Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/qfzmmn74fubASHE9tSpyuO_G8ag.roa
File:                     qfzmmn74fubASHE9tSpyuO_G8ag.roa (raw, json)
Hash identifier:          lTJfZgqaI83TKGf9F8UuDJYONvysxh840JQDD/XYI/Q=
Subject key identifier:   A9:FC:E6:9A:7E:F8:7E:E6:C0:48:71:3D:B5:2A:72:B8:EF:C6:F1:A8
Certificate issuer:       /CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Certificate serial:       28F2E253
Authority key identifier: C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/qfzmmn74fubASHE9tSpyuO_G8ag.roa
Signing time:             Sat 01 Jan 2022 09:02:10 +0000
ROA not before:           Sat 01 Jan 2022 09:02:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61236
IP address blocks:        91.238.72.0/23 maxlen: 24
                          185.14.104.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 687006291 (0x28f2e253)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
        Validity
            Not Before: Jan  1 09:02:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a9fce69a7ef87ee6c048713db52a72b8efc6f1a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:82:e4:54:cd:95:eb:ed:06:cf:b0:5e:aa:2d:
                    03:c1:a1:e5:4c:c7:ee:71:d3:9d:fd:0b:97:39:da:
                    37:1c:af:fc:f9:e9:a4:d4:dd:ac:58:96:98:0c:63:
                    b0:b4:12:ab:1f:77:eb:4b:cf:ad:fa:2a:cf:1f:3a:
                    57:b7:05:a5:50:ee:6d:76:78:37:61:8a:79:14:94:
                    56:cc:fb:55:ff:03:32:3e:ad:fa:75:b3:62:f5:70:
                    15:7a:15:fb:34:2c:7b:a8:e3:cb:6c:8f:7f:60:05:
                    ef:91:4a:10:17:98:e7:6a:f8:60:1e:b7:f5:3b:b4:
                    64:00:8e:00:10:d7:bf:95:bd:83:f8:5a:c1:21:90:
                    96:78:42:e9:7b:73:34:3a:80:58:da:8f:3f:32:29:
                    87:db:cb:70:db:6a:fe:2d:06:7f:34:3d:a1:ac:ab:
                    9c:fc:d5:21:9e:e6:6c:ff:00:4f:d2:ce:b6:6a:60:
                    21:54:1d:89:06:c0:60:f9:36:8a:88:a5:5d:c5:2c:
                    e9:7a:23:31:a1:19:a2:5d:26:a1:a7:c2:81:63:56:
                    43:9c:ef:f2:78:0c:a0:45:b3:74:b4:d8:5c:8c:f6:
                    8f:6d:c2:c2:df:5d:6c:98:da:7b:2d:01:60:52:1e:
                    3d:43:1b:a5:4e:c3:94:9a:41:58:18:d5:5c:cf:1b:
                    4d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:FC:E6:9A:7E:F8:7E:E6:C0:48:71:3D:B5:2A:72:B8:EF:C6:F1:A8
            X509v3 Authority Key Identifier:
                keyid:C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/qfzmmn74fubASHE9tSpyuO_G8ag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.238.72.0/23
                  185.14.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:51:8f:fb:a3:1b:68:3f:af:d9:42:a9:f8:48:07:33:ad:52:
         aa:b0:52:69:69:59:a5:98:89:72:18:6a:a7:df:2b:01:72:3d:
         f7:0f:de:87:de:1c:18:f6:17:60:1d:0f:26:f3:93:94:0e:81:
         d0:47:c4:54:22:31:d8:09:30:00:80:50:09:ca:ab:cb:20:00:
         48:c9:f9:7d:37:2b:a6:5d:94:c9:42:2f:7a:2c:26:8b:7c:de:
         12:73:b1:71:c4:20:00:ca:c5:08:a9:fe:52:76:12:3f:cb:85:
         4a:0e:f5:43:78:b4:1c:78:1b:56:8a:30:2a:d8:e5:3f:91:69:
         99:06:88:84:84:04:28:20:28:0b:2d:c5:68:a5:80:f1:08:64:
         36:0d:79:85:0e:c7:dd:03:64:71:45:86:fe:c1:5c:2b:d7:87:
         57:b6:57:4b:7a:0e:58:46:99:13:15:80:e8:d4:fb:b1:ff:fa:
         de:25:2b:e0:ea:0a:97:92:e8:dd:6d:4b:df:53:3b:a9:24:35:
         0a:de:86:14:80:0f:11:58:80:92:4f:d2:e6:7a:6d:e3:89:25:
         54:70:a7:a0:b9:0a:ec:3e:26:09:02:02:0a:2f:c2:4f:b9:b8:
         3c:a7:34:11:2c:34:91:ba:5e:d5:d0:b6:2b:34:f8:02:67:fd:
         66:59:02:7f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEKPLiUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWViMDc2ZDE2NzAyYzdkYmVhOTcyZTI5NzJlZjU3NmExZjJjODczMB4XDTIyMDEw
MTA5MDIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTlmY2U2OWE3ZWY4
N2VlNmMwNDg3MTNkYjUyYTcyYjhlZmM2ZjFhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKiC5FTNlevtBs+wXqotA8Gh5UzH7nHTnf0LlznaNxyv/Pnp
pNTdrFiWmAxjsLQSqx9360vPrfoqzx86V7cFpVDubXZ4N2GKeRSUVsz7Vf8DMj6t
+nWzYvVwFXoV+zQse6jjy2yPf2AF75FKEBeY52r4YB639Tu0ZACOABDXv5W9g/ha
wSGQlnhC6XtzNDqAWNqPPzIph9vLcNtq/i0GfzQ9oayrnPzVIZ7mbP8AT9LOtmpg
IVQdiQbAYPk2ioilXcUs6XojMaEZol0moafCgWNWQ5zv8ngMoEWzdLTYXIz2j23C
wt9dbJjaey0BYFIePUMbpU7DlJpBWBjVXM8bTZECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSp/Oaafvh+5sBIcT21KnK478bxqDAfBgNVHSMEGDAWgBTB6wdtFnAsfb6p
cuKXLvV2ofLIczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dlc0hiUlp3TEgyLXFYTGlseTcxZHFIeXlITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzYvYTQzYzZlLTM0OWMtNDkxNC04ZGEzLTZjMzJhNmFiMWVmMi8x
L3Fmem1tbjc0ZnViQVNIRTl0U3B5dU9fRzhhZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYv
YTQzYzZlLTM0OWMtNDkxNC04ZGEzLTZjMzJhNmFiMWVmMi8xL3dlc0hiUlp3TEgy
LXFYTGlseTcxZHFIeXlITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVvuSAMEArkOaDANBgkqhkiG9w0B
AQsFAAOCAQEAklGP+6MbaD+v2UKp+EgHM61SqrBSaWlZpZiJchhqp98rAXI99w/e
h94cGPYXYB0PJvOTlA6B0EfEVCIx2AkwAIBQCcqryyAASMn5fTcrpl2UyUIveiwm
i3zeEnOxccQgAMrFCKn+UnYSP8uFSg71Q3i0HHgbVoowKtjlP5FpmQaIhIQEKCAo
Cy3FaKWA8QhkNg15hQ7H3QNkcUWG/sFcK9eHV7ZXS3oOWEaZExWA6NT7sf/63iUr
4OoKl5Lo3W1L31M7qSQ1Ct6GFIAPEViAkk/S5npt44klVHCnoLkK7D4mCQICCi/C
T7m4PKc0ESw0kbpe1dC2KzT4Amf9ZlkCfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:22 2024 by rpki-client on console-ams.rpki-client.org