Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/WJW2U9l0AEj_Scyr3FOBKaAT6FU.roa
File:                     WJW2U9l0AEj_Scyr3FOBKaAT6FU.roa (raw, json)
Hash identifier:          PCwly7M9FA9ufd5QW/QOxR4aUhUuZdFOXDugwxYq3Es=
Subject key identifier:   58:95:B6:53:D9:74:00:48:FF:49:CC:AB:DC:53:81:29:A0:13:E8:55
Certificate issuer:       /CN=80e6205c2a210f57fb71f27f3c4baaeb53dd5e33
Certificate serial:       07C5664E
Authority key identifier: 80:E6:20:5C:2A:21:0F:57:FB:71:F2:7F:3C:4B:AA:EB:53:DD:5E:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOYgXCohD1f7cfJ_PEuq61PdXjM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/WJW2U9l0AEj_Scyr3FOBKaAT6FU.roa
Signing time:             Sat 01 Jan 2022 16:02:12 +0000
ROA not before:           Sat 01 Jan 2022 16:02:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47607
IP address blocks:        91.208.70.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 130377294 (0x7c5664e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80e6205c2a210f57fb71f27f3c4baaeb53dd5e33
        Validity
            Not Before: Jan  1 16:02:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5895b653d9740048ff49ccabdc538129a013e855
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:16:f8:e1:9d:b8:a3:df:c5:03:be:f5:0d:3d:
                    9e:8c:fe:5e:83:7b:7a:70:89:ae:4e:4a:8f:92:7a:
                    f4:a4:35:bb:05:21:eb:47:34:83:e8:a0:35:47:66:
                    6b:61:e7:48:05:77:5f:ff:76:72:75:b4:e4:96:a8:
                    bb:bb:c5:82:dc:69:fc:8e:be:fb:2c:6a:c7:40:f4:
                    39:92:1b:e8:14:04:e7:46:ae:8d:45:02:3f:97:fc:
                    4c:22:f0:93:10:7e:60:a5:10:30:e7:9b:56:91:ea:
                    25:4a:a6:df:0d:d7:06:c5:7d:f9:7c:d5:db:1e:45:
                    94:97:71:3d:50:2d:37:65:b1:df:3e:a7:8a:09:36:
                    b0:74:34:11:79:80:6e:08:c0:53:7c:5c:ac:17:32:
                    72:54:4a:98:0b:04:9a:04:00:a6:da:2a:f4:9b:4f:
                    21:5b:76:9f:e1:77:60:d9:57:bc:a3:77:9d:1a:47:
                    95:3d:7b:17:4a:38:ad:72:73:ed:11:ed:b1:04:6c:
                    fd:14:d6:33:42:3f:36:4d:47:c2:a8:19:07:9e:c9:
                    65:ef:20:57:cd:2b:92:42:1f:e8:a2:f2:99:07:21:
                    11:8f:f3:77:f9:ee:e6:87:20:b8:37:cf:50:93:bc:
                    e7:d3:56:d0:6a:0d:c3:71:dc:e4:5e:31:93:6d:04:
                    0f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:95:B6:53:D9:74:00:48:FF:49:CC:AB:DC:53:81:29:A0:13:E8:55
            X509v3 Authority Key Identifier:
                keyid:80:E6:20:5C:2A:21:0F:57:FB:71:F2:7F:3C:4B:AA:EB:53:DD:5E:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOYgXCohD1f7cfJ_PEuq61PdXjM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/WJW2U9l0AEj_Scyr3FOBKaAT6FU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1f74e4-dc68-4b2e-8eb1-7b8d7ee9f411/1/gOYgXCohD1f7cfJ_PEuq61PdXjM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:c4:37:e5:d4:1e:6d:25:90:35:22:bc:96:ba:3a:7e:5a:b6:
         66:20:80:e0:4b:8f:4e:d4:06:c9:47:71:42:b3:66:1b:89:96:
         c6:b9:2d:f8:e3:e6:65:3e:e1:56:24:e9:3d:8b:7c:04:48:09:
         44:a3:62:1c:95:1f:38:d5:f2:a1:5e:0a:eb:a0:f6:9a:eb:c5:
         d4:5f:57:6d:fb:34:64:ab:d4:e1:28:e5:79:ac:2c:92:22:47:
         85:f8:45:3e:d6:9d:f9:2b:22:6a:3b:69:5d:62:1e:2d:68:b5:
         60:65:42:cc:0f:b3:fe:ee:26:c6:8d:56:f5:e4:ce:73:4e:28:
         a5:48:6a:bf:9a:08:b7:98:6f:c7:fb:d1:cd:79:58:a5:89:89:
         5b:26:91:65:15:b2:c8:1e:a3:42:d3:c0:f7:9e:63:78:e0:86:
         c9:48:31:b8:a1:e0:a5:59:25:37:f9:ba:47:b5:ce:1c:f7:f3:
         4d:c7:bd:a1:5c:bc:ff:03:37:0d:b6:a1:89:66:55:b4:1b:71:
         7b:5d:dc:65:53:fd:3a:32:a6:18:b6:a7:d5:ca:b7:57:a6:f4:
         9b:5e:a4:af:70:9e:51:2e:0a:b2:8c:c4:92:06:9d:e2:8c:23:
         ea:f2:7f:ad:22:0c:1b:7e:71:e9:87:19:e5:b3:50:db:37:13:
         a2:ae:91:70
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB8VmTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGU2MjA1YzJhMjEwZjU3ZmI3MWYyN2YzYzRiYWFlYjUzZGQ1ZTMzMB4XDTIyMDEw
MTE2MDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg5NWI2NTNkOTc0
MDA0OGZmNDljY2FiZGM1MzgxMjlhMDEzZTg1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4W+OGduKPfxQO+9Q09noz+XoN7enCJrk5Kj5J69KQ1uwUh
60c0g+igNUdma2HnSAV3X/92cnW05Jaou7vFgtxp/I6++yxqx0D0OZIb6BQE50au
jUUCP5f8TCLwkxB+YKUQMOebVpHqJUqm3w3XBsV9+XzV2x5FlJdxPVAtN2Wx3z6n
igk2sHQ0EXmAbgjAU3xcrBcyclRKmAsEmgQAptoq9JtPIVt2n+F3YNlXvKN3nRpH
lT17F0o4rXJz7RHtsQRs/RTWM0I/Nk1HwqgZB57JZe8gV80rkkIf6KLymQchEY/z
d/nu5ocguDfPUJO859NW0GoNw3Hc5F4xk20ED58CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRYlbZT2XQASP9JzKvcU4EpoBPoVTAfBgNVHSMEGDAWgBSA5iBcKiEPV/tx
8n88S6rrU91eMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dPWWdYQ29oRDFmN2NmSl9QRXVxNjFQZFhqTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvMWY3NGU0LWRjNjgtNGIyZS04ZWIxLTdiOGQ3ZWU5ZjQxMS8x
L1dKVzJVOWwwQUVqX1NjeXIzRk9CS2FBVDZGVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
MWY3NGU0LWRjNjgtNGIyZS04ZWIxLTdiOGQ3ZWU5ZjQxMS8xL2dPWWdYQ29oRDFm
N2NmSl9QRXVxNjFQZFhqTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvQRjANBgkqhkiG9w0BAQsFAAOC
AQEAFcQ35dQebSWQNSK8lro6flq2ZiCA4EuPTtQGyUdxQrNmG4mWxrkt+OPmZT7h
ViTpPYt8BEgJRKNiHJUfONXyoV4K66D2muvF1F9Xbfs0ZKvU4SjleawskiJHhfhF
Ptad+SsiajtpXWIeLWi1YGVCzA+z/u4mxo1W9eTOc04opUhqv5oIt5hvx/vRzXlY
pYmJWyaRZRWyyB6jQtPA955jeOCGyUgxuKHgpVklN/m6R7XOHPfzTce9oVy8/wM3
DbahiWZVtBtxe13cZVP9OjKmGLan1cq3V6b0m16kr3CeUS4KsozEkgad4owj6vJ/
rSIMG35x6YcZ5bNQ2zcToq6RcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:43 2024 by rpki-client on console-ams.rpki-client.org