Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/1-RplYnF1YFzpenxIpLOD9Dfna5I.roa
File:                     1-RplYnF1YFzpenxIpLOD9Dfna5I.roa (raw, json)
Hash identifier:          qjYc4I8T3ekAe6JlJx+cCz5HiglLwPsT8AR/cgtle74=
Subject key identifier:   F9:1A:65:62:71:75:60:5C:E9:7A:7C:48:A4:B3:83:F4:37:E7:6B:92
Certificate issuer:       /CN=d9c91317283276937d436f4b216dcda3efbe2a88
Certificate serial:       0184C4033B0371C485C91D44A91D1D821BD6
Authority key identifier: D9:C9:13:17:28:32:76:93:7D:43:6F:4B:21:6D:CD:A3:EF:BE:2A:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ckTFygydpN9Q29LIW3No---Kog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/1-RplYnF1YFzpenxIpLOD9Dfna5I.roa
Signing time:             Tue 29 Nov 2022 15:30:56 +0000
ROA not before:           Tue 29 Nov 2022 15:30:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57693
IP address blocks:        91.217.229.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c4:03:3b:03:71:c4:85:c9:1d:44:a9:1d:1d:82:1b:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9c91317283276937d436f4b216dcda3efbe2a88
        Validity
            Not Before: Nov 29 15:30:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f91a65627175605ce97a7c48a4b383f437e76b92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b6:28:a0:10:72:93:2e:23:5c:c5:70:65:04:
                    ff:bd:1a:bd:65:59:ac:55:59:d8:07:a1:60:cc:7c:
                    81:b3:5b:89:a7:62:87:f7:c5:e2:22:a8:06:aa:99:
                    6a:f0:e9:dc:25:88:71:ed:18:5b:1b:aa:95:f2:61:
                    d7:6e:78:ef:bd:e8:e0:df:0d:d4:cd:a1:32:f1:15:
                    c5:0a:da:96:cd:23:68:08:01:37:f3:8d:85:a7:60:
                    c5:47:69:23:f9:59:68:25:5f:86:61:eb:0b:83:1e:
                    d3:c6:2b:d6:ba:d2:d2:34:e5:42:16:5a:1a:fc:db:
                    22:4f:e0:86:0d:da:d6:29:87:48:a5:06:fb:85:d7:
                    dd:21:79:15:22:dd:d2:44:93:33:34:38:ff:cc:82:
                    b4:4f:97:ab:e2:4b:a7:b8:85:87:3b:7b:47:d1:2c:
                    a5:37:d9:3f:69:6f:41:cd:9a:f8:d7:4a:f0:f4:7a:
                    5e:3f:ca:45:a8:51:6a:b8:4a:dd:58:20:dd:e1:ee:
                    30:d2:ca:f3:46:b5:a7:93:db:b6:1e:91:0a:7b:40:
                    b6:89:2b:4e:ae:e9:83:16:81:9c:f3:be:d7:66:7d:
                    4a:0d:61:ea:37:2f:f8:d9:31:85:64:b1:d2:ed:2e:
                    3c:ec:5a:df:c9:c7:33:78:93:7e:29:cb:96:cc:cf:
                    02:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:1A:65:62:71:75:60:5C:E9:7A:7C:48:A4:B3:83:F4:37:E7:6B:92
            X509v3 Authority Key Identifier:
                keyid:D9:C9:13:17:28:32:76:93:7D:43:6F:4B:21:6D:CD:A3:EF:BE:2A:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ckTFygydpN9Q29LIW3No---Kog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/1-RplYnF1YFzpenxIpLOD9Dfna5I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/f636c6-10d2-4f6f-b418-50b9d52361c3/1/2ckTFygydpN9Q29LIW3No---Kog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:0f:97:9c:ae:b8:9b:08:22:41:1d:e2:4a:b9:37:6b:75:05:
         56:0d:9c:94:98:26:11:0e:52:5c:fa:e5:29:80:b8:e7:d8:c1:
         24:66:8a:e7:34:86:71:c7:2a:f5:9a:32:b9:fa:69:4b:79:2d:
         40:f1:d1:58:9d:fc:23:ea:bc:00:a8:d5:03:45:2d:0f:63:90:
         96:d9:18:81:26:95:f7:91:54:5d:dd:0e:a5:0a:5a:3e:96:56:
         6e:96:33:31:64:c8:c5:32:cd:96:d1:45:29:60:84:90:89:6a:
         93:65:a3:e3:f6:ef:d0:45:e6:89:9e:6a:a6:fd:5a:1b:e3:93:
         d8:82:33:03:f3:78:f5:28:78:3f:42:a4:c9:61:5f:f0:98:57:
         ac:1c:ce:80:2d:e7:45:d7:79:9f:f0:d4:7b:44:a5:4f:50:e0:
         e9:75:1b:9e:46:cf:7f:88:31:08:11:12:cf:f8:fe:7a:c5:1b:
         4a:96:ef:9b:0f:dc:9f:7e:5c:d3:5a:2e:00:98:fc:cc:1f:14:
         79:34:cb:b3:0c:8c:c1:91:5e:ec:66:60:2c:b8:9a:86:2b:4d:
         c4:f0:0a:28:d8:d1:4f:43:db:8e:1b:cb:77:52:41:5c:37:ab:
         2a:eb:ad:32:84:f5:7a:85:b2:87:fc:e0:e5:44:6f:06:c7:cb:
         3c:f0:2d:25
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTEAzsDccSFyR1EqR0dghvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YzkxMzE3MjgzMjc2OTM3ZDQzNmY0YjIxNmRjZGEzZWZi
ZTJhODgwHhcNMjIxMTI5MTUzMDU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTFhNjU2MjcxNzU2MDVjZTk3YTdjNDhhNGIzODNmNDM3ZTc2YjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobYooBByky4jXMVwZQT/vRq9ZVms
VVnYB6FgzHyBs1uJp2KH98XiIqgGqplq8OncJYhx7RhbG6qV8mHXbnjvvejg3w3U
zaEy8RXFCtqWzSNoCAE3842Fp2DFR2kj+VloJV+GYesLgx7TxivWutLSNOVCFloa
/NsiT+CGDdrWKYdIpQb7hdfdIXkVIt3SRJMzNDj/zIK0T5er4kunuIWHO3tH0Syl
N9k/aW9BzZr410rw9HpeP8pFqFFquErdWCDd4e4w0srzRrWnk9u2HpEKe0C2iStO
rumDFoGc877XZn1KDWHqNy/42TGFZLHS7S487FrfycczeJN+KcuWzM8CGwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkaZWJxdWBc6Xp8SKSzg/Q352uSMB8GA1UdIwQY
MBaAFNnJExcoMnaTfUNvSyFtzaPvviqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmNrVEZ5Z3lkcE45UTI5TElXM05vLS0tS29nLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mNjM2YzYtMTBkMi00ZjZmLWI0MTgt
NTBiOWQ1MjM2MWMzLzEvMS1ScGxZbkYxWUZ6cGVueElwTE9EOURmbmE1SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDMvZjYzNmM2LTEwZDItNGY2Zi1iNDE4LTUwYjlkNTIzNjFj
My8xLzJja1RGeWd5ZHBOOVEyOUxJVzNOby0tLUtvZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvZ5TAN
BgkqhkiG9w0BAQsFAAOCAQEAmA+XnK64mwgiQR3iSrk3a3UFVg2clJgmEQ5SXPrl
KYC459jBJGaK5zSGcccq9ZoyufppS3ktQPHRWJ38I+q8AKjVA0UtD2OQltkYgSaV
95FUXd0OpQpaPpZWbpYzMWTIxTLNltFFKWCEkIlqk2Wj4/bv0EXmiZ5qpv1aG+OT
2IIzA/N49Sh4P0KkyWFf8JhXrBzOgC3nRdd5n/DUe0SlT1Dg6XUbnkbPf4gxCBES
z/j+esUbSpbvmw/cn35c01ouAJj8zB8UeTTLswyMwZFe7GZgLLiahitNxPAKKNjR
T0PbjhvLd1JBXDerKuutMoT1eoWyh/zg5URvBsfLPPAtJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:14 2024 by rpki-client on console-ams.rpki-client.org