Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/BWdoC4Zn1qgENEN8JTGqpkqPskI.roa
File:                     BWdoC4Zn1qgENEN8JTGqpkqPskI.roa (raw, json)
Hash identifier:          nmwwskF6yEjB3GHD5n6YZ4UkW3Hp9fA75XpE1TrkPP4=
Subject key identifier:   05:67:68:0B:86:67:D6:A8:04:34:43:7C:25:31:AA:A6:4A:8F:B2:42
Certificate issuer:       /CN=d098e907c63457e6ca6281dfe297d972bffda805
Certificate serial:       02440B2A
Authority key identifier: D0:98:E9:07:C6:34:57:E6:CA:62:81:DF:E2:97:D9:72:BF:FD:A8:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/BWdoC4Zn1qgENEN8JTGqpkqPskI.roa
Signing time:             Sat 01 Jan 2022 06:04:47 +0000
ROA not before:           Sat 01 Jan 2022 06:04:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39114
IP address blocks:        185.91.15.0/24 maxlen: 24
                          185.91.12.0/24 maxlen: 24
                          185.91.12.0/22 maxlen: 22
                          185.91.13.0/24 maxlen: 24
                          185.91.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38013738 (0x2440b2a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d098e907c63457e6ca6281dfe297d972bffda805
        Validity
            Not Before: Jan  1 06:04:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0567680b8667d6a80434437c2531aaa64a8fb242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:5f:39:ca:b6:3f:28:3f:88:98:1c:32:01:13:
                    b3:cd:aa:ec:5f:df:5f:5d:98:3c:e8:74:b5:cf:a8:
                    15:bb:e2:4c:f0:02:ba:17:4c:ac:9a:3a:4d:75:bd:
                    88:f3:69:a7:68:5f:48:db:10:94:d7:1b:be:9f:cd:
                    78:18:69:f9:f9:93:2c:ca:4b:84:10:1a:42:03:96:
                    66:5f:36:fb:48:a6:95:be:54:cb:22:7b:0d:d1:ab:
                    0c:da:80:f4:bf:16:ba:96:0e:ac:e4:7b:a3:54:18:
                    de:80:ad:8b:8e:9c:29:0e:d9:10:31:7f:4e:51:ed:
                    2c:a0:7f:29:4a:3c:4f:b2:30:00:64:bb:2a:f9:d6:
                    23:35:85:05:57:09:6c:ab:5a:44:08:87:c9:aa:35:
                    c1:2a:0a:f4:c4:06:47:a4:c2:03:62:36:0b:a7:8b:
                    ef:75:06:aa:70:22:e3:ed:fa:aa:a5:60:e5:b2:20:
                    84:82:df:d0:76:6d:c9:79:c7:be:e5:f7:4f:55:15:
                    59:67:54:13:b3:04:bf:c3:30:27:c0:b1:21:8f:8a:
                    4b:bf:4a:18:e5:69:2e:2c:7c:e5:2c:2a:f4:f3:56:
                    f4:d2:8b:a3:a6:b1:25:c1:15:d6:d9:7d:67:93:d9:
                    85:fa:12:ce:b9:d5:96:95:0e:a1:87:f5:57:01:ed:
                    da:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:67:68:0B:86:67:D6:A8:04:34:43:7C:25:31:AA:A6:4A:8F:B2:42
            X509v3 Authority Key Identifier:
