Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Rb1-OTFpnw5JJ20mLAhdKUdIM38.roa
File:                     Rb1-OTFpnw5JJ20mLAhdKUdIM38.roa (raw, json)
Hash identifier:          Bb7OuIa4BXNEef0CdvSnK55UCMWAIgaaNHUtXa/URN0=
Subject key identifier:   45:BD:7E:39:31:69:9F:0E:49:27:6D:26:2C:08:5D:29:47:48:33:7F
Certificate issuer:       /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial:       018460539E69D1C5A8E637EEE6F38A9AE49B
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Rb1-OTFpnw5JJ20mLAhdKUdIM38.roa
Signing time:             Thu 10 Nov 2022 06:56:43 +0000
ROA not before:           Thu 10 Nov 2022 06:56:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209372
IP address blocks:        91.202.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:60:53:9e:69:d1:c5:a8:e6:37:ee:e6:f3:8a:9a:e4:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
        Validity
            Not Before: Nov 10 06:56:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=45bd7e3931699f0e49276d262c085d294748337f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:8d:f1:1b:7a:61:14:1e:52:fd:36:90:fc:37:
                    d6:9c:d8:91:37:3e:cd:e0:e9:0d:60:57:8d:14:06:
                    8c:cf:70:cf:86:92:1a:a5:d3:dd:17:86:ac:3d:f3:
                    25:97:c5:3b:b7:b0:84:3a:14:00:ea:f0:ff:ff:a3:
                    26:77:f7:83:0b:0e:42:1c:d2:99:30:0f:34:09:cc:
                    b5:ac:40:f0:c7:35:04:67:da:f9:5e:1a:00:31:7d:
                    d5:e6:08:ca:99:82:4f:0d:bb:e2:c4:f4:71:0e:2a:
                    da:0a:94:22:50:56:3f:72:9c:74:5e:6a:df:25:03:
                    5e:54:5b:9f:cf:70:74:8b:ca:dc:e1:10:b2:4d:80:
                    c2:fe:29:6b:30:cd:e9:e9:1c:16:63:c5:22:ac:68:
                    49:47:b8:2d:7c:e1:a5:6f:a4:ec:b0:85:79:d1:43:
                    3b:de:c0:43:ab:11:e9:f8:e7:cb:ea:67:99:a3:e0:
                    3a:c8:54:94:8a:ea:87:c4:25:21:8a:01:9d:eb:cb:
                    73:e8:e7:3d:3e:79:56:24:73:49:37:61:5c:32:b5:
                    cc:35:ab:07:00:b4:a3:3f:7a:12:8a:c8:d4:46:f9:
                    e6:74:bf:83:c7:1d:f9:a7:b6:bc:59:b2:b4:f8:23:
                    40:be:59:c0:6a:54:9d:b3:88:e5:e1:45:de:ec:31:
                    c7:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:BD:7E:39:31:69:9F:0E:49:27:6D:26:2C:08:5D:29:47:48:33:7F
            X509v3 Authority Key Identifier:
                keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Rb1-OTFpnw5JJ20mLAhdKUdIM38.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.202.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:52:bb:ad:04:08:52:f7:89:0a:52:79:c7:67:4b:63:43:cb:
         92:20:26:e2:7b:59:d7:3d:a1:f6:f9:8e:ba:ac:26:3f:a8:ca:
         89:6d:7e:c6:58:61:96:a2:c8:0b:d2:64:75:0a:7f:27:5d:7b:
         58:e1:d8:a5:b0:33:5f:52:17:30:99:a8:58:c5:44:78:f2:d0:
         9f:33:6e:c3:cb:b4:f9:88:03:b2:bf:cc:a2:a9:3e:33:f5:16:
         8e:fb:2a:8d:b0:98:8d:d0:50:17:ad:a0:10:53:bc:57:66:fb:
         80:e6:5d:2b:1d:93:6c:54:d8:9b:46:f7:7f:77:b2:39:e3:5d:
         7e:b0:aa:7d:b9:7f:36:d0:98:9f:cd:51:a0:cf:d2:b8:25:7c:
         fb:ef:db:0f:dc:51:d9:b7:8c:16:32:3e:35:34:c7:ed:c4:69:
         de:c4:d8:99:dc:1d:3b:c4:c6:ba:41:f4:b4:d0:71:28:6b:84:
         9a:74:78:00:22:9d:bc:9c:7f:99:48:85:35:b7:05:12:f6:49:
         38:eb:27:ae:aa:ba:e3:8e:9a:1d:44:30:df:5b:94:87:ce:08:
         1d:73:54:b7:56:ae:54:a8:92:24:50:37:4f:3f:3d:9b:f7:99:
         d2:42:ba:67:79:42:f6:8c:f0:6b:27:ba:5d:a9:09:9f:87:3c:
         47:8c:c0:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRgU55p0cWo5jfu5vOKmuSbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjIxMTEwMDY1NjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWJkN2UzOTMxNjk5ZjBlNDkyNzZkMjYyYzA4NWQyOTQ3NDgzMzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY3xG3phFB5S/TaQ/DfWnNiRNz7N
4OkNYFeNFAaMz3DPhpIapdPdF4asPfMll8U7t7CEOhQA6vD//6Mmd/eDCw5CHNKZ
MA80Ccy1rEDwxzUEZ9r5XhoAMX3V5gjKmYJPDbvixPRxDiraCpQiUFY/cpx0Xmrf
JQNeVFufz3B0i8rc4RCyTYDC/ilrMM3p6RwWY8UirGhJR7gtfOGlb6TssIV50UM7
3sBDqxHp+OfL6meZo+A6yFSUiuqHxCUhigGd68tz6Oc9PnlWJHNJN2FcMrXMNasH
ALSjP3oSisjURvnmdL+Dxx35p7a8WbK0+CNAvlnAalSds4jl4UXe7DHH3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEW9fjkxaZ8OSSdtJiwIXSlHSDN/MB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvUmIxLU9URnBudzVKSjIwbUxBaGRLVWRJTTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8roMA0G
CSqGSIb3DQEBCwUAA4IBAQBxUrutBAhS94kKUnnHZ0tjQ8uSICbie1nXPaH2+Y66
rCY/qMqJbX7GWGGWosgL0mR1Cn8nXXtY4dilsDNfUhcwmahYxUR48tCfM27Dy7T5
iAOyv8yiqT4z9RaO+yqNsJiN0FAXraAQU7xXZvuA5l0rHZNsVNibRvd/d7I5411+
sKp9uX820JifzVGgz9K4JXz779sP3FHZt4wWMj41NMftxGnexNiZ3B07xMa6QfS0
0HEoa4SadHgAIp28nH+ZSIU1twUS9kk46yeuqrrjjpodRDDfW5SHzggdc1S3Vq5U
qJIkUDdPPz2b95nSQrpneUL2jPBrJ7pdqQmfhzxHjMDg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org