Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/7vYku9EJinyPMJI4tCGVwkJ2Uxs.roa
File:                     7vYku9EJinyPMJI4tCGVwkJ2Uxs.roa (raw, json)
Hash identifier:          TbV0CCDWaLEyRoF4qw2IsiMazR7ayR6DzFsX93Wpmc0=
Subject key identifier:   EE:F6:24:BB:D1:09:8A:7C:8F:30:92:38:B4:21:95:C2:42:76:53:1B
Certificate issuer:       /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial:       01843C5A85B2DBC5FB94A3900A91E32F6CA1
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/7vYku9EJinyPMJI4tCGVwkJ2Uxs.roa
Signing time:             Thu 03 Nov 2022 07:17:56 +0000
ROA not before:           Thu 03 Nov 2022 07:17:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41933
IP address blocks:        84.17.91.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:3c:5a:85:b2:db:c5:fb:94:a3:90:0a:91:e3:2f:6c:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
        Validity
            Not Before: Nov  3 07:17:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eef624bbd1098a7c8f309238b42195c24276531b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8c:59:9c:0f:11:99:9d:d3:d3:06:4f:e5:12:
                    ce:b6:6c:13:ca:d8:c7:53:9b:c1:4c:6c:68:e8:59:
                    b1:32:db:d7:68:28:25:4f:f8:b9:b8:1c:89:8e:d4:
                    dc:cf:84:7b:06:11:a9:41:97:5c:64:b2:52:5c:ae:
                    65:11:97:72:52:2c:74:79:85:fc:a9:8f:e2:5d:ac:
                    0d:10:3e:dd:18:6c:a3:ec:ab:aa:d1:ca:8e:08:4c:
                    c0:de:1c:19:71:28:96:d5:4c:44:dc:b9:46:2c:64:
                    1d:86:76:d1:1c:49:a7:f1:5d:60:eb:3b:84:db:ff:
                    d3:5c:ba:2e:19:79:05:87:9a:9c:dd:07:66:eb:ca:
                    a2:5a:81:51:cd:48:f5:12:2e:33:74:48:68:70:3b:
                    5d:e6:40:c7:09:4c:46:ff:74:e1:69:15:c9:58:52:
                    90:b3:f0:28:45:96:82:7f:aa:5c:08:06:10:88:4d:
                    8c:e8:60:c6:e6:59:1d:07:38:f9:00:1a:2b:fe:b7:
                    1d:d9:05:65:54:bb:c6:dd:a7:85:22:f4:00:f1:3b:
                    1f:e6:e0:a7:49:da:b3:57:d5:45:42:19:89:69:b1:
                    93:fb:4f:ad:df:4f:ca:2e:60:e8:26:e0:28:ff:72:
                    78:18:d3:9b:3f:8e:61:3b:48:ef:27:c0:c4:f7:f5:
                    7b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:F6:24:BB:D1:09:8A:7C:8F:30:92:38:B4:21:95:C2:42:76:53:1B
            X509v3 Authority Key Identifier:
                keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/7vYku9EJinyPMJI4tCGVwkJ2Uxs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.17.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:b5:e2:94:e0:f1:81:1b:42:8a:21:ce:58:51:10:bd:51:cc:
         10:fa:17:5c:c8:7d:2b:8e:0a:fd:8c:0d:c5:1b:ba:41:e7:96:
         e8:52:b2:ec:92:6a:e0:1a:7e:90:cf:5d:c0:ed:40:f2:36:b2:
         45:7a:09:ff:2d:39:65:2f:24:42:00:c6:f5:cf:63:91:60:0d:
         aa:81:94:2b:7f:0a:a0:23:f6:d7:ae:f5:31:d8:1b:71:75:36:
         08:76:bd:d0:f3:08:7d:0d:67:80:92:2d:2b:45:e1:86:ba:a2:
         ef:3e:2f:68:21:43:d4:22:19:19:e4:e0:d6:2a:8e:8f:ba:d0:
         b6:8c:d6:67:37:c5:62:4c:4d:80:53:d6:bf:87:7f:56:fa:35:
         39:90:05:38:a9:b4:07:18:c1:b9:ec:95:a6:ce:f2:cf:cf:8f:
         31:a2:59:96:bf:b7:32:b6:d1:f9:98:36:ce:c5:ea:f1:79:b0:
         a5:c6:a3:04:d5:16:b5:68:e3:86:6d:4e:4d:b4:46:58:93:71:
         9e:22:af:55:bd:67:64:7b:d2:2d:be:ee:76:41:d5:6d:25:87:
         a0:5c:c1:60:d4:b1:af:ed:f6:18:ba:e9:d8:c1:19:f9:8f:a7:
         4c:35:93:ef:3a:9c:cd:73:01:3d:97:e0:90:ef:16:81:6b:61:
         30:25:a3:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ8WoWy28X7lKOQCpHjL2yhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjIxMTAzMDcxNzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWY2MjRiYmQxMDk4YTdjOGYzMDkyMzhiNDIxOTVjMjQyNzY1MzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloxZnA8RmZ3T0wZP5RLOtmwTytjH
U5vBTGxo6FmxMtvXaCglT/i5uByJjtTcz4R7BhGpQZdcZLJSXK5lEZdyUix0eYX8
qY/iXawNED7dGGyj7Kuq0cqOCEzA3hwZcSiW1UxE3LlGLGQdhnbRHEmn8V1g6zuE
2//TXLouGXkFh5qc3Qdm68qiWoFRzUj1Ei4zdEhocDtd5kDHCUxG/3ThaRXJWFKQ
s/AoRZaCf6pcCAYQiE2M6GDG5lkdBzj5ABor/rcd2QVlVLvG3aeFIvQA8Tsf5uCn
SdqzV9VFQhmJabGT+0+t30/KLmDoJuAo/3J4GNObP45hO0jvJ8DE9/V7pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO72JLvRCYp8jzCSOLQhlcJCdlMbMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvN3ZZa3U5RUppbnlQTUpJNHRDR1Z3a0oyVXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVBFbMA0G
CSqGSIb3DQEBCwUAA4IBAQByteKU4PGBG0KKIc5YURC9UcwQ+hdcyH0rjgr9jA3F
G7pB55boUrLskmrgGn6Qz13A7UDyNrJFegn/LTllLyRCAMb1z2ORYA2qgZQrfwqg
I/bXrvUx2BtxdTYIdr3Q8wh9DWeAki0rReGGuqLvPi9oIUPUIhkZ5ODWKo6PutC2
jNZnN8ViTE2AU9a/h39W+jU5kAU4qbQHGMG57JWmzvLPz48xolmWv7cyttH5mDbO
xerxebClxqME1Ra1aOOGbU5NtEZYk3GeIq9VvWdke9Itvu52QdVtJYegXMFg1LGv
7fYYuunYwRn5j6dMNZPvOpzNcwE9l+CQ7xaBa2EwJaOp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:58 2024 by rpki-client on console-fra.rpki-client.org