Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/9YYb2XBt4viyMjolqbVzU8fwfAw.roa
File:                     9YYb2XBt4viyMjolqbVzU8fwfAw.roa (raw, json)
Hash identifier:          m+SINTlh61/nXm1U/gaGJ+MpmVumHLdp/oVPUwlp/+k=
Subject key identifier:   F5:86:1B:D9:70:6D:E2:F8:B2:32:3A:25:A9:B5:73:53:C7:F0:7C:0C
Certificate issuer:       /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial:       0B31521C
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/9YYb2XBt4viyMjolqbVzU8fwfAw.roa
Signing time:             Thu 17 Mar 2022 22:25:17 +0000
ROA not before:           Thu 17 Mar 2022 22:25:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61135
IP address blocks:        91.151.93.0/24 maxlen: 32
                          91.151.90.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 187781660 (0xb31521c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
        Validity
            Not Before: Mar 17 22:25:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f5861bd9706de2f8b2323a25a9b57353c7f07c0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:17:04:c1:0c:74:6a:2e:8a:9d:a1:d4:e6:18:
                    43:7c:13:1b:ed:72:77:7f:c8:1f:67:29:1a:c4:5e:
                    0e:ff:a0:0a:93:aa:4c:d7:81:2e:41:87:21:97:d4:
                    ea:3a:40:03:79:3b:ef:da:5f:60:11:7c:a2:77:38:
                    43:c6:81:85:fd:f1:a4:d5:0d:28:ce:b7:87:c3:4b:
                    ab:df:12:f2:20:81:f7:ac:44:83:f0:cf:74:30:aa:
                    8e:85:49:94:41:7c:94:31:be:c3:0e:04:33:9c:9c:
                    bd:80:f6:6e:65:cd:73:ad:b9:3b:fc:f6:69:53:46:
                    3a:e3:bf:83:b5:22:6d:61:11:c0:25:c2:8f:64:a6:
                    1f:84:4c:24:1a:ef:a0:a6:da:7e:3c:c3:c9:84:9a:
                    50:56:f7:c8:84:84:75:79:8e:ca:63:2e:a4:39:d8:
                    f2:75:49:e4:e6:4a:02:d8:03:77:d8:4d:47:cd:3f:
                    b2:d0:25:61:1c:a6:fc:dc:a7:43:2a:d8:5c:bc:e5:
                    af:1d:87:66:6a:ea:ec:6e:83:28:bc:3a:ef:81:f3:
                    56:ee:95:a4:3c:df:1d:01:90:16:b7:a9:e1:c4:9a:
                    f8:67:31:2f:86:29:b4:dd:3e:8b:b8:bc:78:9e:0a:
                    d6:e1:6a:9e:aa:04:00:f1:30:fe:f9:e3:8a:69:42:
                    b2:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:86:1B:D9:70:6D:E2:F8:B2:32:3A:25:A9:B5:73:53:C7:F0:7C:0C
            X509v3 Authority Key Identifier:
                keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/9YYb2XBt4viyMjolqbVzU8fwfAw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.151.90.0/24
                  91.151.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:ed:70:84:ca:e5:16:f8:14:c6:46:8e:c0:c4:d0:45:40:06:
         85:76:27:43:63:90:e5:79:85:02:6d:6e:db:93:4b:af:bf:be:
         cb:22:8c:66:a6:70:e5:72:4d:d7:ba:e3:4a:2a:58:01:c4:73:
         82:cd:70:87:15:e5:87:c4:e7:89:d2:f6:91:1b:2e:21:e3:14:
         d4:ad:d5:0e:e5:38:68:24:15:13:f7:ba:23:be:8b:48:28:b5:
         ef:18:1f:c1:23:55:58:df:24:60:b2:e6:f2:de:e3:c2:6a:a3:
         d2:9b:cc:f3:ed:36:e0:84:60:c7:09:1e:a6:fa:dd:1c:a2:ae:
         d9:00:e3:e9:f9:70:e9:3f:3b:5c:1a:06:13:e8:c9:f3:74:a2:
         c0:55:29:d0:77:1a:9a:76:7c:56:d7:ff:7d:01:8c:da:0e:bc:
         7f:55:fc:92:dc:21:33:a0:89:ab:77:4d:d8:a0:20:27:2b:79:
         e1:b7:db:da:e9:49:8d:95:15:a7:ab:82:d7:32:b9:71:e0:32:
         9a:46:14:23:5c:8d:dd:3e:19:57:95:c3:4e:79:5e:d5:1b:b4:
         99:08:44:fe:f9:c1:a2:f5:86:5e:9d:03:6b:3f:be:b4:8c:54:
         91:2c:32:d5:0b:b6:23:ae:af:45:da:bc:cf:9f:ae:18:25:ec:
         a2:b7:fd:14
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECzFSHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDMx
NzIyMjUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjU4NjFiZDk3MDZk
ZTJmOGIyMzIzYTI1YTliNTczNTNjN2YwN2MwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAXBMEMdGouip2h1OYYQ3wTG+1yd3/IH2cpGsReDv+gCpOq
TNeBLkGHIZfU6jpAA3k779pfYBF8onc4Q8aBhf3xpNUNKM63h8NLq98S8iCB96xE
g/DPdDCqjoVJlEF8lDG+ww4EM5ycvYD2bmXNc625O/z2aVNGOuO/g7UibWERwCXC
j2SmH4RMJBrvoKbafjzDyYSaUFb3yISEdXmOymMupDnY8nVJ5OZKAtgDd9hNR80/
stAlYRym/NynQyrYXLzlrx2HZmrq7G6DKLw674HzVu6VpDzfHQGQFrep4cSa+Gcx
L4YptN0+i7i8eJ4K1uFqnqoEAPEw/vnjimlCsvECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT1hhvZcG3i+LIyOiWptXNTx/B8DDAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
LzlZWWIyWEJ0NHZpeU1qb2xxYlZ6VThmd2ZBdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFuXWgMEAFuXXTANBgkqhkiG9w0B
AQsFAAOCAQEAOu1whMrlFvgUxkaOwMTQRUAGhXYnQ2OQ5XmFAm1u25NLr7++yyKM
ZqZw5XJN17rjSipYAcRzgs1whxXlh8TnidL2kRsuIeMU1K3VDuU4aCQVE/e6I76L
SCi17xgfwSNVWN8kYLLm8t7jwmqj0pvM8+024IRgxwkepvrdHKKu2QDj6flw6T87
XBoGE+jJ83SiwFUp0HcamnZ8Vtf/fQGM2g68f1X8ktwhM6CJq3dN2KAgJyt54bfb
2ulJjZUVp6uC1zK5ceAymkYUI1yN3T4ZV5XDTnle1Ru0mQhE/vnBovWGXp0Daz++
tIxUkSwy1Qu2I66vRdq8z5+uGCXsorf9FA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:38 2024 by rpki-client on console-ams.rpki-client.org