Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/UqiBrYyDM9z4UxMquDp_WGxKDn4.roa
File:                     UqiBrYyDM9z4UxMquDp_WGxKDn4.roa (raw, json)
Hash identifier:          ql5kHKstxHwEHghkwjUFkh+3emldcEbV3BECScvmsw8=
Subject key identifier:   52:A8:81:AD:8C:83:33:DC:F8:53:13:2A:B8:3A:7F:58:6C:4A:0E:7E
Certificate issuer:       /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial:       0B45F4DE
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/UqiBrYyDM9z4UxMquDp_WGxKDn4.roa
Signing time:             Fri 25 Mar 2022 22:51:49 +0000
ROA not before:           Fri 25 Mar 2022 22:51:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211557
IP address blocks:        91.151.94.0/24 maxlen: 24
                          91.151.84.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 189134046 (0xb45f4de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
        Validity
            Not Before: Mar 25 22:51:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=52a881ad8c8333dcf853132ab83a7f586c4a0e7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:8d:88:b3:43:d1:ba:8c:e2:75:19:5a:8e:40:
                    ce:ad:d0:98:79:f8:b4:01:b9:be:c4:7f:27:bf:73:
                    b6:d4:4c:28:82:a9:14:75:34:ca:93:53:e6:a0:f5:
                    d8:5e:04:59:97:50:21:26:9d:c8:36:a4:27:da:f3:
                    c4:70:dd:3f:bc:13:eb:ec:af:c0:ef:63:48:e8:43:
                    02:0c:06:db:d7:96:5b:c1:3c:e6:92:0d:15:94:d0:
                    10:47:7b:58:d7:03:c2:b2:bb:12:b6:57:92:cb:61:
                    61:de:b8:57:0b:c1:bc:4a:3f:94:be:94:ea:87:48:
                    52:6b:55:1d:be:3f:94:77:ce:7d:f7:0e:86:a1:35:
                    29:d7:39:0b:52:f2:38:43:5d:bc:6d:eb:6d:28:84:
                    ca:39:85:02:3f:8b:dc:83:d0:09:b5:bb:bd:8c:af:
                    2c:67:73:e7:2d:17:f3:25:12:22:a8:59:0d:de:c1:
                    9d:78:0b:2b:6d:ce:6d:15:8b:00:f4:31:75:1e:07:
                    82:ff:af:b2:64:27:3e:e1:ac:c4:ef:22:bc:d3:47:
                    e1:50:b2:06:0e:9b:15:16:f5:38:80:8a:7f:9c:99:
                    6c:de:60:7f:58:63:70:ec:70:0a:b4:8c:90:4e:05:
                    eb:0e:52:5e:5a:9d:15:ac:44:13:9d:55:73:c5:9d:
                    48:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:A8:81:AD:8C:83:33:DC:F8:53:13:2A:B8:3A:7F:58:6C:4A:0E:7E
            X509v3 Authority Key Identifier:
                keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/UqiBrYyDM9z4UxMquDp_WGxKDn4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.151.84.0/24
                  91.151.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:d8:0e:b8:c8:bb:6d:5f:eb:00:ac:f6:49:1c:e6:cf:10:b2:
         f0:e8:5c:0e:5a:f3:52:84:2e:62:0a:a3:55:7f:0b:8f:f2:e4:
         c3:1c:80:e0:97:e5:5c:be:6d:e6:b9:2b:45:3c:79:8e:da:3e:
         0d:9a:74:16:21:f7:24:a3:55:4c:0a:1b:4b:b9:8d:a7:79:6e:
         94:f3:51:22:cd:45:a8:a7:1c:0b:1c:03:2b:57:aa:65:0e:61:
         7b:81:f9:24:9a:76:39:78:cb:59:36:3c:1d:56:b9:a2:22:59:
         a7:68:a9:9d:5c:d8:0e:5d:ee:5a:77:b6:bb:44:f3:d0:98:22:
         8f:92:f6:db:fe:2f:d8:12:b3:fd:b7:93:6f:40:f6:79:b7:85:
         66:24:20:be:bf:a7:8f:21:07:ed:7b:35:23:7e:d1:9e:63:1d:
         00:3b:3e:75:02:b1:9b:cb:43:cc:91:2f:a7:4d:9d:15:61:ba:
         2a:1e:03:54:4a:4e:e7:3c:8e:fe:51:cc:c8:25:17:c7:98:f5:
         87:6a:dd:4f:a8:98:cd:fd:94:d0:0f:e7:99:d5:df:f3:c0:9c:
         df:fd:1b:64:58:10:9c:de:d3:26:4c:0c:3d:5b:a0:f9:41:4a:
         bd:2d:9e:1c:b0:02:41:5f:15:55:5a:1c:b2:8c:c7:23:ce:b3:
         c8:73:ad:55
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEC0X03jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDMy
NTIyNTE0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJhODgxYWQ4Yzgz
MzNkY2Y4NTMxMzJhYjgzYTdmNTg2YzRhMGU3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSNiLND0bqM4nUZWo5Azq3QmHn4tAG5vsR/J79zttRMKIKp
FHU0ypNT5qD12F4EWZdQISadyDakJ9rzxHDdP7wT6+yvwO9jSOhDAgwG29eWW8E8
5pINFZTQEEd7WNcDwrK7ErZXksthYd64VwvBvEo/lL6U6odIUmtVHb4/lHfOffcO
hqE1Kdc5C1LyOENdvG3rbSiEyjmFAj+L3IPQCbW7vYyvLGdz5y0X8yUSIqhZDd7B
nXgLK23ObRWLAPQxdR4Hgv+vsmQnPuGsxO8ivNNH4VCyBg6bFRb1OICKf5yZbN5g
f1hjcOxwCrSMkE4F6w5SXlqdFaxEE51Vc8WdSAsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRSqIGtjIMz3PhTEyq4On9YbEoOfjAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
L1VxaUJyWXlETTl6NFV4TXF1RHBfV0d4S0RuNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFuXVAMEAFuXXjANBgkqhkiG9w0B
AQsFAAOCAQEAf9gOuMi7bV/rAKz2SRzmzxCy8OhcDlrzUoQuYgqjVX8Lj/LkwxyA
4JflXL5t5rkrRTx5jto+DZp0FiH3JKNVTAobS7mNp3lulPNRIs1FqKccCxwDK1eq
ZQ5he4H5JJp2OXjLWTY8HVa5oiJZp2ipnVzYDl3uWne2u0Tz0Jgij5L22/4v2BKz
/beTb0D2ebeFZiQgvr+njyEH7Xs1I37RnmMdADs+dQKxm8tDzJEvp02dFWG6Kh4D
VEpO5zyO/lHMyCUXx5j1h2rdT6iYzf2U0A/nmdXf88Cc3/0bZFgQnN7TJkwMPVug
+UFKvS2eHLACQV8VVVocsozHI86zyHOtVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:38 2024 by rpki-client on console-ams.rpki-client.org