Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/aIhx-hnCf9PP1s2Ti52G1Fix9AI.roa
File:                     aIhx-hnCf9PP1s2Ti52G1Fix9AI.roa (raw, json)
Hash identifier:          Ctu+WqNuPwRKBL8YbeKBQDN6g0VMQkhgNtY+UtbeYLQ=
Subject key identifier:   68:88:71:FA:19:C2:7F:D3:CF:D6:CD:93:8B:9D:86:D4:58:B1:F4:02
Certificate issuer:       /CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Certificate serial:       3553AFD9
Authority key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/aIhx-hnCf9PP1s2Ti52G1Fix9AI.roa
Signing time:             Sat 01 Jan 2022 06:06:37 +0000
ROA not before:           Sat 01 Jan 2022 06:06:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9192
IP address blocks:        91.126.78.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 894676953 (0x3553afd9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
        Validity
            Not Before: Jan  1 06:06:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=688871fa19c27fd3cfd6cd938b9d86d458b1f402
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:db:27:12:2f:2b:fa:54:6f:41:97:60:a4:2b:
                    55:94:b6:e2:c9:04:6c:41:86:3c:88:ae:09:e7:6f:
                    a1:09:1d:4d:dd:62:a0:24:0c:ec:9b:63:69:bf:7d:
                    c0:14:62:e8:1d:e9:e5:80:60:c8:72:aa:1f:dd:44:
                    6b:d9:c6:65:20:74:5e:3a:ff:d0:33:a9:50:1f:2a:
                    e3:88:44:3b:78:2d:55:31:a9:1f:60:63:6f:bf:bc:
                    5f:2d:ec:91:30:2e:07:d4:8b:d0:41:ff:ca:e2:7e:
                    de:98:e7:89:3d:13:17:60:43:dd:6f:55:c9:46:9e:
                    f2:6d:54:a0:91:6f:8b:99:86:a2:0f:cc:53:fa:cf:
                    ee:63:5d:92:af:9b:b7:4f:ec:e6:e6:9a:30:b9:a2:
                    05:54:5e:4a:a3:4b:fe:1d:03:3d:b8:07:ab:d0:ea:
                    46:f3:05:b1:f5:5f:7d:b9:36:93:c7:57:ce:5b:0c:
                    cb:31:0e:88:a5:bf:8c:64:97:c6:fa:55:b7:87:04:
                    42:eb:6a:41:98:6b:b9:79:0f:4e:ad:71:85:d4:21:
                    7b:96:21:ee:f7:b0:e9:6d:41:a8:49:46:d5:be:91:
                    90:a3:0c:f7:37:7e:05:c6:b8:51:15:d3:06:e8:cb:
                    78:d1:dd:9e:48:2d:6c:10:7e:11:c6:5a:43:c1:3e:
                    d8:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:88:71:FA:19:C2:7F:D3:CF:D6:CD:93:8B:9D:86:D4:58:B1:F4:02
            X509v3 Authority Key Identifier:
                keyid:01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/aIhx-hnCf9PP1s2Ti52G1Fix9AI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.126.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:07:a5:16:00:69:ab:45:5c:f7:a6:5e:93:a1:61:d7:6a:11:
         37:8f:c1:3b:8b:8d:3e:a7:c4:dd:b1:86:8d:57:73:78:30:6f:
         81:cb:3f:46:d1:d2:18:8d:60:5c:d8:54:94:48:b5:bf:f3:1c:
         26:4c:c8:01:ec:7c:ea:60:6a:fc:fe:cf:89:c3:41:ce:c7:96:
         e7:28:6d:fa:17:c4:d7:0f:ab:7b:db:e1:8f:d5:b1:dc:25:ef:
         55:fa:06:d4:3a:39:d8:fa:6b:6f:bc:65:42:77:fc:14:79:00:
         db:f0:84:20:1c:d3:22:84:45:da:75:ae:ca:3f:a1:ea:20:6b:
         96:34:f2:d0:ad:4a:32:1d:db:cc:9d:0a:77:44:ea:0d:1d:05:
         19:5b:c8:91:43:0c:5f:06:97:30:98:78:e1:65:3b:6a:ad:e2:
         64:cb:3a:0e:28:c1:0c:9b:74:f3:88:d5:29:47:fd:e1:74:8f:
         64:6e:93:23:eb:b1:c4:6c:b0:17:fe:e4:2e:2c:4e:6b:61:82:
         72:6d:da:83:75:6c:a5:0d:3f:fb:ef:53:7b:1c:f3:f5:70:2c:
         2c:96:67:f1:4a:ce:b3:82:75:cd:f0:ec:7d:4c:a2:c3:6d:0e:
         62:ae:6a:a1:a7:5d:f2:df:68:61:54:ce:e8:39:95:b8:3d:19:
         78:f8:4f:bc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENVOv2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTcwYTE2OWI2Y2Q0MTEwMjIyNzllOWZmOTk3ZjEzNGZmNTRhYjFjMB4XDTIyMDEw
MTA2MDYzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg4ODcxZmExOWMy
N2ZkM2NmZDZjZDkzOGI5ZDg2ZDQ1OGIxZjQwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHbJxIvK/pUb0GXYKQrVZS24skEbEGGPIiuCedvoQkdTd1i
oCQM7Jtjab99wBRi6B3p5YBgyHKqH91Ea9nGZSB0Xjr/0DOpUB8q44hEO3gtVTGp
H2Bjb7+8Xy3skTAuB9SL0EH/yuJ+3pjniT0TF2BD3W9VyUae8m1UoJFvi5mGog/M
U/rP7mNdkq+bt0/s5uaaMLmiBVReSqNL/h0DPbgHq9DqRvMFsfVffbk2k8dXzlsM
yzEOiKW/jGSXxvpVt4cEQutqQZhruXkPTq1xhdQhe5Yh7vew6W1BqElG1b6RkKMM
9zd+Bca4URXTBujLeNHdnkgtbBB+EcZaQ8E+2DsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRoiHH6GcJ/08/WzZOLnYbUWLH0AjAfBgNVHSMEGDAWgBQBcKFpts1BECIn
np/5l/E0/1SrHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FYQ2hhYmJOUVJBaUo1NmYtWmZ4TlA5VXF4dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvMWU3NzdmLTk4NmItNGUzNC04ZDgxLTdkNGJiMjM4MDQ4Ny8x
L2FJaHgtaG5DZjlQUDFzMlRpNTJHMUZpeDlBSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
MWU3NzdmLTk4NmItNGUzNC04ZDgxLTdkNGJiMjM4MDQ4Ny8xL0FYQ2hhYmJOUVJB
aUo1NmYtWmZ4TlA5VXF4dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFt+TjANBgkqhkiG9w0BAQsFAAOC
AQEALgelFgBpq0Vc96Zek6Fh12oRN4/BO4uNPqfE3bGGjVdzeDBvgcs/RtHSGI1g
XNhUlEi1v/McJkzIAex86mBq/P7PicNBzseW5yht+hfE1w+re9vhj9Wx3CXvVfoG
1Do52Pprb7xlQnf8FHkA2/CEIBzTIoRF2nWuyj+h6iBrljTy0K1KMh3bzJ0Kd0Tq
DR0FGVvIkUMMXwaXMJh44WU7aq3iZMs6DijBDJt084jVKUf94XSPZG6TI+uxxGyw
F/7kLixOa2GCcm3ag3VspQ0/++9Texzz9XAsLJZn8UrOs4J1zfDsfUyiw20OYq5q
oadd8t9oYVTO6DmVuD0ZePhPvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:13 2024 by rpki-client on console-fra.rpki-client.org