Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/ldALfYaHJ-juu18BKrJHgc5ruP4.roa
File:                     ldALfYaHJ-juu18BKrJHgc5ruP4.roa (raw, json)
Hash identifier:          Z8Qxz69IYG6zOo3V17EiuhePvntoTcqI4KZv8DvqGaw=
Subject key identifier:   95:D0:0B:7D:86:87:27:E8:EE:BB:5F:01:2A:B2:47:81:CE:6B:B8:FE
Certificate issuer:       /CN=79cd4bd3c9bfe20dccfe2b19de23095ca2474835
Certificate serial:       01247B
Authority key identifier: 79:CD:4B:D3:C9:BF:E2:0D:CC:FE:2B:19:DE:23:09:5C:A2:47:48:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ec1L08m_4g3M_isZ3iMJXKJHSDU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/ldALfYaHJ-juu18BKrJHgc5ruP4.roa
Signing time:             Thu 28 Apr 2022 07:55:12 +0000
ROA not before:           Thu 28 Apr 2022 07:55:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3303
IP address blocks:        91.198.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74875 (0x1247b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79cd4bd3c9bfe20dccfe2b19de23095ca2474835
        Validity
            Not Before: Apr 28 07:55:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=95d00b7d868727e8eebb5f012ab24781ce6bb8fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:5f:8f:93:13:fc:12:a1:0e:b2:1e:cb:d3:80:
                    ca:1b:fc:72:13:b1:c5:d3:ed:91:5f:5c:87:45:f4:
                    be:d3:ca:f9:f3:d1:75:49:10:88:5f:5f:cf:2c:78:
                    2d:47:b9:fc:45:00:67:7b:42:c3:04:fd:92:23:31:
                    22:cb:8d:a0:99:dd:f4:79:69:7f:fe:bf:e7:11:7c:
                    0a:46:6f:9d:6b:a7:75:83:72:54:29:af:51:83:e8:
                    a9:1f:25:ef:ef:8b:6c:15:a8:55:41:21:8a:37:4f:
                    37:99:09:ca:78:56:21:35:db:d8:bc:3b:9a:e5:9a:
                    7a:d1:11:56:50:6d:61:68:0a:c0:bf:a2:38:bf:ba:
                    e1:e0:6c:14:c5:4e:e0:0d:1e:e5:cf:1f:3f:71:f2:
                    41:11:31:f2:4a:9e:88:cb:25:d8:bf:ef:0b:41:ae:
                    b6:3f:d6:d9:61:c0:f2:02:01:39:37:eb:fa:4f:bf:
                    1a:73:25:9d:7d:8b:e3:88:9d:92:84:61:4a:6d:37:
                    b8:52:9c:78:f7:16:aa:4b:1b:7c:02:4e:ed:bc:5f:
                    38:d2:0f:ca:f0:42:7f:2e:13:78:a9:35:98:2b:f0:
                    16:1e:87:3f:dd:08:d3:40:34:32:7d:5a:19:21:cb:
                    00:d5:50:77:b5:c0:63:d3:26:b8:5f:e5:33:ea:dc:
                    02:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:D0:0B:7D:86:87:27:E8:EE:BB:5F:01:2A:B2:47:81:CE:6B:B8:FE
            X509v3 Authority Key Identifier:
                keyid:79:CD:4B:D3:C9:BF:E2:0D:CC:FE:2B:19:DE:23:09:5C:A2:47:48:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec1L08m_4g3M_isZ3iMJXKJHSDU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/ldALfYaHJ-juu18BKrJHgc5ruP4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/ec1L08m_4g3M_isZ3iMJXKJHSDU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:e8:e6:7d:a5:40:50:64:49:91:a5:2f:e4:29:c8:82:f7:3c:
         2e:7c:c6:40:0c:8b:38:31:09:04:8e:92:b3:ef:25:35:24:96:
         0e:ee:18:3d:df:62:f7:07:9a:c0:8f:08:94:cd:cb:28:3b:f9:
         e8:4e:4f:b4:2c:7a:64:f1:a6:19:c3:9a:76:b2:fc:63:d7:e7:
         65:90:c6:f0:23:30:c3:e1:53:9f:06:2c:90:42:c5:b0:a0:9b:
         77:72:0f:4a:78:8f:3b:ff:1e:a7:88:ab:95:4a:e1:b2:53:ad:
         93:d6:7a:00:18:8c:7f:55:b2:66:2d:bb:cb:65:db:a3:ad:a3:
         dc:a4:d1:f9:99:f5:4b:b9:39:f8:d9:48:0b:66:31:bd:d7:9a:
         46:d1:65:b3:02:f5:88:70:6d:f7:3f:bf:70:8c:35:a5:57:a4:
         b8:1f:da:05:b7:e6:2f:e9:2f:8a:09:8e:0c:99:bb:fa:cf:c3:
         b8:62:a9:d9:73:b4:42:62:30:cc:23:11:aa:a1:43:4a:3c:f5:
         60:6e:4d:d9:96:f4:31:fe:6d:55:d1:61:ac:70:72:3e:5f:66:
         cd:be:cc:1d:24:68:5c:50:1a:55:9e:a8:53:14:48:a9:d8:4a:
         5a:ba:8e:58:f8:df:59:5b:8e:5f:ee:a9:13:c7:9e:76:36:d4:
         7e:a9:6c:00
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDASR7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc5
Y2Q0YmQzYzliZmUyMGRjY2ZlMmIxOWRlMjMwOTVjYTI0NzQ4MzUwHhcNMjIwNDI4
MDc1NTEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NWQwMGI3ZDg2ODcy
N2U4ZWViYjVmMDEyYWIyNDc4MWNlNmJiOGZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq1+PkxP8EqEOsh7L04DKG/xyE7HF0+2RX1yHRfS+08r589F1
SRCIX1/PLHgtR7n8RQBne0LDBP2SIzEiy42gmd30eWl//r/nEXwKRm+da6d1g3JU
Ka9Rg+ipHyXv74tsFahVQSGKN083mQnKeFYhNdvYvDua5Zp60RFWUG1haArAv6I4
v7rh4GwUxU7gDR7lzx8/cfJBETHySp6IyyXYv+8LQa62P9bZYcDyAgE5N+v6T78a
cyWdfYvjiJ2ShGFKbTe4Upx49xaqSxt8Ak7tvF840g/K8EJ/LhN4qTWYK/AWHoc/
3QjTQDQyfVoZIcsA1VB3tcBj0ya4X+Uz6twC+wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJXQC32Ghyfo7rtfASqyR4HOa7j+MB8GA1UdIwQYMBaAFHnNS9PJv+INzP4r
Gd4jCVyiR0g1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZWMxTDA4bV80ZzNNX2lzWjNpTUpYS0pIU0RVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lYS9mZmE5NDktODZjNC00OTg0LTg1NTctMmMyYzVmYmRhMzQxLzEv
bGRBTGZZYUhKLWp1dTE4QktySkhnYzVydVA0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9m
ZmE5NDktODZjNC00OTg0LTg1NTctMmMyYzVmYmRhMzQxLzEvZWMxTDA4bV80ZzNN
X2lzWjNpTUpYS0pIU0RVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZIMA0GCSqGSIb3DQEBCwUAA4IB
AQB96OZ9pUBQZEmRpS/kKciC9zwufMZADIs4MQkEjpKz7yU1JJYO7hg932L3B5rA
jwiUzcsoO/noTk+0LHpk8aYZw5p2svxj1+dlkMbwIzDD4VOfBiyQQsWwoJt3cg9K
eI87/x6niKuVSuGyU62T1noAGIx/VbJmLbvLZdujraPcpNH5mfVLuTn42UgLZjG9
15pG0WWzAvWIcG33P79wjDWlV6S4H9oFt+Yv6S+KCY4Mmbv6z8O4YqnZc7RCYjDM
IxGqoUNKPPVgbk3ZlvQx/m1V0WGscHI+X2bNvswdJGhcUBpVnqhTFEip2Epauo5Y
+N9ZW45f7qkTx552NtR+qWwA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:24 2024 by rpki-client on console-fra.rpki-client.org