Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/af282b-f597-407a-bef5-132f99cfaa53/1/RgQXcB7-TJH7wFOi8_PF0Q7ZxIs.roa
File:                     RgQXcB7-TJH7wFOi8_PF0Q7ZxIs.roa (raw, json)
Hash identifier:          R4OLZXztAyND0fxH/kJXlwgpvKpz6P/b3G3/6I3v2jc=
Subject key identifier:   46:04:17:70:1E:FE:4C:91:FB:C0:53:A2:F3:F3:C5:D1:0E:D9:C4:8B
Certificate issuer:       /CN=0ffcfc345a0646a7cf225905477e2183574886e0
Certificate serial:       03DBA3B4
Authority key identifier: 0F:FC:FC:34:5A:06:46:A7:CF:22:59:05:47:7E:21:83:57:48:86:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_z8NFoGRqfPIlkFR34hg1dIhuA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/af282b-f597-407a-bef5-132f99cfaa53/1/RgQXcB7-TJH7wFOi8_PF0Q7ZxIs.roa
Signing time:             Sat 01 Jan 2022 15:58:44 +0000
ROA not before:           Sat 01 Jan 2022 15:58:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25229
IP address blocks:        91.216.106.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64725940 (0x3dba3b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ffcfc345a0646a7cf225905477e2183574886e0
        Validity
            Not Before: Jan  1 15:58:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=460417701efe4c91fbc053a2f3f3c5d10ed9c48b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:92:4d:5d:9e:ac:79:51:d5:8c:5c:d3:8d:63:
                    a5:f1:01:e3:89:ad:4a:ee:56:ce:44:c0:0f:1e:c0:
                    34:56:eb:e0:aa:9f:26:27:6d:c6:d6:95:83:b3:b0:
                    3f:92:62:ec:cc:c8:0a:0c:55:a8:f1:02:37:94:87:
                    1c:1b:b6:da:49:de:f1:6d:c9:95:bf:ff:4d:f4:9a:
                    f3:c5:1c:bc:32:8f:f2:c4:fd:2a:ce:a8:18:46:9a:
                    1b:1a:9b:14:61:56:d2:eb:7f:ee:59:3f:41:ef:a9:
                    35:89:8d:a6:06:b5:bb:93:e5:84:d1:45:60:f3:bc:
                    87:5c:2c:34:d4:a4:3b:eb:47:40:e3:29:42:12:7f:
                    27:6e:91:ed:d2:42:af:cb:6e:c5:5d:e5:58:16:d5:
                    c9:57:b3:a2:1d:12:88:93:18:ec:96:57:0e:03:67:
                    1b:98:60:01:e6:eb:54:3b:d3:91:6d:12:ab:d4:06:
                    fc:97:3f:a4:a1:b6:98:b9:10:cc:3c:8c:3b:55:d7:
                    97:0b:c8:a1:45:db:39:eb:2e:66:0d:b4:4e:a3:b9:
                    ca:45:a7:b6:b5:bc:cd:02:35:72:78:21:d5:a7:c8:
                    2c:a0:90:c4:26:fb:08:ab:72:79:40:c7:05:71:47:
                    65:ba:7c:de:1c:77:7b:0b:ed:80:b3:bf:00:f7:a6:
                    04:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:04:17:70:1E:FE:4C:91:FB:C0:53:A2:F3:F3:C5:D1:0E:D9:C4:8B
            X509v3 Authority Key Identifier:
                keyid:0F:FC:FC:34:5A:06:46:A7:CF:22:59:05:47:7E:21:83:57:48:86:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_z8NFoGRqfPIlkFR34hg1dIhuA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/af282b-f597-407a-bef5-132f99cfaa53/1/RgQXcB7-TJH7wFOi8_PF0Q7ZxIs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/af282b-f597-407a-bef5-132f99cfaa53/1/D_z8NFoGRqfPIlkFR34hg1dIhuA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:fe:65:6e:bb:53:c1:76:e1:1f:30:15:7c:03:05:28:41:23:
         81:9b:02:8f:a1:b7:9e:6c:bd:08:59:c3:9c:46:76:47:a2:57:
         36:eb:23:59:9d:a9:a3:6f:fa:ee:e4:7e:44:d2:ac:a2:51:5c:
         e3:5e:e4:d5:c1:9b:1a:91:fa:b8:ae:0c:76:87:d0:3b:7c:38:
         d1:6b:3f:a4:d5:ef:1a:c8:7c:c4:4a:b9:d8:e9:84:53:ec:f6:
         50:08:c0:fb:bf:1c:d1:b4:26:2d:9c:df:30:cc:f3:e5:6a:80:
         7c:46:1b:f4:ec:f4:a4:6e:05:ef:de:6e:e7:2c:d7:9e:c5:96:
         b1:71:f9:28:35:1d:e3:2b:2d:54:a2:6b:25:8c:fb:71:a8:f8:
         ac:be:33:bd:11:90:6f:46:52:a3:0b:95:7e:f9:f0:cb:87:24:
         c7:05:af:e3:95:71:19:20:36:73:84:3a:f6:c0:c5:f2:fc:1f:
         0a:63:dd:76:e5:01:e5:af:5e:78:f9:2d:f1:92:35:a0:6b:ac:
         94:73:e6:50:cf:e2:ca:6b:af:bf:b5:0c:54:c2:b6:6a:81:d5:
         b1:9b:0f:d3:9a:45:ed:89:0d:10:e6:43:1f:57:b1:3e:f9:86:
         0c:58:6a:1c:19:27:b1:e2:6d:9b:2f:ad:0f:63:12:3e:44:96:
         f2:cc:dc:f7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9ujtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZmZjZmMzNDVhMDY0NmE3Y2YyMjU5MDU0NzdlMjE4MzU3NDg4NmUwMB4XDTIyMDEw
MTE1NTg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDYwNDE3NzAxZWZl
NGM5MWZiYzA1M2EyZjNmM2M1ZDEwZWQ5YzQ4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALaSTV2erHlR1Yxc041jpfEB44mtSu5WzkTADx7ANFbr4Kqf
JidtxtaVg7OwP5Ji7MzICgxVqPECN5SHHBu22kne8W3Jlb//TfSa88UcvDKP8sT9
Ks6oGEaaGxqbFGFW0ut/7lk/Qe+pNYmNpga1u5PlhNFFYPO8h1wsNNSkO+tHQOMp
QhJ/J26R7dJCr8tuxV3lWBbVyVezoh0SiJMY7JZXDgNnG5hgAebrVDvTkW0Sq9QG
/Jc/pKG2mLkQzDyMO1XXlwvIoUXbOesuZg20TqO5ykWntrW8zQI1cngh1afILKCQ
xCb7CKtyeUDHBXFHZbp83hx3ewvtgLO/APemBH0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRGBBdwHv5MkfvAU6Lz88XRDtnEizAfBgNVHSMEGDAWgBQP/Pw0WgZGp88i
WQVHfiGDV0iG4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RfejhORm9HUnFmUElsa0ZSMzRoZzFkSWh1QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvYWYyODJiLWY1OTctNDA3YS1iZWY1LTEzMmY5OWNmYWE1My8x
L1JnUVhjQjctVEpIN3dGT2k4X1BGMFE3WnhJcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
YWYyODJiLWY1OTctNDA3YS1iZWY1LTEzMmY5OWNmYWE1My8xL0RfejhORm9HUnFm
UElsa0ZSMzRoZzFkSWh1QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvYajANBgkqhkiG9w0BAQsFAAOC
AQEASf5lbrtTwXbhHzAVfAMFKEEjgZsCj6G3nmy9CFnDnEZ2R6JXNusjWZ2po2/6
7uR+RNKsolFc417k1cGbGpH6uK4MdofQO3w40Ws/pNXvGsh8xEq52OmEU+z2UAjA
+78c0bQmLZzfMMzz5WqAfEYb9Oz0pG4F795u5yzXnsWWsXH5KDUd4ystVKJrJYz7
caj4rL4zvRGQb0ZSowuVfvnwy4ckxwWv45VxGSA2c4Q69sDF8vwfCmPdduUB5a9e
ePkt8ZI1oGuslHPmUM/iymuvv7UMVMK2aoHVsZsP05pF7YkNEOZDH1exPvmGDFhq
HBknseJtmy+tD2MSPkSW8szc9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:02 2024 by rpki-client on console-ams.rpki-client.org