                keyid:D0:98:E9:07:C6:34:57:E6:CA:62:81:DF:E2:97:D9:72:BF:FD:A8:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/BWdoC4Zn1qgENEN8JTGqpkqPskI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.91.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         24:92:8e:95:c4:f2:4d:54:23:8c:8c:e8:81:ab:21:5c:a0:33:
         e8:f6:2a:60:56:da:c9:22:05:d9:c6:a0:d7:e4:e3:ba:2e:c2:
         af:ac:ea:5d:be:38:e3:cd:3a:43:ff:59:c0:4a:e7:86:aa:76:
         f2:d8:5c:b6:bd:f3:a1:fe:e6:72:80:fa:14:41:ca:61:a4:aa:
         14:a9:88:7c:6d:68:bc:18:2e:f4:10:2e:0d:8f:69:e5:6a:8e:
         09:44:a6:7a:39:41:a9:39:df:a1:6c:06:64:24:e2:e9:6e:32:
         81:b2:a7:91:ce:5e:a1:d2:7d:62:4e:f5:90:f5:ca:bf:29:70:
         a7:f0:11:73:28:a4:45:af:88:53:db:1a:2b:6b:50:15:1a:26:
         e0:8e:80:49:f6:d2:4f:34:ee:05:f4:72:21:00:ab:0a:34:1d:
         5b:46:45:c9:a5:74:c7:09:67:9f:63:05:9d:7d:66:ee:c7:4a:
         58:aa:44:a5:76:b8:6b:3e:a0:97:78:49:03:38:5d:2c:75:5a:
         19:c0:61:79:29:9e:7e:ed:d0:2f:df:5a:b3:fd:92:7d:e5:9a:
         69:18:a4:a4:e8:f3:7b:80:82:95:4a:ab:3d:53:58:a1:44:1d:
         9a:43:83:1c:4b:7a:b2:ac:5f:f8:9a:9a:04:3a:ac:95:24:71:
         c8:ae:40:12
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkQLKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDk4ZTkwN2M2MzQ1N2U2Y2E2MjgxZGZlMjk3ZDk3MmJmZmRhODA1MB4XDTIyMDEw
MTA2MDQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDU2NzY4MGI4NjY3
ZDZhODA0MzQ0MzdjMjUzMWFhYTY0YThmYjI0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1fOcq2Pyg/iJgcMgETs82q7F/fX12YPOh0tc+oFbviTPAC
uhdMrJo6TXW9iPNpp2hfSNsQlNcbvp/NeBhp+fmTLMpLhBAaQgOWZl82+0imlb5U
yyJ7DdGrDNqA9L8WupYOrOR7o1QY3oCti46cKQ7ZEDF/TlHtLKB/KUo8T7IwAGS7
KvnWIzWFBVcJbKtaRAiHyao1wSoK9MQGR6TCA2I2C6eL73UGqnAi4+36qqVg5bIg
hILf0HZtyXnHvuX3T1UVWWdUE7MEv8MwJ8CxIY+KS79KGOVpLix85Swq9PNW9NKL
o6axJcEV1tl9Z5PZhfoSzrnVlpUOoYf1VwHt2mcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQFZ2gLhmfWqAQ0Q3wlMaqmSo+yQjAfBgNVHSMEGDAWgBTQmOkHxjRX5spi
gd/il9lyv/2oBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBKanBCOFkwVi1iS1lvSGY0cGZaY3JfOXFBVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvYzYzYjZjLTZhYWQtNGE3NC04MDdjLTEwZTEzZDQzZjBkZC8x
L0JXZG9DNFpuMXFnRU5FTjhKVEdxcGtxUHNrSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
YzYzYjZjLTZhYWQtNGE3NC04MDdjLTEwZTEzZDQzZjBkZC8xLzBKanBCOFkwVi1i
S1lvSGY0cGZaY3JfOXFBVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlbDDANBgkqhkiG9w0BAQsFAAOC
AQEAJJKOlcTyTVQjjIzogashXKAz6PYqYFbaySIF2cag1+Tjui7Cr6zqXb444806
Q/9ZwErnhqp28thctr3zof7mcoD6FEHKYaSqFKmIfG1ovBgu9BAuDY9p5WqOCUSm
ejlBqTnfoWwGZCTi6W4ygbKnkc5eodJ9Yk71kPXKvylwp/ARcyikRa+IU9saK2tQ
FRom4I6ASfbSTzTuBfRyIQCrCjQdW0ZFyaV0xwlnn2MFnX1m7sdKWKpEpXa4az6g
l3hJAzhdLHVaGcBheSmefu3QL99as/2SfeWaaRikpOjze4CClUqrPVNYoUQdmkOD
HEt6sqxf+JqaBDqslSRxyK5AEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:07 2024 by rpki-client on console-ams.rpki-client.org