Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/y7PWwhv-pdiXvPIsRmEMeM3IusA.roa
File:                     y7PWwhv-pdiXvPIsRmEMeM3IusA.roa (raw, json)
Hash identifier:          9jE9YMuw9nfyd2/V5jJTCmo9VdC0CaRDbiHnF1voQbs=
Subject key identifier:   CB:B3:D6:C2:1B:FE:A5:D8:97:BC:F2:2C:46:61:0C:78:CD:C8:BA:C0
Certificate issuer:       /CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Certificate serial:       0563AAEB
Authority key identifier: 91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/y7PWwhv-pdiXvPIsRmEMeM3IusA.roa
Signing time:             Sat 01 Jan 2022 05:55:17 +0000
ROA not before:           Sat 01 Jan 2022 05:55:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49675
IP address blocks:        185.161.180.0/24 maxlen: 24
                          185.161.181.0/24 maxlen: 24
                          185.161.183.0/24 maxlen: 24
                          185.161.182.0/24 maxlen: 24
                          46.17.200.0/21 maxlen: 21
                          46.17.201.0/24 maxlen: 24
                          46.17.202.0/24 maxlen: 24
                          46.17.206.0/24 maxlen: 24
                          46.17.200.0/24 maxlen: 24
                          46.17.204.0/24 maxlen: 24
                          46.17.205.0/24 maxlen: 24
                          46.17.203.0/24 maxlen: 24
                          46.17.207.0/24 maxlen: 24
                          2a02:26a8:f000::/36 maxlen: 36
                          2a02:26a8:ffff::/48 maxlen: 48
                          2a02:26a8:3::/48 maxlen: 48
                          2a02:26a8:fffe::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90417899 (0x563aaeb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
        Validity
            Not Before: Jan  1 05:55:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cbb3d6c21bfea5d897bcf22c46610c78cdc8bac0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b6:00:6e:80:fa:24:56:6f:0f:3b:0e:ea:ec:
                    e1:b1:7e:96:9a:68:48:51:dd:6d:0b:3d:13:cd:6f:
                    12:a3:e4:bb:1e:d6:34:a6:ba:ed:ca:3a:2f:d5:34:
                    77:e0:7b:01:ec:dd:da:43:3f:d1:0f:6d:db:e5:70:
                    55:28:16:b4:07:50:39:dc:f1:8a:52:f2:d0:df:97:
                    f5:84:c7:c8:0e:27:7a:78:e6:68:25:86:87:c3:70:
                    69:3b:3d:a1:9b:6b:1b:b5:15:7a:88:e4:cb:92:46:
                    85:1a:e3:e9:76:85:03:55:cf:52:77:b2:fd:7c:92:
                    13:33:15:df:e8:b2:e3:e8:4b:0a:3a:14:42:d0:7a:
                    a4:dc:63:04:fa:87:cb:c4:f7:2f:44:8e:ef:be:5b:
                    87:6c:1f:70:b5:1b:c6:b1:97:55:c9:21:6f:f7:d4:
                    e3:52:7a:33:b1:91:9a:7f:be:a7:bf:9b:e5:16:68:
                    01:32:65:32:4a:71:e9:0d:b0:01:eb:91:63:62:c4:
                    16:22:c9:56:01:d8:5e:56:9d:4e:b8:10:69:fe:63:
                    1e:50:53:52:74:dd:9a:fb:d6:75:86:98:66:84:22:
                    b0:58:dd:b6:f6:4f:b2:e8:b9:63:c6:cc:40:63:dd:
                    bc:da:fd:6c:f4:08:1f:18:da:11:8b:2f:97:03:c0:
                    a3:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:B3:D6:C2:1B:FE:A5:D8:97:BC:F2:2C:46:61:0C:78:CD:C8:BA:C0
