Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/ufzBtylyurmSjk83Nx7qz7idhGg.roa
File:                     ufzBtylyurmSjk83Nx7qz7idhGg.roa (raw, json)
Hash identifier:          ps1kDj4wNzPoFz5E4Wvj72bZFkJNGHRgd24rW4j+uBE=
Subject key identifier:   B9:FC:C1:B7:29:72:BA:B9:92:8E:4F:37:37:1E:EA:CF:B8:9D:84:68
Certificate issuer:       /CN=a8438eacf4d064e87a76bb462d3b4b2cc3858a4c
Certificate serial:       055917
Authority key identifier: A8:43:8E:AC:F4:D0:64:E8:7A:76:BB:46:2D:3B:4B:2C:C3:85:8A:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/ufzBtylyurmSjk83Nx7qz7idhGg.roa
Signing time:             Wed 09 Mar 2022 18:00:08 +0000
ROA not before:           Wed 09 Mar 2022 18:00:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57457
IP address blocks:        91.232.66.0/24 maxlen: 24
                          185.210.201.0/24 maxlen: 24
                          91.232.68.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 350487 (0x55917)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8438eacf4d064e87a76bb462d3b4b2cc3858a4c
        Validity
            Not Before: Mar  9 18:00:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b9fcc1b72972bab9928e4f37371eeacfb89d8468
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:8f:6b:e7:cd:b4:ef:5a:ac:e4:94:8a:aa:ca:
                    6e:6d:59:91:01:81:90:7c:1d:37:8b:9b:63:8f:61:
                    b9:3f:32:1d:2f:5d:de:6b:77:5b:a7:7a:e6:17:d8:
                    5c:9f:af:0a:93:dd:54:66:f9:ee:d4:8b:11:c1:fd:
                    c1:f8:60:71:77:83:83:c9:8f:56:a8:fe:81:d6:d1:
                    75:f2:66:6f:f4:82:c2:8d:c1:75:69:fc:92:81:25:
                    a3:88:07:29:6b:3e:eb:2e:01:72:45:a5:0f:d7:07:
                    ea:f7:78:1f:b0:a4:29:e0:8b:f9:90:51:64:00:98:
                    d8:3b:66:78:5b:96:79:f8:70:96:94:70:9e:e7:9f:
                    a5:04:ec:36:5e:33:20:9c:17:f0:9d:d4:ad:83:11:
                    75:13:0f:c1:30:65:64:9a:e4:15:98:f4:2a:c7:3b:
                    1e:eb:db:62:e7:78:79:1e:0f:d3:5f:7b:58:27:1d:
                    1b:37:19:2d:83:05:a4:ff:0b:0e:45:9d:09:fb:4b:
                    c0:ad:0a:5c:2e:24:b4:f5:7f:a2:01:bf:05:33:00:
                    29:51:d9:f8:d7:58:fe:ab:c5:6d:5c:f3:7e:64:ee:
                    a8:06:7d:cc:67:74:7c:73:13:c2:10:0e:8c:42:99:
                    25:b7:ea:fa:23:cf:ab:41:75:57:f3:08:47:d8:6c:
                    f1:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:FC:C1:B7:29:72:BA:B9:92:8E:4F:37:37:1E:EA:CF:B8:9D:84:68
            X509v3 Authority Key Identifier:
                keyid:A8:43:8E:AC:F4:D0:64:E8:7A:76:BB:46:2D:3B:4B:2C:C3:85:8A:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/ufzBtylyurmSjk83Nx7qz7idhGg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/qEOOrPTQZOh6drtGLTtLLMOFikw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.66.0/24
