Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0f1695-7ad6-4d24-806d-b5cd13d9184c/1/KZCs3BXcGyWHq6oI1NHGVOO4wlg.roa
File:                     KZCs3BXcGyWHq6oI1NHGVOO4wlg.roa (raw, json)
Hash identifier:          Wxkea7VONa9ZIhUvLnzVibkMlnkfSO5vbKtzwEL+fRM=
Subject key identifier:   29:90:AC:DC:15:DC:1B:25:87:AB:AA:08:D4:D1:C6:54:E3:B8:C2:58
Certificate issuer:       /CN=b9e7f71bcf52ed6d05b7eb3b741ec7906e77dcca
Certificate serial:       08BE359B
Authority key identifier: B9:E7:F7:1B:CF:52:ED:6D:05:B7:EB:3B:74:1E:C7:90:6E:77:DC:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uef3G89S7W0Ft-s7dB7HkG533Mo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/0f1695-7ad6-4d24-806d-b5cd13d9184c/1/KZCs3BXcGyWHq6oI1NHGVOO4wlg.roa
Signing time:             Sat 01 Jan 2022 13:54:58 +0000
ROA not before:           Sat 01 Jan 2022 13:54:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28865
IP address blocks:        91.235.105.0/24 maxlen: 24
                          91.235.104.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 146683291 (0x8be359b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9e7f71bcf52ed6d05b7eb3b741ec7906e77dcca
        Validity
            Not Before: Jan  1 13:54:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2990acdc15dc1b2587abaa08d4d1c654e3b8c258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:cf:5e:c8:14:4a:4d:74:09:3a:e8:15:eb:93:
                    07:33:25:78:59:1a:b2:55:fc:5a:00:65:0a:f5:e5:
                    38:bf:c3:07:78:3e:84:db:3d:92:f3:76:59:6b:26:
                    ae:47:1a:ba:69:f7:da:c9:15:12:1a:61:62:55:2b:
                    23:27:c6:7c:08:97:23:30:5f:ff:4d:69:8e:e1:f6:
                    a8:71:bd:eb:0d:d4:52:bf:f7:f7:67:50:79:0a:53:
                    a5:61:e2:6a:2b:7e:e4:c4:6c:c8:84:81:0e:e9:31:
                    9f:31:b7:a3:bd:3b:b5:32:62:f4:ac:b3:98:aa:89:
                    19:2e:20:81:3a:51:d3:c2:46:17:1d:36:69:d0:f7:
                    a7:ae:8c:55:41:61:35:d2:66:a2:dc:2c:57:3a:94:
                    ae:07:a7:c0:7e:9a:84:38:88:89:6a:54:21:79:b8:
                    23:f2:9b:56:fd:dc:b5:04:97:84:6e:15:70:b5:46:
                    61:a9:4a:bc:95:61:70:99:17:e0:53:ee:a1:a4:02:
                    37:9f:3d:61:95:62:3b:9c:b4:11:fe:90:cb:13:ef:
                    22:d9:c7:c7:7c:e0:49:fa:ab:36:af:82:c4:ec:d3:
                    9f:ba:1a:ca:1e:f0:af:0a:2f:ee:b3:32:bd:c7:56:
                    c1:d2:b5:96:45:e1:f9:06:31:20:b7:57:82:7b:db:
                    57:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:90:AC:DC:15:DC:1B:25:87:AB:AA:08:D4:D1:C6:54:E3:B8:C2:58
            X509v3 Authority Key Identifier:
                keyid:B9:E7:F7:1B:CF:52:ED:6D:05:B7:EB:3B:74:1E:C7:90:6E:77:DC:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uef3G89S7W0Ft-s7dB7HkG533Mo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0f1695-7ad6-4d24-806d-b5cd13d9184c/1/KZCs3BXcGyWHq6oI1NHGVOO4wlg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0f1695-7ad6-4d24-806d-b5cd13d9184c/1/uef3G89S7W0Ft-s7dB7HkG533Mo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.235.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5d:59:a9:0a:1b:1f:ab:a3:97:4c:5a:b4:09:a9:ad:08:de:e4:
         ad:2f:fb:9f:73:d1:18:45:23:2c:96:97:7c:fa:f9:c3:96:56:
         1e:8e:52:24:38:7d:f9:14:d6:5b:33:9c:7e:4e:cc:2c:c6:97:
         c8:70:34:50:52:85:90:c4:d3:6d:80:60:fe:87:77:89:1e:09:
         63:c9:f5:90:ab:5c:8f:55:b7:a1:48:d0:9f:47:37:ba:44:c0:
         83:7a:80:4b:6b:61:5c:33:b8:33:98:1e:3a:9f:22:ae:cd:36:
         e1:39:68:3e:15:64:82:73:a2:ef:bd:d4:e1:14:67:57:cf:50:
         f7:fb:01:a2:fd:2e:16:23:58:f9:df:61:d5:1f:3b:bd:6e:da:
         34:66:33:48:c6:41:f7:0e:dc:48:8e:30:fb:16:bd:f2:84:1f:
         62:83:db:22:11:af:dd:74:e7:c1:05:bd:3d:f6:e4:bb:b1:5f:
         e9:f7:33:52:39:f8:fa:0b:34:e2:eb:1c:b4:21:84:12:56:53:
         06:c6:c1:a5:47:df:02:90:e6:7f:89:3e:9a:cb:94:19:e5:6c:
         d9:5e:69:63:f3:2b:7a:3a:8f:20:ab:b7:eb:88:f4:9a:18:62:
         b9:bf:7e:4f:fa:5d:dc:c9:4f:8c:a2:e1:64:b2:51:93:28:71:
         1e:8d:ad:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECL41mzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWU3ZjcxYmNmNTJlZDZkMDViN2ViM2I3NDFlYzc5MDZlNzdkY2NhMB4XDTIyMDEw
MTEzNTQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk5MGFjZGMxNWRj
MWIyNTg3YWJhYTA4ZDRkMWM2NTRlM2I4YzI1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfPXsgUSk10CTroFeuTBzMleFkaslX8WgBlCvXlOL/DB3g+
hNs9kvN2WWsmrkcaumn32skVEhphYlUrIyfGfAiXIzBf/01pjuH2qHG96w3UUr/3
92dQeQpTpWHiait+5MRsyISBDukxnzG3o707tTJi9KyzmKqJGS4ggTpR08JGFx02
adD3p66MVUFhNdJmotwsVzqUrgenwH6ahDiIiWpUIXm4I/KbVv3ctQSXhG4VcLVG
YalKvJVhcJkX4FPuoaQCN589YZViO5y0Ef6QyxPvItnHx3zgSfqrNq+CxOzTn7oa
yh7wrwov7rMyvcdWwdK1lkXh+QYxILdXgnvbV+sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpkKzcFdwbJYerqgjU0cZU47jCWDAfBgNVHSMEGDAWgBS55/cbz1LtbQW3
6zt0HseQbnfcyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VlZjNHODlTN1cwRnQtczdkQjdIa0c1MzNNby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvMGYxNjk1LTdhZDYtNGQyNC04MDZkLWI1Y2QxM2Q5MTg0Yy8x
L0taQ3MzQlhjR3lXSHE2b0kxTkhHVk9PNHdsZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
MGYxNjk1LTdhZDYtNGQyNC04MDZkLWI1Y2QxM2Q5MTg0Yy8xL3VlZjNHODlTN1cw
RnQtczdkQjdIa0c1MzNNby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvraDANBgkqhkiG9w0BAQsFAAOC
AQEAXVmpChsfq6OXTFq0CamtCN7krS/7n3PRGEUjLJaXfPr5w5ZWHo5SJDh9+RTW
WzOcfk7MLMaXyHA0UFKFkMTTbYBg/od3iR4JY8n1kKtcj1W3oUjQn0c3ukTAg3qA
S2thXDO4M5geOp8irs024TloPhVkgnOi773U4RRnV89Q9/sBov0uFiNY+d9h1R87
vW7aNGYzSMZB9w7cSI4w+xa98oQfYoPbIhGv3XTnwQW9Pfbku7Ff6fczUjn4+gs0
4usctCGEElZTBsbBpUffApDmf4k+msuUGeVs2V5pY/MrejqPIKu364j0mhhiub9+
T/pd3MlPjKLhZLJRkyhxHo2tYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:43 2024 by rpki-client on console-fra.rpki-client.org