Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/e477bd-ac8b-455d-bc7f-eddac0c7a1f2/1/FkqbmZN08fvEp4l0XoJgEZ-7ajc.roa
File:                     FkqbmZN08fvEp4l0XoJgEZ-7ajc.roa (raw, json)
Hash identifier:          LlHVhvqpphgprGd30VoybP2nibuAYJJnP1xfxV8g0HM=
Subject key identifier:   16:4A:9B:99:93:74:F1:FB:C4:A7:89:74:5E:82:60:11:9F:BB:6A:37
Certificate issuer:       /CN=2edc5783725d59501962aa2cb5b590c42b57df5e
Certificate serial:       03CE0A46
Authority key identifier: 2E:DC:57:83:72:5D:59:50:19:62:AA:2C:B5:B5:90:C4:2B:57:DF:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LtxXg3JdWVAZYqostbWQxCtX314.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/e477bd-ac8b-455d-bc7f-eddac0c7a1f2/1/FkqbmZN08fvEp4l0XoJgEZ-7ajc.roa
Signing time:             Sat 01 Jan 2022 02:53:03 +0000
ROA not before:           Sat 01 Jan 2022 02:53:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41360
IP address blocks:        91.217.67.0/24 maxlen: 24
                          91.217.66.0/24 maxlen: 24
                          91.217.66.0/23 maxlen: 23
                          91.192.44.0/22 maxlen: 22
                          91.192.44.0/23 maxlen: 23
                          91.192.44.0/24 maxlen: 24
                          91.192.46.0/24 maxlen: 24
                          91.192.46.0/23 maxlen: 23
                          91.192.45.0/24 maxlen: 24
                          91.192.47.0/24 maxlen: 24
                          194.9.15.0/24 maxlen: 24
                          194.9.14.0/23 maxlen: 23
                          194.9.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63834694 (0x3ce0a46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2edc5783725d59501962aa2cb5b590c42b57df5e
        Validity
            Not Before: Jan  1 02:53:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=164a9b999374f1fbc4a789745e8260119fbb6a37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e0:6d:a8:44:8f:62:36:2b:44:80:be:17:d8:
                    a9:d4:10:ce:23:d7:d3:d0:7a:07:a0:09:c7:50:17:
                    8a:7f:96:7d:52:ae:aa:c7:8f:3d:57:35:f7:1e:1c:
                    a0:c0:40:50:be:8d:6f:ad:b2:2d:10:e3:ca:d5:ad:
                    18:99:60:be:7d:de:9a:6a:18:e2:7a:01:11:0b:82:
                    53:09:67:a8:7c:29:24:69:a9:a7:f9:9f:bf:71:5f:
                    67:18:62:37:6a:3e:ad:a7:8e:5f:bb:40:05:a4:2d:
                    8c:5b:2e:ec:67:07:36:97:2a:4f:2d:2e:dd:a4:c4:
                    5b:b4:8a:86:14:ee:fb:ff:be:6f:8b:e9:6b:8a:e3:
                    8d:ea:90:49:88:ba:66:28:95:d3:6b:f3:7b:af:f8:
                    7c:5b:b5:71:ea:cc:28:0e:08:bb:be:dd:f3:6d:05:
                    e1:53:28:f2:39:5f:f4:24:e7:1f:bc:e5:e8:f8:49:
                    2e:82:c9:0c:fd:7f:17:2d:22:32:b8:90:d4:66:b1:
                    a9:28:f6:0f:d0:15:df:e0:08:85:c4:2a:b0:89:63:
                    bc:66:d4:e9:e9:c3:bf:20:31:30:90:8f:fd:16:b7:
                    dc:8c:64:cd:ff:90:fe:d6:a8:5a:50:23:b4:d4:c1:
                    06:64:a6:87:b4:20:01:66:d2:62:3b:5f:3d:89:d4:
                    43:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:4A:9B:99:93:74:F1:FB:C4:A7:89:74:5E:82:60:11:9F:BB:6A:37
            X509v3 Authority Key Identifier:
                keyid:2E:DC:57:83:72:5D:59:50:19:62:AA:2C:B5:B5:90:C4:2B:57:DF:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LtxXg3JdWVAZYqostbWQxCtX314.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/e477bd-ac8b-455d-bc7f-eddac0c7a1f2/1/FkqbmZN08fvEp4l0XoJgEZ-7ajc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/e477bd-ac8b-455d-bc7f-eddac0c7a1f2/1/LtxXg3JdWVAZYqostbWQxCtX314.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.192.44.0/22
                  91.217.66.0/23
                  194.9.14.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:75:8a:a4:d4:c7:5e:61:dd:49:af:21:73:52:8d:6b:4e:31:
         6e:86:66:4d:56:68:50:36:25:38:b6:90:47:19:8f:bc:70:1b:
         49:28:e1:b2:69:fc:ad:2d:eb:a8:2f:e6:eb:8a:bf:aa:ff:64:
         f2:8a:47:b0:28:42:03:15:06:24:a0:c1:cf:38:de:36:e4:cf:
         9a:f3:01:6b:9d:20:4f:c4:ed:88:56:3e:c7:0f:5e:c3:4e:d9:
         ef:20:f5:b5:9b:f6:a4:ce:03:3a:21:d9:ed:2f:a9:50:74:c5:
         42:77:a7:6d:8f:2e:db:c5:96:8b:a2:4d:02:5c:a8:6e:06:d9:
         87:4d:7b:cf:f8:5d:ed:02:c0:5f:f2:bc:d8:5b:43:83:eb:5b:
         71:a9:a4:49:14:5a:73:57:d1:78:5c:75:63:88:ae:bf:6c:68:
         b0:22:f5:95:6d:db:38:97:4c:6b:85:46:ef:3d:1e:dc:f9:72:
         7e:c3:64:73:c5:17:85:75:25:be:01:e4:72:cc:05:88:d1:df:
         9e:1a:44:f2:af:cf:60:b6:e0:19:41:fd:30:33:9c:83:62:5d:
         2e:be:5f:57:fe:bb:88:74:e5:2a:dd:82:39:bf:0d:e8:75:f8:
         30:af:92:5f:85:5c:95:bc:f7:7b:f0:f9:b0:a2:1c:c8:45:32:
         c4:8f:d3:41
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA84KRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWRjNTc4MzcyNWQ1OTUwMTk2MmFhMmNiNWI1OTBjNDJiNTdkZjVlMB4XDTIyMDEw
MTAyNTMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY0YTliOTk5Mzc0
ZjFmYmM0YTc4OTc0NWU4MjYwMTE5ZmJiNmEzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALngbahEj2I2K0SAvhfYqdQQziPX09B6B6AJx1AXin+WfVKu
qsePPVc19x4coMBAUL6Nb62yLRDjytWtGJlgvn3emmoY4noBEQuCUwlnqHwpJGmp
p/mfv3FfZxhiN2o+raeOX7tABaQtjFsu7GcHNpcqTy0u3aTEW7SKhhTu+/++b4vp
a4rjjeqQSYi6ZiiV02vze6/4fFu1cerMKA4Iu77d820F4VMo8jlf9CTnH7zl6PhJ
LoLJDP1/Fy0iMriQ1GaxqSj2D9AV3+AIhcQqsIljvGbU6enDvyAxMJCP/Ra33Ixk
zf+Q/taoWlAjtNTBBmSmh7QgAWbSYjtfPYnUQ4ECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQWSpuZk3Tx+8SniXRegmARn7tqNzAfBgNVHSMEGDAWgBQu3FeDcl1ZUBli
qiy1tZDEK1ffXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x0eFhnM0pkV1ZBWllxb3N0YldReEN0WDMxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvZTQ3N2JkLWFjOGItNDU1ZC1iYzdmLWVkZGFjMGM3YTFmMi8x
L0ZrcWJtWk4wOGZ2RXA0bDBYb0pnRVotN2FqYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
ZTQ3N2JkLWFjOGItNDU1ZC1iYzdmLWVkZGFjMGM3YTFmMi8xL0x0eFhnM0pkV1ZB
Wllxb3N0YldReEN0WDMxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAlvALAMEAVvZQgMEAcIJDjANBgkq
hkiG9w0BAQsFAAOCAQEABHWKpNTHXmHdSa8hc1KNa04xboZmTVZoUDYlOLaQRxmP
vHAbSSjhsmn8rS3rqC/m64q/qv9k8opHsChCAxUGJKDBzzjeNuTPmvMBa50gT8Tt
iFY+xw9ew07Z7yD1tZv2pM4DOiHZ7S+pUHTFQnenbY8u28WWi6JNAlyobgbZh017
z/hd7QLAX/K82FtDg+tbcamkSRRac1fReFx1Y4iuv2xosCL1lW3bOJdMa4VG7z0e
3PlyfsNkc8UXhXUlvgHkcswFiNHfnhpE8q/PYLbgGUH9MDOcg2JdLr5fV/67iHTl
Kt2COb8N6HX4MK+SX4Vclbz3e/D5sKIcyEUyxI/TQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:50 2024 by rpki-client on console-fra.rpki-client.org