Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/sZeK-luX_kYbY3qTRLLLySUXhjE.roa
File:                     sZeK-luX_kYbY3qTRLLLySUXhjE.roa (raw, json)
Hash identifier:          uJOtrtksQbM3wVCyD6SHmuAJVMIOtAlzmoaYd/ezfpc=
Subject key identifier:   B1:97:8A:FA:5B:97:FE:46:1B:63:7A:93:44:B2:CB:C9:25:17:86:31
Certificate issuer:       /CN=67147694fd17eb2d16fed7f735d7a11ddd451963
Certificate serial:       02649680
Authority key identifier: 67:14:76:94:FD:17:EB:2D:16:FE:D7:F7:35:D7:A1:1D:DD:45:19:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZxR2lP0X6y0W_tf3NdehHd1FGWM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/sZeK-luX_kYbY3qTRLLLySUXhjE.roa
Signing time:             Sat 01 Jan 2022 12:02:24 +0000
ROA not before:           Sat 01 Jan 2022 12:02:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57121
IP address blocks:        176.96.160.0/20 maxlen: 32
                          192.109.84.0/23 maxlen: 32
                          192.109.132.0/23 maxlen: 32
                          176.96.144.0/21 maxlen: 32
                          91.230.221.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40146560 (0x2649680)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67147694fd17eb2d16fed7f735d7a11ddd451963
        Validity
            Not Before: Jan  1 12:02:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b1978afa5b97fe461b637a9344b2cbc925178631
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:c3:2b:e0:b4:90:ed:b1:14:2d:cd:11:fd:fa:
                    8c:f7:27:6a:17:1d:e8:8d:3d:8d:c8:ca:c7:62:e2:
                    51:d1:2c:73:a1:6b:54:6b:1e:ab:64:3b:e6:91:e9:
                    a9:76:3b:0b:7c:8f:4b:4e:59:80:79:9d:96:cb:82:
                    66:90:4c:37:7e:63:16:f4:a0:5f:e2:7f:fa:17:6a:
                    08:f5:cf:c8:f9:64:3c:1e:ce:04:2c:98:58:26:ed:
                    f7:8c:19:dc:83:7f:da:55:76:bf:af:fe:3b:17:73:
                    6c:1b:5d:9e:24:9d:74:f2:f1:60:29:4e:a9:6f:2e:
                    8b:ee:09:13:66:e4:a3:9a:16:17:ac:1e:b3:e4:14:
                    04:cb:b1:9d:18:47:21:d1:77:6e:ba:cb:30:ae:56:
                    fd:c6:cb:c8:b5:0d:2b:fa:de:4a:6d:a3:df:fa:9e:
                    b1:bc:ca:d9:36:46:01:6b:c8:ca:a7:da:c2:3a:f8:
                    34:ef:2a:88:55:51:3b:09:67:d5:05:92:60:82:3f:
                    47:c5:c4:c6:e5:2e:b8:65:87:89:1a:50:5e:ac:33:
                    fb:c2:0b:82:d4:b4:c8:dd:2d:c1:b3:6f:ed:f7:82:
                    df:ac:35:da:67:a9:31:a5:3c:40:15:2d:e0:48:d6:
                    98:40:f2:2a:75:35:59:a0:0f:69:cc:66:8d:90:24:
                    fb:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:97:8A:FA:5B:97:FE:46:1B:63:7A:93:44:B2:CB:C9:25:17:86:31
            X509v3 Authority Key Identifier:
                keyid:67:14:76:94:FD:17:EB:2D:16:FE:D7:F7:35:D7:A1:1D:DD:45:19:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZxR2lP0X6y0W_tf3NdehHd1FGWM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/sZeK-luX_kYbY3qTRLLLySUXhjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/de190b-7335-4816-a711-dccad0211327/1/ZxR2lP0X6y0W_tf3NdehHd1FGWM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.230.221.0/24
