri 22 Jul 2022 10:48:23 +0000
ROA not before:           Fri 22 Jul 2022 10:48:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197890
IP address blocks:        91.186.208.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:25:85:d1:d9:4a:ed:74:c6:11:b8:69:1e:1f:7a:40:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jul 22 10:48:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6e1bf9fcc9d01a4fa8b27df7eb444861a2c506b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:8b:f1:34:6b:23:f0:5e:14:b9:8e:88:eb:85:
                    20:16:94:ac:f5:0d:0c:da:da:92:b2:40:fd:06:c6:
                    41:98:41:d4:2c:4c:b8:3c:99:53:f8:8b:7f:35:39:
                    3e:ad:56:19:54:bd:de:72:0d:9f:3e:7c:6a:69:13:
                    75:44:b1:7d:c3:90:78:4a:f9:ea:21:df:70:4b:9f:
                    fd:53:b1:b0:d5:f2:76:38:a7:74:55:f3:2b:54:58:
                    f4:3d:32:f3:db:8b:e3:70:28:63:19:8b:cd:e5:5f:
                    73:b3:1f:8d:ad:26:24:4d:d3:5a:cd:d2:cb:ae:06:
                    fb:18:58:46:1a:0c:ed:4d:48:78:e0:b6:79:c6:e5:
                    f0:54:e3:6f:91:e6:58:17:92:cf:c5:c8:b6:ac:0b:
                    eb:0f:66:de:26:b8:41:3f:30:03:e0:af:a8:02:24:
                    91:3e:11:37:9f:cb:d3:43:67:73:67:4c:a9:ff:ee:
                    ab:8a:0a:44:02:9b:9e:c2:70:6d:ea:f7:19:af:75:
                    54:99:4e:3d:4b:29:74:fa:3f:f6:83:fa:b5:2e:32:
                    6f:9b:4f:ed:92:2f:9c:c6:65:7f:c6:0f:db:e2:a4:
                    89:42:57:6e:fe:a2:b8:6c:9e:de:34:4c:c0:8a:52:
                    f5:c8:99:77:ef:de:42:2b:a8:db:58:bc:34:3b:18:
                    a5:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:1B:F9:FC:C9:D0:1A:4F:A8:B2:7D:F7:EB:44:48:61:A2:C5:06:B1
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/bhv5_MnQGk-osn3360RIYaLFBrE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.186.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:3b:76:10:f9:74:9d:9a:8d:34:ae:15:80:9f:74:fc:dc:81:
         06:f8:e7:14:0a:99:b4:78:41:10:ec:2b:15:c0:5e:48:1d:3a:
         d5:74:00:31:eb:ac:c3:4e:44:96:06:94:6d:eb:f7:c0:95:2e:
         9e:3b:4f:f0:ce:18:b8:77:61:5a:19:ed:65:1d:6c:76:de:61:
         c4:7a:38:7e:32:af:6e:6d:fb:a6:35:e7:32:b5:3e:85:d3:13:
         3c:ef:fc:ef:46:f6:6f:0d:b3:9c:d4:c7:f9:76:95:39:da:32:
         b1:88:03:94:c4:a0:3c:87:9b:6f:b9:03:af:08:d2:e7:1a:3d:
         da:4e:a0:00:58:8c:d0:7e:02:e1:bc:30:ed:55:2c:c9:ce:a0:
         68:2c:b9:29:a7:ad:ba:fd:0f:c8:e2:2d:63:98:80:b4:65:77:
         fa:6a:cd:cd:07:93:a5:d2:f7:25:e2:40:61:c6:53:c0:a6:66:
         db:37:5a:ff:02:12:d8:ef:d9:40:7e:7a:a2:a1:8f:29:17:5e:
         9c:34:a2:31:d4:23:5f:42:91:f9:ba:7a:f9:be:6c:48:0f:0d:
         dc:07:f6:a9:82:b3:f0:31:48:02:ff:bb:26:13:cf:20:08:58:
         96:d8:6b:db:8b:f6:6e:08:4e:c1:cf:d6:68:3f:e9:ca:23:2f:
         fa:ca:77:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIlhdHZSu10xhG4aR4fekCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIwNzIyMTA0ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFiZjlmY2M5ZDAxYTRmYThiMjdkZjdlYjQ0NDg2MWEyYzUwNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4vxNGsj8F4UuY6I64UgFpSs9Q0M
2tqSskD9BsZBmEHULEy4PJlT+It/NTk+rVYZVL3ecg2fPnxqaRN1RLF9w5B4Svnq
Id9wS5/9U7Gw1fJ2OKd0VfMrVFj0PTLz24vjcChjGYvN5V9zsx+NrSYkTdNazdLL
rgb7GFhGGgztTUh44LZ5xuXwVONvkeZYF5LPxci2rAvrD2beJrhBPzAD4K+oAiSR
PhE3n8vTQ2dzZ0yp/+6rigpEApuewnBt6vcZr3VUmU49Syl0+j/2g/q1LjJvm0/t
ki+cxmV/xg/b4qSJQldu/qK4bJ7eNEzAilL1yJl3795CK6jbWLw0OxilmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4b+fzJ0BpPqLJ99+tESGGixQaxMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvYmh2NV9NblFHay1vc24zMzYwUklZYUxGQnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7rQMA0G
CSqGSIb3DQEBCwUAA4IBAQAoO3YQ+XSdmo00rhWAn3T83IEG+OcUCpm0eEEQ7CsV
wF5IHTrVdAAx66zDTkSWBpRt6/fAlS6eO0/wzhi4d2FaGe1lHWx23mHEejh+Mq9u
bfumNecytT6F0xM87/zvRvZvDbOc1Mf5dpU52jKxiAOUxKA8h5tvuQOvCNLnGj3a
TqAAWIzQfgLhvDDtVSzJzqBoLLkpp626/Q/I4i1jmIC0ZXf6as3NB5Ol0vcl4kBh
xlPApmbbN1r/AhLY79lAfnqioY8pF16cNKIx1CNfQpH5unr5vmxIDw3cB/apgrPw
MUgC/7smE88gCFiW2Gvbi/ZuCE7Bz9ZoP+nKIy/6ynf6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org