Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/HJe3vgaoG1HqhSm6Wdhsjf0xmcM.roa
File:                     HJe3vgaoG1HqhSm6Wdhsjf0xmcM.roa (raw, json)
Hash identifier:          Hc92ER5TOo4r1sMKlAihCn25p4Aywqfu3o2xp4fqzWE=
Subject key identifier:   1C:97:B7:BE:06:A8:1B:51:EA:85:29:BA:59:D8:6C:8D:FD:31:99:C3
Certificate issuer:       /CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Certificate serial:       044DEFD6
Authority key identifier: 6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/HJe3vgaoG1HqhSm6Wdhsjf0xmcM.roa
Signing time:             Thu 14 Apr 2022 12:55:28 +0000
ROA not before:           Thu 14 Apr 2022 12:55:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212298
IP address blocks:        91.235.2.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 72216534 (0x44defd6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
        Validity
            Not Before: Apr 14 12:55:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1c97b7be06a81b51ea8529ba59d86c8dfd3199c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:7b:b3:5a:78:85:41:13:d8:1c:70:db:8e:10:
                    74:27:33:6b:ec:aa:38:03:7c:39:67:bf:85:e6:a9:
                    45:92:5a:60:5c:7a:bb:ac:74:b7:90:bc:ce:5d:e0:
                    b9:f1:e9:dd:ce:54:ce:0d:ec:d3:ba:92:df:c0:0c:
                    d7:2d:ea:80:04:78:0d:1e:43:d2:5e:98:1b:a4:4a:
                    63:55:9e:ca:a3:5a:30:88:36:49:85:d1:ac:b4:95:
                    69:50:43:d0:d3:0e:e2:06:7b:5a:43:ae:7a:91:50:
                    1b:ae:fb:0d:2b:b2:f2:0a:ae:17:c1:fa:11:fc:dc:
                    f2:32:35:47:4d:02:4e:f0:c8:c9:fe:4d:f8:f2:b7:
                    e2:19:bf:72:0f:b1:72:14:ea:f5:c8:78:1b:d8:b9:
                    96:1a:cb:84:8f:84:24:21:98:c2:25:f6:81:37:14:
                    72:10:d7:ab:2c:47:ab:b2:fb:24:4b:6a:69:ea:0a:
                    f6:78:34:d4:bb:72:c1:19:a7:64:d2:29:5d:f7:69:
                    d2:ac:96:b9:f3:38:e2:0e:9b:fb:a1:75:4d:1d:4d:
                    3a:a8:88:72:1b:74:ad:8d:9a:7e:88:0f:28:77:11:
                    0d:25:b4:d4:60:c9:e6:12:e8:3b:65:97:e1:be:f9:
                    a9:2f:1d:37:5d:98:12:68:7c:20:86:3f:ef:2e:e8:
                    30:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:97:B7:BE:06:A8:1B:51:EA:85:29:BA:59:D8:6C:8D:FD:31:99:C3
            X509v3 Authority Key Identifier:
                keyid:6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/HJe3vgaoG1HqhSm6Wdhsjf0xmcM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.235.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:a2:b9:f8:8d:47:9b:d5:12:6f:16:1c:8f:85:b5:2b:c5:1b:
         00:b7:00:37:db:1f:5f:7a:a4:12:5c:23:e3:93:7f:bd:29:15:
         eb:f3:9c:2d:60:17:35:da:11:87:c7:4b:6a:9c:0c:41:cd:0a:
         12:c0:b6:6d:c1:ef:b6:8d:fc:ee:59:15:d7:70:12:8e:90:ef:
         20:b1:ab:3a:b8:ef:7e:be:fc:88:f2:74:80:35:4f:0a:7a:f0:
         91:f8:f7:a0:c9:11:d8:7d:33:11:6b:b8:67:1e:8a:c6:61:e2:
         0d:ec:46:6e:1f:aa:15:4c:55:22:c5:1c:43:11:50:00:1a:cc:
         b8:cc:e9:1e:12:d8:65:4a:d7:7d:60:56:a0:68:46:85:f1:f7:
         f9:87:b2:91:ba:bc:21:2b:34:bc:cc:83:d6:9c:f8:95:b0:ea:
         e9:64:da:64:6a:d1:13:4b:f2:fc:3a:45:3c:93:3c:b7:50:9f:
         a7:52:bb:97:4e:f6:2a:d9:48:4d:2f:b6:28:76:1b:a6:fc:cf:
         4b:6f:98:31:32:ef:22:c4:b4:c4:f5:d5:99:3e:03:71:6d:2b:
         b6:91:b5:57:9d:77:f3:7f:39:61:a2:13:8d:7d:fd:dd:bc:20:
         b2:e3:bf:d9:d1:88:c8:de:6b:28:be:a9:e8:cd:9a:56:b9:af:
         0d:42:c7:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBE3v1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2Q5OGMyYzU0YjBjYmVhMTM0ZTI3YTk4MWNmZGRlNzMyMzZlMDU1MB4XDTIyMDQx
NDEyNTUyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM5N2I3YmUwNmE4
MWI1MWVhODUyOWJhNTlkODZjOGRmZDMxOTljMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJ7s1p4hUET2Bxw244QdCcza+yqOAN8OWe/heapRZJaYFx6
u6x0t5C8zl3gufHp3c5Uzg3s07qS38AM1y3qgAR4DR5D0l6YG6RKY1WeyqNaMIg2
SYXRrLSVaVBD0NMO4gZ7WkOuepFQG677DSuy8gquF8H6Efzc8jI1R00CTvDIyf5N
+PK34hm/cg+xchTq9ch4G9i5lhrLhI+EJCGYwiX2gTcUchDXqyxHq7L7JEtqaeoK
9ng01LtywRmnZNIpXfdp0qyWufM44g6b+6F1TR1NOqiIcht0rY2afogPKHcRDSW0
1GDJ5hLoO2WX4b75qS8dN12YEmh8IIY/7y7oMBUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQcl7e+BqgbUeqFKbpZ2GyN/TGZwzAfBgNVHSMEGDAWgBRs2YwsVLDL6hNO
J6mBz93nMjbgVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JObU1MRlN3eS1vVFRpZXBnY19kNXpJMjRGVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvMDE2MzhjLTZjYjktNDU4OS05MDliLWQzN2RmNjM0YTkyOS8x
L0hKZTN2Z2FvRzFIcWhTbTZXZGhzamYweG1jTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
MDE2MzhjLTZjYjktNDU4OS05MDliLWQzN2RmNjM0YTkyOS8xL2JObU1MRlN3eS1v
VFRpZXBnY19kNXpJMjRGVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvrAjANBgkqhkiG9w0BAQsFAAOC
AQEAPqK5+I1Hm9USbxYcj4W1K8UbALcAN9sfX3qkElwj45N/vSkV6/OcLWAXNdoR
h8dLapwMQc0KEsC2bcHvto387lkV13ASjpDvILGrOrjvfr78iPJ0gDVPCnrwkfj3
oMkR2H0zEWu4Zx6KxmHiDexGbh+qFUxVIsUcQxFQABrMuMzpHhLYZUrXfWBWoGhG
hfH3+Yeykbq8ISs0vMyD1pz4lbDq6WTaZGrRE0vy/DpFPJM8t1Cfp1K7l072KtlI
TS+2KHYbpvzPS2+YMTLvIsS0xPXVmT4DcW0rtpG1V5138385YaITjX393bwgsuO/
2dGIyN5rKL6p6M2aVrmvDULH2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:56 2024 by rpki-client on console-fra.rpki-client.org