Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/byYljuj0TE1ncypa5dPQmxx12gw.roa
File:                     byYljuj0TE1ncypa5dPQmxx12gw.roa (raw, json)
Hash identifier:          bZJ5xnf1DL7WWk2jPeCrT/ItlNhWfhS7LB9NFVFIkS0=
Subject key identifier:   6F:26:25:8E:E8:F4:4C:4D:67:73:2A:5A:E5:D3:D0:9B:1C:75:DA:0C
Certificate issuer:       /CN=de87d35bdcab123affc1a91d1736867969709a23
Certificate serial:       9E7F
Authority key identifier: DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/byYljuj0TE1ncypa5dPQmxx12gw.roa
Signing time:             Fri 25 Mar 2022 09:56:38 +0000
ROA not before:           Fri 25 Mar 2022 09:56:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43399
IP address blocks:        91.194.226.0/23 maxlen: 23
                          91.194.226.0/24 maxlen: 24
                          91.194.227.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40575 (0x9e7f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de87d35bdcab123affc1a91d1736867969709a23
        Validity
            Not Before: Mar 25 09:56:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6f26258ee8f44c4d67732a5ae5d3d09b1c75da0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:12:41:41:e5:fb:57:53:cd:ec:b9:7d:e4:c8:
                    ae:0b:4c:26:86:8e:87:a9:64:31:4d:ea:c9:4b:ec:
                    b4:8a:4b:c4:65:bd:60:cc:6d:86:a2:72:61:1e:6b:
                    ec:7d:9a:5f:78:05:f2:59:0a:4f:ab:c2:52:11:5c:
                    c2:7a:96:aa:61:0b:7e:25:64:a0:8e:de:27:72:87:
                    26:72:49:b0:61:0b:57:99:5c:94:23:cf:16:90:6b:
                    b8:7b:f0:2f:44:ac:45:62:a8:35:17:8d:82:c6:74:
                    20:ac:8a:70:43:65:ca:a6:a9:19:8d:31:7f:fa:09:
                    bb:e0:2f:75:e9:ef:fb:fd:71:b7:ff:87:98:c2:d4:
                    ca:ab:c3:23:7e:29:04:d0:3b:e0:4c:81:b1:39:24:
                    e6:94:16:90:15:09:c1:65:f3:4e:2b:70:8f:72:04:
                    92:f0:79:7d:30:b0:96:46:02:92:b3:79:72:65:91:
                    c0:68:51:ef:ae:38:30:b2:16:ca:38:d3:1a:f1:e9:
                    64:d3:a8:4b:15:c8:34:c4:cc:16:53:2c:bc:88:8c:
                    31:6e:7c:4a:da:7d:70:8d:f8:3b:1e:14:7d:89:7d:
                    8f:8f:33:f4:84:3d:04:93:7f:e0:ca:5e:b9:8b:32:
                    00:46:b4:b0:26:6a:08:39:bc:f1:6a:f1:a1:20:86:
                    cc:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:26:25:8E:E8:F4:4C:4D:67:73:2A:5A:E5:D3:D0:9B:1C:75:DA:0C
            X509v3 Authority Key Identifier:
                keyid:DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/byYljuj0TE1ncypa5dPQmxx12gw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.194.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2a:1f:63:68:f8:66:8c:2a:17:5f:6a:e7:be:a2:2f:f7:ea:c3:
         9c:44:99:e1:11:31:d3:5b:41:99:72:a4:ae:c7:2e:b9:1b:4a:
         53:a6:2a:5c:9a:4b:55:33:1f:0a:92:97:58:87:84:16:fb:ee:
         98:a9:03:cd:4e:30:0f:aa:ec:45:06:60:98:1e:85:1e:25:13:
         2c:30:09:13:62:dc:42:c6:a8:76:5e:80:58:43:b7:48:36:d1:
         b8:22:4a:d7:01:16:10:fa:cf:d2:69:20:d5:aa:58:da:6b:42:
         cb:eb:1e:43:79:04:66:e2:c1:a0:dc:1b:36:18:bc:ea:d1:d2:
         e1:b1:3e:f3:0a:78:49:2d:3e:59:63:e8:bc:3f:d6:f3:0d:f8:
         fb:ed:ef:d7:d7:9d:2f:7d:ae:59:8e:6d:37:6a:af:f4:d2:72:
         e6:e8:12:20:71:64:24:8d:ec:48:f9:37:08:5a:4d:0b:fd:c0:
         8e:e0:2d:86:6d:53:70:1e:a6:3e:63:6f:fb:0d:da:3f:54:4b:
         1d:2c:cc:7d:3b:df:c9:a5:3b:0d:b2:50:0a:56:10:23:ae:0d:
         75:a1:ef:5c:e7:f3:2d:91:fe:6d:f8:7b:fa:32:9c:f0:f5:9a:
         07:8d:80:12:f5:a1:30:50:a3:d7:82:bc:d4:51:c0:4f:d0:5d:
         8c:0d:db:d9
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAJ5/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRl
ODdkMzViZGNhYjEyM2FmZmMxYTkxZDE3MzY4Njc5Njk3MDlhMjMwHhcNMjIwMzI1
MDk1NjM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZjI2MjU4ZWU4ZjQ0
YzRkNjc3MzJhNWFlNWQzZDA5YjFjNzVkYTBjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtRJBQeX7V1PN7Ll95MiuC0wmho6HqWQxTerJS+y0ikvEZb1g
zG2GonJhHmvsfZpfeAXyWQpPq8JSEVzCepaqYQt+JWSgjt4ncocmckmwYQtXmVyU
I88WkGu4e/AvRKxFYqg1F42CxnQgrIpwQ2XKpqkZjTF/+gm74C916e/7/XG3/4eY
wtTKq8MjfikE0DvgTIGxOSTmlBaQFQnBZfNOK3CPcgSS8Hl9MLCWRgKSs3lyZZHA
aFHvrjgwshbKONMa8elk06hLFcg0xMwWUyy8iIwxbnxK2n1wjfg7HhR9iX2PjzP0
hD0Ek3/gyl65izIARrSwJmoIObzxavGhIIbMCQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFG8mJY7o9ExNZ3MqWuXT0JscddoMMB8GA1UdIwQYMBaAFN6H01vcqxI6/8Gp
HRc2hnlpcJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
M29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQtYzIyMzkwZThkOWE2LzEv
YnlZbGp1ajBURTFuY3lwYTVkUFFteHgxMmd3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85
MTA3MTYtZjI2Ni00N2YwLTliYWQtYzIyMzkwZThkOWE2LzEvM29mVFc5eXJFanJf
d2FrZEZ6YUdlV2x3bWlNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8LiMA0GCSqGSIb3DQEBCwUAA4IB
AQAqH2No+GaMKhdfaue+oi/36sOcRJnhETHTW0GZcqSuxy65G0pTpipcmktVMx8K
kpdYh4QW++6YqQPNTjAPquxFBmCYHoUeJRMsMAkTYtxCxqh2XoBYQ7dINtG4IkrX
ARYQ+s/SaSDVqljaa0LL6x5DeQRm4sGg3Bs2GLzq0dLhsT7zCnhJLT5ZY+i8P9bz
Dfj77e/X150vfa5Zjm03aq/00nLm6BIgcWQkjexI+TcIWk0L/cCO4C2GbVNwHqY+
Y2/7Ddo/VEsdLMx9O9/JpTsNslAKVhAjrg11oe9c5/Mtkf5t+Hv6Mpzw9ZoHjYAS
9aEwUKPXgrzUUcBP0F2MDdvZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:00 2024 by rpki-client on console-fra.rpki-client.org