            X509v3 Authority Key Identifier:
                keyid:91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/y7PWwhv-pdiXvPIsRmEMeM3IusA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.17.200.0/21
                  185.161.180.0/22
                IPv6:
                  2a02:26a8:3::/48
                  2a02:26a8:f000::/36

    Signature Algorithm: sha256WithRSAEncryption
         51:69:10:53:b7:8c:98:a4:6e:7b:0d:6a:fd:d2:11:d6:5f:03:
         95:95:f3:3f:9f:77:75:40:e1:90:56:d5:30:83:27:fa:61:be:
         21:07:13:c6:66:cb:1a:7d:06:18:26:be:7e:43:08:19:c7:40:
         05:a3:51:12:85:21:5a:8a:c2:4d:e2:70:a3:e5:02:9a:ed:64:
         6b:07:d4:f7:82:e2:c6:b3:99:ff:8c:d9:ab:a2:df:cc:db:c3:
         e6:bf:fd:4e:86:4b:4a:c3:cf:90:b4:43:b1:02:2b:35:72:b8:
         fc:6f:25:de:b5:14:09:6b:45:b7:2e:fa:c9:ea:1d:b3:71:d5:
         5d:51:6e:fd:d3:84:37:27:cb:21:ea:31:ac:14:55:55:49:79:
         50:77:87:05:9b:07:af:6b:66:f4:1e:aa:0b:62:d2:98:da:f5:
         3a:50:35:b8:b0:9d:6f:1d:3b:79:4b:e0:4b:64:b8:d2:0c:1b:
         96:0a:3a:54:94:9e:d1:89:58:1a:1b:57:99:df:25:92:7b:c6:
         48:fb:11:c3:d4:b1:27:05:45:c9:cd:ad:a0:b8:fa:48:47:ff:
         25:7e:bd:e2:e1:dc:dd:75:a7:69:b0:7b:db:cb:74:18:f9:7d:
         7d:6a:e3:44:8b:3a:40:d0:37:7b:ed:ce:1e:8c:54:db:7c:2e:
         5e:b1:08:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEBWOq6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MWQwMWM0N2YwMGU2NGYzNWNjNzUyZDAzYjM0YTcxYjcxNDA2YjNmMB4XDTIyMDEw
MTA1NTUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JiM2Q2YzIxYmZl
YTVkODk3YmNmMjJjNDY2MTBjNzhjZGM4YmFjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALq2AG6A+iRWbw87Durs4bF+lppoSFHdbQs9E81vEqPkux7W
NKa67co6L9U0d+B7Aezd2kM/0Q9t2+VwVSgWtAdQOdzxilLy0N+X9YTHyA4nenjm
aCWGh8NwaTs9oZtrG7UVeojky5JGhRrj6XaFA1XPUney/XySEzMV3+iy4+hLCjoU
QtB6pNxjBPqHy8T3L0SO775bh2wfcLUbxrGXVckhb/fU41J6M7GRmn++p7+b5RZo
ATJlMkpx6Q2wAeuRY2LEFiLJVgHYXladTrgQaf5jHlBTUnTdmvvWdYaYZoQisFjd
tvZPsui5Y8bMQGPdvNr9bPQIHxjaEYsvlwPAoxMCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBTLs9bCG/6l2Je88ixGYQx4zci6wDAfBgNVHSMEGDAWgBSR0BxH8A5k81zH
UtA7NKcbcUBrPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tkQWNSX0FPWlBOY3gxTFFPelNuRzNGQWF6OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvYjBmYzBjLWM1MzctNDBiNC05YjViLTU2YjAwNmVmMGQzYi8x
L3k3UFd3aHYtcGRpWHZQSXNSbUVNZU0zSXVzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
YjBmYzBjLWM1MzctNDBiNC05YjViLTU2YjAwNmVmMGQzYi8xL2tkQWNSX0FPWlBO
Y3gxTFFPelNuRzNGQWF6OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wEgQCAAEwDAMEAy4RyAMEArmhtDAXBAIAAjARAwcA
KgImqAADAwYEKgImqPAwDQYJKoZIhvcNAQELBQADggEBAFFpEFO3jJikbnsNav3S
EdZfA5WV8z+fd3VA4ZBW1TCDJ/phviEHE8Zmyxp9Bhgmvn5DCBnHQAWjURKFIVqK
wk3icKPlAprtZGsH1PeC4sazmf+M2aui38zbw+a//U6GS0rDz5C0Q7ECKzVyuPxv
Jd61FAlrRbcu+snqHbNx1V1Rbv3ThDcnyyHqMawUVVVJeVB3hwWbB69rZvQeqgti
0pja9TpQNbiwnW8dO3lL4EtkuNIMG5YKOlSUntGJWBobV5nfJZJ7xkj7EcPUsScF
RcnNraC4+khH/yV+veLh3N11p2mwe9vLdBj5fX1q40SLOkDQN3vtzh6MVNt8Ll6x
CIo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:14 2024 by rpki-client on console-fra.rpki-client.org