Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/nGH75NmOvUdEWn-Yp8FL8-AVPRs.roa
File:                     nGH75NmOvUdEWn-Yp8FL8-AVPRs.roa (raw, json)
Hash identifier:          YPubKD0PdQd4JAHdGCohAruckqISVs2Hd8z99a1A8Dk=
Subject key identifier:   9C:61:FB:E4:D9:8E:BD:47:44:5A:7F:98:A7:C1:4B:F3:E0:15:3D:1B
Certificate issuer:       /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial:       01822530ACAE0480C717E2BDE5D3A85BBD48
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/nGH75NmOvUdEWn-Yp8FL8-AVPRs.roa
Signing time:             Fri 22 Jul 2022 09:15:23 +0000
ROA not before:           Fri 22 Jul 2022 09:15:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     996
IP address blocks:        92.51.44.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:25:30:ac:ae:04:80:c7:17:e2:bd:e5:d3:a8:5b:bd:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
        Validity
            Not Before: Jul 22 09:15:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9c61fbe4d98ebd47445a7f98a7c14bf3e0153d1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:90:5c:40:99:31:23:51:30:13:5b:81:6d:bd:
                    d8:a8:46:90:d1:dc:19:6b:34:9d:f2:06:a8:80:93:
                    74:ba:10:82:bb:bc:31:5b:d3:b1:8f:57:fe:b8:bc:
                    23:20:82:3f:25:e3:3f:87:e3:ec:74:73:df:21:4c:
                    b7:e9:fa:6c:43:77:71:59:cb:ce:ca:17:2f:f1:2e:
                    7b:f3:54:15:9c:68:f9:29:f0:65:04:36:39:be:d6:
                    b1:03:40:09:60:ca:84:b9:79:b3:ed:33:f9:19:23:
                    16:f9:57:33:d7:96:17:10:e0:0e:84:0d:40:b6:3b:
                    7e:2a:63:25:f1:60:0a:fc:73:44:da:cf:3a:1a:93:
                    6b:51:b6:d0:75:69:d1:84:6e:4e:15:51:2c:75:b4:
                    e8:21:09:02:bc:7f:08:ce:b7:5f:5d:da:f6:7a:07:
                    2a:32:35:60:94:79:a1:f1:68:23:a2:94:9d:aa:6e:
                    c3:fb:ab:7b:01:69:6c:12:9b:4e:4c:45:3e:da:72:
                    e4:07:f0:01:8c:5d:3f:18:66:8c:90:db:df:b5:3b:
                    9f:c7:93:6b:b4:f5:b9:61:27:8d:eb:50:7e:62:e3:
                    cc:29:4f:52:be:ec:a4:18:54:09:5a:a2:56:25:3d:
                    15:c0:4a:cb:26:a4:38:b2:06:5d:14:9b:13:6f:de:
                    1f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:61:FB:E4:D9:8E:BD:47:44:5A:7F:98:A7:C1:4B:F3:E0:15:3D:1B
            X509v3 Authority Key Identifier:
                keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/nGH75NmOvUdEWn-Yp8FL8-AVPRs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.51.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:4a:4b:c5:f6:e5:c0:71:31:5d:ed:41:8a:be:4e:f8:07:53:
         d0:d9:53:55:a2:6a:40:13:23:c0:7b:3a:b3:65:2b:4c:2b:33:
         6e:65:2c:47:18:6d:8f:a4:d5:3c:cc:a6:a9:a3:6a:ba:a4:18:
         7a:ac:09:0d:6d:78:29:5b:f3:f9:aa:55:16:d7:32:b5:13:f9:
         45:98:e0:c9:7d:72:39:51:36:17:2f:35:c5:2a:62:3e:ac:60:
         e5:b9:24:29:ed:74:67:1f:85:6d:7f:28:4b:ac:5c:3b:23:fc:
         a8:e0:1d:b1:72:7e:13:04:83:41:67:fa:37:1f:40:15:77:f3:
         b7:6c:c5:03:13:1b:15:f1:c6:da:c1:64:65:26:59:d6:30:45:
         a1:65:73:d4:a1:79:08:43:22:98:17:24:1e:7a:b6:9f:d8:ed:
         e8:80:df:b7:ea:23:63:f2:fd:00:f5:79:35:9b:f2:a2:ab:42:
         ed:6c:94:7d:6e:d1:23:fe:80:07:8a:85:fc:dd:e6:4d:5f:ce:
         97:d7:54:6d:c2:13:a6:a3:6c:4d:a0:81:09:1f:56:e8:0a:86:
         76:f2:ba:7c:4b:1d:63:91:8a:c0:77:f9:ec:90:1d:f5:6d:41:
         86:03:2a:9b:4d:dd:e4:10:23:b3:55:94:cb:60:e6:ba:4b:3a:
         4a:11:50:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIlMKyuBIDHF+K95dOoW71IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjIwNzIyMDkxNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzYxZmJlNGQ5OGViZDQ3NDQ1YTdmOThhN2MxNGJmM2UwMTUzZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJBcQJkxI1EwE1uBbb3YqEaQ0dwZ
azSd8gaogJN0uhCCu7wxW9Oxj1f+uLwjIII/JeM/h+PsdHPfIUy36fpsQ3dxWcvO
yhcv8S5781QVnGj5KfBlBDY5vtaxA0AJYMqEuXmz7TP5GSMW+Vcz15YXEOAOhA1A
tjt+KmMl8WAK/HNE2s86GpNrUbbQdWnRhG5OFVEsdbToIQkCvH8IzrdfXdr2egcq
MjVglHmh8WgjopSdqm7D+6t7AWlsEptOTEU+2nLkB/ABjF0/GGaMkNvftTufx5Nr
tPW5YSeN61B+YuPMKU9SvuykGFQJWqJWJT0VwErLJqQ4sgZdFJsTb94f5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxh++TZjr1HRFp/mKfBS/PgFT0bMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvbkdINzVObU92VWRFV24tWXA4Rkw4LUFWUFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXDMsMA0G
CSqGSIb3DQEBCwUAA4IBAQAgSkvF9uXAcTFd7UGKvk74B1PQ2VNVompAEyPAezqz
ZStMKzNuZSxHGG2PpNU8zKapo2q6pBh6rAkNbXgpW/P5qlUW1zK1E/lFmODJfXI5
UTYXLzXFKmI+rGDluSQp7XRnH4VtfyhLrFw7I/yo4B2xcn4TBINBZ/o3H0AVd/O3
bMUDExsV8cbawWRlJlnWMEWhZXPUoXkIQyKYFyQeeraf2O3ogN+36iNj8v0A9Xk1
m/Kiq0LtbJR9btEj/oAHioX83eZNX86X11RtwhOmo2xNoIEJH1boCoZ28rp8Sx1j
kYrAd/nskB31bUGGAyqbTd3kECOzVZTLYOa6SzpKEVDs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org