                  91.232.68.0/24
                  185.210.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:d1:f4:8c:49:3a:12:63:c6:41:12:51:e6:a3:c5:81:a6:90:
         5d:2a:7f:77:db:e0:4e:3a:10:7d:42:dc:be:fc:16:b8:0e:d6:
         25:fa:28:ef:01:3c:e3:c0:ee:91:47:d7:20:80:16:fb:61:ae:
         ec:63:cb:1d:86:12:5f:0a:44:7c:41:93:39:ba:fd:e8:5f:3c:
         a5:38:9d:51:ef:0d:78:f3:72:62:22:33:76:b9:10:ce:81:71:
         4a:ed:c5:04:a7:1f:c6:b8:c8:cc:47:a7:c0:88:78:3e:70:53:
         a6:1f:04:77:09:32:f6:82:96:ea:aa:1b:7b:a2:9b:b3:89:f2:
         b0:37:26:bf:b4:87:7f:c2:70:c0:8c:76:f2:8b:af:9e:b3:c1:
         ce:9d:97:4f:05:2c:85:49:57:c5:a6:54:09:96:7f:19:b3:e1:
         f7:c4:1e:f4:ad:14:e9:db:b0:70:eb:98:2e:66:38:e2:84:84:
         b8:42:45:b7:4f:2d:5e:c6:93:60:38:79:7c:67:a9:89:c3:78:
         db:43:53:dd:37:69:54:1c:73:d7:09:63:ea:e7:25:e1:aa:79:
         37:d7:c0:ae:52:49:7f:2a:28:eb:d1:b7:02:65:54:e3:22:72:
         76:91:1f:38:64:06:45:2a:4d:98:6d:7f:1e:79:96:21:f9:93:
         8c:7c:86:35
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIDBVkXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
NDM4ZWFjZjRkMDY0ZTg3YTc2YmI0NjJkM2I0YjJjYzM4NThhNGMwHhcNMjIwMzA5
MTgwMDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiOWZjYzFiNzI5NzJi
YWI5OTI4ZTRmMzczNzFlZWFjZmI4OWQ4NDY4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoI9r582071qs5JSKqspubVmRAYGQfB03i5tjj2G5PzIdL13e
a3dbp3rmF9hcn68Kk91UZvnu1IsRwf3B+GBxd4ODyY9WqP6B1tF18mZv9ILCjcF1
afySgSWjiAcpaz7rLgFyRaUP1wfq93gfsKQp4Iv5kFFkAJjYO2Z4W5Z5+HCWlHCe
55+lBOw2XjMgnBfwndStgxF1Ew/BMGVkmuQVmPQqxzse69ti53h5Hg/TX3tYJx0b
NxktgwWk/wsORZ0J+0vArQpcLiS09X+iAb8FMwApUdn411j+q8VtXPN+ZO6oBn3M
Z3R8cxPCEA6MQpklt+r6I8+rQXVX8whH2Gzx1wIDAQABo4ICFTCCAhEwHQYDVR0O
BBYEFLn8wbcpcrq5ko5PNzce6s+4nYRoMB8GA1UdIwQYMBaAFKhDjqz00GToena7
Ri07SyzDhYpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cUVPT3JQVFFaT2g2ZHJ0R0xUdExMTU9GaWt3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMS84ZTExMjItOGNiOS00ODcyLTg4MTEtMWMyODAwODMxYzY0LzEv
dWZ6QnR5bHl1cm1Tams4M054N3F6N2lkaEdnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84
ZTExMjItOGNiOS00ODcyLTg4MTEtMWMyODAwODMxYzY0LzEvcUVPT3JQVFFaT2g2
ZHJ0R0xUdExMTU9GaWt3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG
CCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+hCAwQAW+hEAwQAudLJMA0GCSqG
SIb3DQEBCwUAA4IBAQAy0fSMSToSY8ZBElHmo8WBppBdKn932+BOOhB9Qty+/Ba4
DtYl+ijvATzjwO6RR9cggBb7Ya7sY8sdhhJfCkR8QZM5uv3oXzylOJ1R7w1483Ji
IjN2uRDOgXFK7cUEpx/GuMjMR6fAiHg+cFOmHwR3CTL2gpbqqht7opuzifKwNya/
tId/wnDAjHbyi6+es8HOnZdPBSyFSVfFplQJln8Zs+H3xB70rRTp27Bw65guZjji
hIS4QkW3Ty1expNgOHl8Z6mJw3jbQ1PdN2lUHHPXCWPq5yXhqnk318CuUkl/Kijr
0bcCZVTjInJ2kR84ZAZFKk2YbX8eeZYh+ZOMfIY1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:23 2024 by rpki-client on console-ams.rpki-client.org