Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/rI1ZZo6XFvFGYId0RKB4LuRLioM.roa
File:                     rI1ZZo6XFvFGYId0RKB4LuRLioM.roa (raw, json)
Hash identifier:          tz1c6JQPq7hrule3lcW4TY+gdl0lWU7JWQIJXOtz9JM=
Subject key identifier:   AC:8D:59:66:8E:97:16:F1:46:60:87:74:44:A0:78:2E:E4:4B:8A:83
Certificate issuer:       /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial:       0833F0D5
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/rI1ZZo6XFvFGYId0RKB4LuRLioM.roa
Signing time:             Fri 01 Jul 2022 03:35:02 +0000
ROA not before:           Fri 01 Jul 2022 03:35:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56690
IP address blocks:        91.203.232.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137621717 (0x833f0d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
        Validity
            Not Before: Jul  1 03:35:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ac8d59668e9716f14660877444a0782ee44b8a83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:e1:72:0d:1a:26:8d:db:43:d7:52:f4:22:74:
                    2e:47:9e:6b:91:4b:59:c2:1a:87:e4:22:ad:f3:e0:
                    0a:3f:a9:de:38:e8:4a:3c:d8:86:1b:af:f2:de:5c:
                    5b:fc:5e:da:5e:b7:05:c4:77:f4:61:8e:db:e8:ce:
                    ce:04:f8:e6:e4:10:85:66:ce:f3:56:cc:34:1f:9f:
                    d4:77:27:71:be:6e:f1:7b:f9:f9:a8:52:48:67:e3:
                    c3:9f:0d:d0:2f:87:e0:6e:64:ad:77:e0:1c:9c:a6:
                    48:0e:19:6e:02:cc:6c:67:5b:b1:a6:ca:c4:ca:9b:
                    d3:66:be:a5:a9:92:95:86:7a:56:6e:75:2e:91:ae:
                    82:a7:47:54:0b:b1:15:cf:da:63:e4:92:6b:5c:15:
                    83:7d:09:b0:9f:53:59:0f:1e:66:14:82:e2:ee:b2:
                    4f:93:e8:35:52:2a:ef:a8:96:f7:d6:fb:33:8a:c4:
                    88:b8:75:8a:81:fa:85:7a:99:21:48:06:f4:f3:4f:
                    0c:b5:d8:25:db:76:41:e1:cd:96:8d:a8:ea:f8:d7:
                    b3:85:42:4b:7e:8e:1d:cc:bf:04:d1:d6:1f:25:6a:
                    40:8e:a0:ab:11:f7:79:22:d9:64:f4:9e:08:7f:27:
                    f6:ab:86:2d:35:be:c4:77:44:f4:c6:eb:da:19:6c:
                    9b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:8D:59:66:8E:97:16:F1:46:60:87:74:44:A0:78:2E:E4:4B:8A:83
            X509v3 Authority Key Identifier:
                keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/rI1ZZo6XFvFGYId0RKB4LuRLioM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.203.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         11:77:ef:07:94:57:59:8c:88:20:ee:f6:05:50:1c:e9:7f:29:
         18:22:a2:6d:7b:a5:69:fc:3c:6d:50:7d:2c:4b:b3:cf:d5:d8:
         1c:e8:04:4d:31:01:67:bc:bd:6f:98:b2:76:fe:dc:2d:a6:10:
         c6:72:cc:51:3a:9b:a2:61:e6:c3:4f:98:d0:14:29:fc:4c:ad:
         00:90:74:c1:f0:a4:6b:46:8e:59:e0:43:7e:fc:1d:a1:94:0b:
         23:b3:56:2e:6c:4e:93:a6:76:ec:4f:38:6a:b8:56:97:ce:2b:
         99:95:32:bf:04:21:a1:2c:4e:ff:da:68:b0:a5:eb:35:f9:48:
         dd:4f:a0:9f:7a:0d:be:3d:51:a8:df:9d:6b:dc:fd:d4:d5:a4:
         a5:40:74:b1:b3:d1:fb:90:38:52:34:d7:9b:db:6a:b1:1b:cb:
         d9:df:33:49:b1:70:6a:e1:3e:7e:a1:07:d0:a9:71:6e:55:ea:
         31:8f:2c:48:a5:6a:e8:90:12:85:78:90:8d:84:ed:32:4b:5d:
         3a:0d:00:41:b8:10:e1:c3:e0:d7:49:fa:8f:26:12:f8:71:df:
         a5:38:5c:5f:d8:8b:3b:a1:fa:87:d5:59:34:8b:45:83:07:09:
         62:3d:23:10:8b:55:73:eb:97:24:13:49:8d:4d:75:dc:1f:30:
         cb:fe:24:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECDPw1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Nzk1NWIxYWExYzAyODRkMjg0M2I5NmYyNmM1ZmU3NTFlNjY5NDZmMB4XDTIyMDcw
MTAzMzUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM4ZDU5NjY4ZTk3
MTZmMTQ2NjA4Nzc0NDRhMDc4MmVlNDRiOGE4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI3hcg0aJo3bQ9dS9CJ0Lkeea5FLWcIah+QirfPgCj+p3jjo
SjzYhhuv8t5cW/xe2l63BcR39GGO2+jOzgT45uQQhWbO81bMNB+f1Hcncb5u8Xv5
+ahSSGfjw58N0C+H4G5krXfgHJymSA4ZbgLMbGdbsabKxMqb02a+pamSlYZ6Vm51
LpGugqdHVAuxFc/aY+SSa1wVg30JsJ9TWQ8eZhSC4u6yT5PoNVIq76iW99b7M4rE
iLh1ioH6hXqZIUgG9PNPDLXYJdt2QeHNlo2o6vjXs4VCS36OHcy/BNHWHyVqQI6g
qxH3eSLZZPSeCH8n9quGLTW+xHdE9Mbr2hlsm50CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSsjVlmjpcW8UZgh3REoHgu5EuKgzAfBgNVHSMEGDAWgBRnlVsaocAoTShD
uW8mxf51HmaUbzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1VmJHcUhBS0Uwb1E3bHZKc1gtZFI1bWxHOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNjMxOTI1LTZiMGUtNGVhNS05MWQ3LTA4YWQ5NDEwMWQ3ZS8x
L3JJMVpabzZYRnZGR1lJZDBSS0I0THVSTGlvTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NjMxOTI1LTZiMGUtNGVhNS05MWQ3LTA4YWQ5NDEwMWQ3ZS8xL1o1VmJHcUhBS0Uw
b1E3bHZKc1gtZFI1bWxHOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvL6DANBgkqhkiG9w0BAQsFAAOC
AQEAEXfvB5RXWYyIIO72BVAc6X8pGCKibXulafw8bVB9LEuzz9XYHOgETTEBZ7y9
b5iydv7cLaYQxnLMUTqbomHmw0+Y0BQp/EytAJB0wfCka0aOWeBDfvwdoZQLI7NW
LmxOk6Z27E84arhWl84rmZUyvwQhoSxO/9posKXrNflI3U+gn3oNvj1RqN+da9z9
1NWkpUB0sbPR+5A4UjTXm9tqsRvL2d8zSbFwauE+fqEH0KlxblXqMY8sSKVq6JAS
hXiQjYTtMktdOg0AQbgQ4cPg10n6jyYS+HHfpThcX9iLO6H6h9VZNItFgwcJYj0j
EItVc+uXJBNJjU113B8wy/4kaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:27 2024 by rpki-client on console-fra.rpki-client.org