Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/4LyztoZU3wHf9QAEeV4S3a_ERgM.roa
File:                     4LyztoZU3wHf9QAEeV4S3a_ERgM.roa (raw, json)
Hash identifier:          jgXeJUsaYkr+8KViwprFnAc3zkCOsOs/v/DKgEksxaE=
Subject key identifier:   E0:BC:B3:B6:86:54:DF:01:DF:F5:00:04:79:5E:12:DD:AF:C4:46:03
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       11C89F67
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/4LyztoZU3wHf9QAEeV4S3a_ERgM.roa
Signing time:             Sat 01 Jan 2022 15:05:42 +0000
ROA not before:           Sat 01 Jan 2022 15:05:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57509
IP address blocks:        91.191.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 298360679 (0x11c89f67)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Jan  1 15:05:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e0bcb3b68654df01dff50004795e12ddafc44603
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:31:e0:00:07:e0:c7:6b:7b:02:6d:69:22:e9:
                    53:51:69:50:d2:84:81:35:e6:8c:30:e7:2b:cb:d7:
                    cb:a4:ce:de:46:cf:3d:21:4a:22:a7:e3:7c:1b:75:
                    7c:e5:d7:13:cd:69:98:36:e3:a2:1e:d2:79:95:fc:
                    ed:4e:a5:72:f9:e0:4f:57:8f:40:f7:cb:62:f5:b5:
                    7f:e0:0f:6a:52:f9:9c:66:d3:fe:0b:b4:04:c3:25:
                    68:00:44:f0:60:cf:63:ec:a2:27:ac:46:b4:82:b5:
                    e7:ac:8c:60:50:46:01:93:fd:13:af:c4:52:06:51:
                    ad:cf:9b:00:25:cf:d6:3a:0d:ed:df:61:c2:23:e8:
                    e2:97:8a:22:16:72:19:15:25:ea:15:7a:ed:48:8c:
                    a6:8b:57:b7:b8:e0:b3:66:a6:5f:70:2e:4c:88:2a:
                    8b:ce:18:44:16:56:40:da:53:b9:3f:3e:b6:27:1d:
                    df:89:9f:bd:d1:5c:9d:35:88:8b:58:fd:37:90:3c:
                    e9:0d:18:c4:17:9d:e7:ee:61:3a:ba:8f:d8:2b:93:
                    ad:34:7f:38:d1:73:10:4c:aa:87:ea:cc:6c:77:76:
                    e4:20:c1:61:69:f5:fb:5a:1b:03:71:a3:89:48:0a:
                    68:83:8e:a8:fb:e3:2e:2e:25:2b:94:dd:0c:dd:b4:
                    8a:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:BC:B3:B6:86:54:DF:01:DF:F5:00:04:79:5E:12:DD:AF:C4:46:03
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/4LyztoZU3wHf9QAEeV4S3a_ERgM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.191.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:e3:07:c5:ac:03:b5:8c:46:3d:46:e9:d8:56:d6:a1:5f:e6:
         fe:e2:26:3f:62:b2:5d:c8:3b:62:da:cc:d8:3a:9d:92:42:46:
         05:1b:bd:e7:a2:ea:bf:68:61:49:29:76:66:bb:19:1d:af:4a:
         ab:2c:5f:df:bc:6e:d8:39:5f:59:6f:53:fb:1d:52:50:31:20:
         a9:ae:1e:2b:ff:4e:f8:17:08:af:ff:11:0b:13:ce:e1:04:6b:
         f2:24:8d:d8:e1:13:2f:7d:02:ca:23:69:00:7f:be:91:26:62:
         ea:be:d8:cc:1e:16:94:dc:94:df:1e:ae:7d:d1:5b:da:5b:b2:
         4b:96:ca:1b:16:b4:2c:78:f6:f4:78:89:a6:6f:40:4f:f3:7b:
         cf:06:ca:84:b4:fb:32:ff:a8:5a:38:dd:bd:c6:1d:7f:f6:b5:
         e4:c6:09:5a:26:79:6d:4b:6f:a7:53:a3:2c:75:02:c1:dd:19:
         d8:21:d7:6f:cd:1a:39:57:42:97:46:aa:31:32:55:38:72:fe:
         9f:12:6b:f3:3c:54:91:e2:83:d6:0f:2c:ef:7e:3d:01:58:3f:
         74:93:af:53:81:e7:19:e1:a6:92:72:93:46:16:49:5a:91:40:
         3b:58:7f:41:44:4f:ea:50:01:e9:85:12:23:ac:40:20:d8:53:
         f9:d5:37:bf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEcifZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MzVlYWM2NGVhNDgwMmU2ODI0Njg2ZjdjMGQyMDFmMmM4NWNiMmFhMB4XDTIyMDEw
MTE1MDU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBiY2IzYjY4NjU0
ZGYwMWRmZjUwMDA0Nzk1ZTEyZGRhZmM0NDYwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUx4AAH4MdrewJtaSLpU1FpUNKEgTXmjDDnK8vXy6TO3kbP
PSFKIqfjfBt1fOXXE81pmDbjoh7SeZX87U6lcvngT1ePQPfLYvW1f+APalL5nGbT
/gu0BMMlaABE8GDPY+yiJ6xGtIK156yMYFBGAZP9E6/EUgZRrc+bACXP1joN7d9h
wiPo4peKIhZyGRUl6hV67UiMpotXt7jgs2amX3AuTIgqi84YRBZWQNpTuT8+ticd
34mfvdFcnTWIi1j9N5A86Q0YxBed5+5hOrqP2CuTrTR/ONFzEEyqh+rMbHd25CDB
YWn1+1obA3GjiUgKaIOOqPvjLi4lK5TdDN20iosCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTgvLO2hlTfAd/1AAR5XhLdr8RGAzAfBgNVHSMEGDAWgBTDXqxk6kgC5oJG
hvfA0gHyyFyyqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3cxNnNaT3BJQXVhQ1JvYjN3TklCOHNoY3Nxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvY2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8x
LzRMeXp0b1pVM3dIZjlRQUVlVjRTM2FfRVJnTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
Y2NkZDhiLTc3MjAtNGRlMC04YzQzLWRhY2I1ZjM1NmVhMy8xL3cxNnNaT3BJQXVh
Q1JvYjN3TklCOHNoY3Nxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFu/0TANBgkqhkiG9w0BAQsFAAOC
AQEAd+MHxawDtYxGPUbp2FbWoV/m/uImP2KyXcg7YtrM2DqdkkJGBRu956Lqv2hh
SSl2ZrsZHa9Kqyxf37xu2DlfWW9T+x1SUDEgqa4eK/9O+BcIr/8RCxPO4QRr8iSN
2OETL30CyiNpAH++kSZi6r7YzB4WlNyU3x6ufdFb2luyS5bKGxa0LHj29HiJpm9A
T/N7zwbKhLT7Mv+oWjjdvcYdf/a15MYJWiZ5bUtvp1OjLHUCwd0Z2CHXb80aOVdC
l0aqMTJVOHL+nxJr8zxUkeKD1g8s7349AVg/dJOvU4HnGeGmknKTRhZJWpFAO1h/
QURP6lAB6YUSI6xAINhT+dU3vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org