Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/4vBZtzFHxt8Lmw_Bj4mWFqKmAxU.roa
File:                     4vBZtzFHxt8Lmw_Bj4mWFqKmAxU.roa (raw, json)
Hash identifier:          9VWihGKQxXNeOTTKCnqeoWW+bezkY9uyc3ofcOVdcdg=
Subject key identifier:   E2:F0:59:B7:31:47:C6:DF:0B:9B:0F:C1:8F:89:96:16:A2:A6:03:15
Certificate issuer:       /CN=80e6205c2a210f57fb71f27f3c4baaeb53dd5e33
Certificate serial:       07C48EA1
Authority key identifier: 80:E6:20:5C:2A:21:0F:57:FB:71:F2:7F:3C:4B:AA:EB:53:DD:5E:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOYgXCohD1f7cfJ_PEuq61PdXjM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/4vBZtzFHxt8Lmw_Bj4mWFqKmAxU.roa
Signing time:             Sat 01 Jan 2022 16:02:12 +0000
ROA not before:           Sat 01 Jan 2022 16:02:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8685
IP address blocks:        91.208.70.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 130322081 (0x7c48ea1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80e6205c2a210f57fb71f27f3c4baaeb53dd5e33
        Validity
            Not Before: Jan  1 16:02:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e2f059b73147c6df0b9b0fc18f899616a2a60315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8f:53:92:de:51:06:79:69:c1:f7:ca:9a:ef:
                    d5:27:c6:14:03:19:4f:5a:77:e5:ec:67:25:58:fa:
                    89:84:87:3d:74:53:1d:cf:d8:3d:72:27:33:90:b6:
                    2e:16:9c:b2:1e:4d:50:1e:4a:84:9f:ab:fd:c9:e9:
                    33:71:61:b4:a1:52:0f:7b:34:bb:35:65:eb:ac:da:
                    64:80:5f:c4:6c:b8:d2:7f:49:42:a3:73:2a:4f:ed:
                    04:75:7d:fa:4d:0c:bf:51:2e:24:51:6d:01:62:a7:
                    b9:f1:5e:3d:8b:0c:14:9e:6f:26:96:d4:bc:35:1b:
                    1a:9e:bc:88:b5:fd:76:c2:e9:13:61:fc:8d:1f:ca:
                    8a:b4:1d:1d:2f:a7:03:c1:8a:dc:37:f9:c5:18:f1:
                    17:c5:99:0e:80:58:92:8d:2b:14:fc:ff:18:19:43:
                    12:e4:d7:e1:7b:00:b9:6d:0d:26:46:21:71:6c:ed:
                    c6:7c:dc:2c:c6:fc:3f:55:ee:b6:c7:f8:63:14:72:
                    81:f7:d9:af:4f:6a:08:01:c9:d7:9b:52:f3:12:91:
                    1a:b1:30:08:3c:7b:07:04:16:f1:c8:66:7a:f7:44:
                    e6:d5:3b:3d:53:50:26:49:58:2f:9c:d9:be:e8:72:
                    1c:19:d4:97:88:47:c0:c6:13:0a:90:8b:be:4b:e6:
                    b3:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:F0:59:B7:31:47:C6:DF:0B:9B:0F:C1:8F:89:96:16:A2:A6:03:15
            X509v3 Authority Key Identifier:
                keyid:80:E6:20:5C:2A:21:0F:57:FB:71:F2:7F:3C:4B:AA:EB:53:DD:5E:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOYgXCohD1f7cfJ_PEuq61PdXjM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/4vBZtzFHxt8Lmw_Bj4mWFqKmAxU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/gOYgXCohD1f7cfJ_PEuq61PdXjM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:1d:b3:fd:67:3f:28:36:3f:d5:4a:37:a9:42:db:85:2b:f2:
         cd:0c:15:3b:c8:e0:66:9e:7c:a6:fe:bc:36:25:db:0f:29:ec:
         0f:d7:55:81:d3:65:a7:27:1c:49:f6:1f:05:da:20:88:e0:35:
         9c:8f:3b:c2:d4:10:7d:0e:65:0f:96:01:9e:14:c7:a4:b6:90:
         46:3c:7d:bd:95:ef:04:d3:34:1e:e7:14:b5:ad:b1:83:f9:88:
         38:0b:7f:7a:5e:c7:24:b7:f2:1a:96:a5:dd:ed:31:e1:c3:14:
         2f:fc:87:18:9a:53:54:5e:7f:00:10:f8:08:14:fb:9b:03:33:
         97:17:71:58:fe:98:bb:b6:26:61:bb:98:a2:21:90:7f:51:e3:
         95:e7:f0:b9:a2:0d:9f:f9:a1:03:ee:55:61:e6:1a:e3:ef:c6:
         11:59:7e:43:53:a9:77:bd:20:e7:12:a0:4a:3f:b3:21:25:18:
         51:2b:5a:0c:20:69:cf:1d:19:d9:de:fd:c1:65:94:5b:d7:cb:
         fb:b6:89:5b:be:e2:66:eb:db:5c:1e:a0:58:e9:fc:7b:9a:c6:
         51:57:89:48:8f:75:57:df:cc:6d:62:28:b3:fd:cd:a2:4b:96:
         0e:e8:b8:2a:25:5b:ed:0f:fd:85:9c:30:5c:f8:70:d8:43:88:
         b5:d4:73:af
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB8SOoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGU2MjA1YzJhMjEwZjU3ZmI3MWYyN2YzYzRiYWFlYjUzZGQ1ZTMzMB4XDTIyMDEw
MTE2MDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJmMDU5YjczMTQ3
YzZkZjBiOWIwZmMxOGY4OTk2MTZhMmE2MDMxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaPU5LeUQZ5acH3yprv1SfGFAMZT1p35exnJVj6iYSHPXRT
Hc/YPXInM5C2Lhacsh5NUB5KhJ+r/cnpM3FhtKFSD3s0uzVl66zaZIBfxGy40n9J
QqNzKk/tBHV9+k0Mv1EuJFFtAWKnufFePYsMFJ5vJpbUvDUbGp68iLX9dsLpE2H8
jR/KirQdHS+nA8GK3Df5xRjxF8WZDoBYko0rFPz/GBlDEuTX4XsAuW0NJkYhcWzt
xnzcLMb8P1Xutsf4YxRygffZr09qCAHJ15tS8xKRGrEwCDx7BwQW8chmevdE5tU7
PVNQJklYL5zZvuhyHBnUl4hHwMYTCpCLvkvms0UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTi8Fm3MUfG3wubD8GPiZYWoqYDFTAfBgNVHSMEGDAWgBSA5iBcKiEPV/tx
8n88S6rrU91eMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dPWWdYQ29oRDFmN2NmSl9QRXVxNjFQZFhqTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvMWY3NGU0LWRjNjgtNGIyZS04ZWIxLTdiOGQ3ZWU5ZjQxMS8x
LzR2Qlp0ekZIeHQ4TG13X0JqNG1XRnFLbUF4VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
MWY3NGU0LWRjNjgtNGIyZS04ZWIxLTdiOGQ3ZWU5ZjQxMS8xL2dPWWdYQ29oRDFm
N2NmSl9QRXVxNjFQZFhqTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvQRjANBgkqhkiG9w0BAQsFAAOC
AQEAYh2z/Wc/KDY/1Uo3qULbhSvyzQwVO8jgZp58pv68NiXbDynsD9dVgdNlpycc
SfYfBdogiOA1nI87wtQQfQ5lD5YBnhTHpLaQRjx9vZXvBNM0HucUta2xg/mIOAt/
el7HJLfyGpal3e0x4cMUL/yHGJpTVF5/ABD4CBT7mwMzlxdxWP6Yu7YmYbuYoiGQ
f1HjlefwuaINn/mhA+5VYeYa4+/GEVl+Q1Opd70g5xKgSj+zISUYUStaDCBpzx0Z
2d79wWWUW9fL+7aJW77iZuvbXB6gWOn8e5rGUVeJSI91V9/MbWIos/3NokuWDui4
KiVb7Q/9hZwwXPhw2EOItdRzrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:13 2024 by rpki-client on console-fra.rpki-client.org