Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/YsLd2CJPCNvVHu3n1JB5J70aSkA.roa
File:                     YsLd2CJPCNvVHu3n1JB5J70aSkA.roa (raw, json)
Hash identifier:          yOMk1pePx/iKelFXSUVramAzzf19QlPB+ZBvLU/2HiI=
Subject key identifier:   62:C2:DD:D8:22:4F:08:DB:D5:1E:ED:E7:D4:90:79:27:BD:1A:4A:40
Certificate issuer:       /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial:       0183264ED9250C3537781AB0F18C43E8A080
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/YsLd2CJPCNvVHu3n1JB5J70aSkA.roa
Signing time:             Sat 10 Sep 2022 07:30:45 +0000
ROA not before:           Sat 10 Sep 2022 07:30:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44486
IP address blocks:        91.206.208.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:26:4e:d9:25:0c:35:37:78:1a:b0:f1:8c:43:e8:a0:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
        Validity
            Not Before: Sep 10 07:30:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62c2ddd8224f08dbd51eede7d4907927bd1a4a40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:82:84:a8:27:c9:43:ff:08:7a:82:6a:d1:6f:
                    82:87:c9:28:2a:84:3d:8b:9c:f2:46:91:57:c9:f0:
                    38:50:18:bd:93:d2:bf:cf:da:c9:52:7b:a3:3d:c3:
                    c4:98:1c:82:84:bd:44:d0:8a:a1:db:9c:ec:81:45:
                    91:df:52:55:0c:dd:b4:92:3b:3d:5d:3c:72:6c:f7:
                    1c:68:96:86:77:ea:95:75:c5:33:ad:43:33:4f:69:
                    17:7f:8f:e7:fa:f8:03:1e:17:2a:8e:c3:6f:ed:0e:
                    1a:a8:e6:29:cf:85:fc:8c:aa:c3:43:8b:33:ea:ba:
                    3a:09:66:60:6c:9d:bc:ff:91:52:c9:10:1b:cf:23:
                    b3:d5:75:89:63:c1:4b:2f:78:0c:7f:3e:60:08:d6:
                    d4:77:5f:9f:6c:1d:b0:51:5c:c4:ce:9e:8f:73:15:
                    b4:02:1f:94:20:73:56:65:ef:a8:a2:53:d9:71:3d:
                    bc:3d:aa:53:3a:4b:e9:b9:5f:ef:32:d0:a6:70:90:
                    1c:05:0b:10:59:fd:15:81:83:c0:88:92:91:86:54:
                    93:4d:ca:85:9e:3f:09:aa:a3:d0:fb:58:59:20:70:
                    28:ce:ab:80:00:9b:ef:e7:c8:77:dd:3a:36:43:95:
                    5c:b2:f0:0e:52:2c:2e:a9:43:43:e9:2c:bd:a0:59:
                    5f:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:C2:DD:D8:22:4F:08:DB:D5:1E:ED:E7:D4:90:79:27:BD:1A:4A:40
            X509v3 Authority Key Identifier:
                keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/YsLd2CJPCNvVHu3n1JB5J70aSkA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:f4:b9:a0:6d:c4:55:f7:9f:bc:5e:b3:95:e5:3c:37:90:10:
         24:d5:0f:c0:50:36:ed:7b:f7:48:21:eb:b7:2f:f1:2c:76:36:
         18:72:67:04:bd:29:d2:39:2a:e6:c4:1d:80:cf:ab:26:af:86:
         34:a0:e9:16:f9:39:9c:e6:c7:1f:ec:36:1a:eb:8b:03:88:c8:
         23:2b:31:7e:c3:a4:2b:df:07:82:ba:09:04:c9:8c:80:fe:2d:
         b6:b2:7e:c5:0f:7e:d8:51:45:2a:93:99:01:96:67:ef:4e:8e:
         d4:7a:52:22:41:ca:59:c5:62:39:14:59:74:b4:1c:db:ca:03:
         5a:61:21:a3:44:14:cf:c8:9e:63:02:11:39:11:ff:03:07:9b:
         1b:9e:bd:11:f7:07:08:1d:9f:17:88:7e:43:bc:2f:8b:89:8d:
         1c:b2:a0:79:fd:30:c5:76:67:6c:f9:bd:df:5f:f3:47:f7:cd:
         97:49:03:2b:d2:38:ca:26:35:01:1a:32:a0:f1:b6:0f:6e:7b:
         19:6b:6d:95:e7:c2:8d:e8:f4:23:ad:85:27:d6:19:9e:26:a7:
         56:74:4b:87:d0:22:a2:b5:d1:5e:ef:8a:53:c8:8b:34:80:64:
         54:76:97:c1:d1:30:8b:2b:43:12:a8:d8:d4:ba:b5:7a:6d:92:
         ce:42:3e:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMmTtklDDU3eBqw8YxD6KCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjIwOTEwMDczMDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmMyZGRkODIyNGYwOGRiZDUxZWVkZTdkNDkwNzkyN2JkMWE0YTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4KEqCfJQ/8IeoJq0W+Ch8koKoQ9
i5zyRpFXyfA4UBi9k9K/z9rJUnujPcPEmByChL1E0Iqh25zsgUWR31JVDN20kjs9
XTxybPccaJaGd+qVdcUzrUMzT2kXf4/n+vgDHhcqjsNv7Q4aqOYpz4X8jKrDQ4sz
6ro6CWZgbJ28/5FSyRAbzyOz1XWJY8FLL3gMfz5gCNbUd1+fbB2wUVzEzp6PcxW0
Ah+UIHNWZe+oolPZcT28PapTOkvpuV/vMtCmcJAcBQsQWf0VgYPAiJKRhlSTTcqF
nj8JqqPQ+1hZIHAozquAAJvv58h33To2Q5VcsvAOUiwuqUND6Sy9oFlfpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGLC3dgiTwjb1R7t59SQeSe9GkpAMB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvWXNMZDJDSlBDTnZWSHUzbjFKQjVKNzBhU2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW87QMA0G
CSqGSIb3DQEBCwUAA4IBAQC89LmgbcRV95+8XrOV5Tw3kBAk1Q/AUDbte/dIIeu3
L/EsdjYYcmcEvSnSOSrmxB2Az6smr4Y0oOkW+Tmc5scf7DYa64sDiMgjKzF+w6Qr
3weCugkEyYyA/i22sn7FD37YUUUqk5kBlmfvTo7UelIiQcpZxWI5FFl0tBzbygNa
YSGjRBTPyJ5jAhE5Ef8DB5sbnr0R9wcIHZ8XiH5DvC+LiY0csqB5/TDFdmds+b3f
X/NH982XSQMr0jjKJjUBGjKg8bYPbnsZa22V58KN6PQjrYUn1hmeJqdWdEuH0CKi
tdFe74pTyIs0gGRUdpfB0TCLK0MSqNjUurV6bZLOQj6L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:05 2024 by rpki-client on console-fra.rpki-client.org