                  176.96.144.0/21
                  176.96.160.0/20
                  192.109.84.0/23
                  192.109.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a2:46:a2:5f:91:57:3f:1d:46:37:8f:e4:53:5b:bd:5e:2a:f4:
         dc:25:eb:ae:6f:ce:85:76:a8:de:64:94:79:9c:62:0c:9d:ba:
         4d:de:3a:4e:c6:12:50:be:22:d9:ca:51:71:b6:e9:cc:be:57:
         e9:3d:8a:16:dc:92:34:15:9f:7d:6c:dc:f5:a3:91:e8:8d:90:
         02:12:06:1b:65:5e:90:b1:ca:91:75:eb:bd:12:34:8c:ec:91:
         dc:a7:86:41:9f:94:00:f9:6d:d4:ca:2f:79:37:df:d7:e8:e0:
         e1:73:0d:ba:48:fc:9a:a4:65:c8:ae:96:90:a3:8b:75:5b:44:
         55:75:bf:04:ee:ae:82:5e:ca:91:12:a9:a2:e5:b1:0f:3c:dc:
         ed:e0:fd:10:0d:0a:cf:d5:42:a2:d7:d6:2a:e9:52:a7:eb:40:
         37:16:ea:86:d4:00:2d:b2:19:0c:d8:48:5a:b9:dc:ce:6b:d4:
         3c:27:7d:29:43:69:3f:95:db:c9:76:63:23:e2:5c:b8:27:91:
         3f:d4:7d:4a:bc:b5:6a:1e:20:40:73:f9:5f:ff:e3:25:3a:cd:
         f7:30:1d:aa:86:1c:74:b4:f8:b0:5d:8b:3f:68:f8:04:12:5f:
         cb:67:50:d7:ac:7a:5a:17:aa:f0:5e:be:18:47:d3:8d:dd:e9:
         53:52:78:63
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAmSWgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzE0NzY5NGZkMTdlYjJkMTZmZWQ3ZjczNWQ3YTExZGRkNDUxOTYzMB4XDTIyMDEw
MTEyMDIyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjE5NzhhZmE1Yjk3
ZmU0NjFiNjM3YTkzNDRiMmNiYzkyNTE3ODYzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/DK+C0kO2xFC3NEf36jPcnahcd6I09jcjKx2LiUdEsc6Fr
VGseq2Q75pHpqXY7C3yPS05ZgHmdlsuCZpBMN35jFvSgX+J/+hdqCPXPyPlkPB7O
BCyYWCbt94wZ3IN/2lV2v6/+OxdzbBtdniSddPLxYClOqW8ui+4JE2bko5oWF6we
s+QUBMuxnRhHIdF3brrLMK5W/cbLyLUNK/reSm2j3/qesbzK2TZGAWvIyqfawjr4
NO8qiFVROwln1QWSYII/R8XExuUuuGWHiRpQXqwz+8ILgtS0yN0twbNv7feC36w1
2mepMaU8QBUt4EjWmEDyKnU1WaAPacxmjZAk+00CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSxl4r6W5f+RhtjepNEssvJJReGMTAfBgNVHSMEGDAWgBRnFHaU/RfrLRb+
1/c116Ed3UUZYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p4UjJsUDBYNnkwV190ZjNOZGVoSGQxRkdXTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvZGUxOTBiLTczMzUtNDgxNi1hNzExLWRjY2FkMDIxMTMyNy8x
L3NaZUstbHVYX2tZYlkzcVRSTExMeVNVWGhqRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ZGUxOTBiLTczMzUtNDgxNi1hNzExLWRjY2FkMDIxMTMyNy8xL1p4UjJsUDBYNnkw
V190ZjNOZGVoSGQxRkdXTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFvm3QMEA7BgkAMEBLBgoAMEAcBt
VAMEAcBthDANBgkqhkiG9w0BAQsFAAOCAQEAokaiX5FXPx1GN4/kU1u9Xir03CXr
rm/OhXao3mSUeZxiDJ26Td46TsYSUL4i2cpRcbbpzL5X6T2KFtySNBWffWzc9aOR
6I2QAhIGG2VekLHKkXXrvRI0jOyR3KeGQZ+UAPlt1MoveTff1+jg4XMNukj8mqRl
yK6WkKOLdVtEVXW/BO6ugl7KkRKpouWxDzzc7eD9EA0Kz9VCotfWKulSp+tANxbq
htQALbIZDNhIWrnczmvUPCd9KUNpP5XbyXZjI+JcuCeRP9R9Sry1ah4gQHP5X//j
JTrN9zAdqoYcdLT4sF2LP2j4BBJfy2dQ16x6Wheq8F6+GEfTjd3pU1J4Yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:44 2024 by rpki-client on console-ams.rpki-client.org