Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/0e5711-2fd4-40ca-9136-6f4e6585b54b/1/tDRc1Pm0CTPiCrOUcBdNuprLgmE.roa
File:                     tDRc1Pm0CTPiCrOUcBdNuprLgmE.roa (raw, json)
Hash identifier:          Hd+9SBXsDnZxFnHJOKIyhLkfw1RKEETIUmH/sZBGvV0=
Subject key identifier:   B4:34:5C:D4:F9:B4:09:33:E2:0A:B3:94:70:17:4D:BA:9A:CB:82:61
Certificate issuer:       /CN=110e56177308c20c42fbf42f310f4c0ef6b27890
Certificate serial:       04F9D2CA
Authority key identifier: 11:0E:56:17:73:08:C2:0C:42:FB:F4:2F:31:0F:4C:0E:F6:B2:78:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EQ5WF3MIwgxC-_QvMQ9MDvayeJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/0e5711-2fd4-40ca-9136-6f4e6585b54b/1/tDRc1Pm0CTPiCrOUcBdNuprLgmE.roa
Signing time:             Sat 01 Jan 2022 05:55:52 +0000
ROA not before:           Sat 01 Jan 2022 05:55:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        91.206.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83481290 (0x4f9d2ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=110e56177308c20c42fbf42f310f4c0ef6b27890
        Validity
            Not Before: Jan  1 05:55:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b4345cd4f9b40933e20ab39470174dba9acb8261
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:be:ce:9b:7c:21:0d:bf:9e:8a:e1:3d:38:31:
                    e5:b1:34:0f:05:64:f6:c6:1c:a4:cd:27:c7:89:92:
                    d0:3f:cc:23:7f:2f:1d:a9:ad:8a:f1:ac:4c:df:19:
                    c6:4e:7b:66:5d:44:66:61:a2:49:2c:2e:89:83:a7:
                    82:3a:ec:64:aa:fc:a2:d0:cc:ca:1a:ce:56:e1:04:
                    e2:37:54:97:6b:74:56:74:16:33:1e:aa:2f:b4:f9:
                    a5:6b:03:1c:92:d3:97:3b:19:18:d9:b1:b4:94:c4:
                    06:19:d5:fd:80:00:9d:0f:28:44:27:59:f2:d3:41:
                    72:64:4b:9e:12:fa:4a:41:47:46:03:37:b6:78:6f:
                    36:d3:8b:71:99:ea:85:c1:0d:a1:e8:dd:89:0b:50:
                    c8:7b:63:44:fb:f5:34:7a:e2:86:99:08:f1:61:c3:
                    02:e8:b1:51:86:7e:ac:db:e6:e7:3b:17:3d:59:15:
                    a7:d0:a3:90:8a:90:b0:2b:c3:e4:1d:fb:65:9d:ab:
                    a5:4e:30:b9:6c:1f:f8:ae:47:d9:08:b8:26:ff:5b:
                    2b:5a:d5:62:a9:b7:b2:3f:a7:dc:6c:8d:cd:f7:91:
                    a1:39:cd:7b:a7:b9:b6:2e:a6:16:39:21:68:e0:8f:
                    fb:2d:ed:26:b0:87:70:f2:e1:72:bc:0e:d2:1e:b8:
                    5a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:34:5C:D4:F9:B4:09:33:E2:0A:B3:94:70:17:4D:BA:9A:CB:82:61
            X509v3 Authority Key Identifier:
                keyid:11:0E:56:17:73:08:C2:0C:42:FB:F4:2F:31:0F:4C:0E:F6:B2:78:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EQ5WF3MIwgxC-_QvMQ9MDvayeJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0e5711-2fd4-40ca-9136-6f4e6585b54b/1/tDRc1Pm0CTPiCrOUcBdNuprLgmE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0e5711-2fd4-40ca-9136-6f4e6585b54b/1/EQ5WF3MIwgxC-_QvMQ9MDvayeJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:a4:bf:82:2d:c9:d2:0e:d2:9a:42:b5:65:32:4a:aa:4b:98:
         8b:42:3a:3c:27:9a:9f:dc:8a:12:85:66:29:d8:2c:3c:9b:d2:
         6b:72:96:5f:bc:02:a5:52:fe:db:eb:fd:16:80:4f:78:db:65:
         df:97:78:29:35:7b:75:50:2e:f5:2a:7d:69:e0:63:56:3f:e5:
         e9:45:14:95:cd:3b:3d:a5:f9:1c:6b:d7:23:4e:9b:4c:7a:57:
         2d:02:a6:e9:1f:dc:0e:36:bb:0b:f1:6d:08:c3:ad:79:e6:c0:
         9d:05:12:48:5b:69:44:3a:73:f3:15:cf:01:76:b7:f8:35:04:
         87:5e:e2:e5:51:e6:7a:18:10:e3:e7:ea:1a:ea:21:19:02:6c:
         0d:2e:64:6e:fd:29:81:26:d6:ac:b1:72:3d:a8:fd:df:77:a8:
         02:fb:e6:f5:61:32:d2:1e:ef:3c:eb:e6:45:5a:bd:ee:df:68:
         8c:97:5c:2d:29:01:b6:be:65:cf:20:6f:47:09:af:1c:a0:53:
         5b:c9:7d:4d:3e:a8:a0:4b:23:26:53:d6:79:e9:94:ad:cf:c8:
         9c:97:77:54:f3:82:e7:8b:0b:7b:a9:23:d7:e9:af:a4:cf:41:
         25:96:e8:30:aa:e5:24:d8:db:14:b6:97:da:54:ae:1a:67:ef:
         38:06:fb:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBPnSyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTBlNTYxNzczMDhjMjBjNDJmYmY0MmYzMTBmNGMwZWY2YjI3ODkwMB4XDTIyMDEw
MTA1NTU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQzNDVjZDRmOWI0
MDkzM2UyMGFiMzk0NzAxNzRkYmE5YWNiODI2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKm+zpt8IQ2/norhPTgx5bE0DwVk9sYcpM0nx4mS0D/MI38v
HamtivGsTN8Zxk57Zl1EZmGiSSwuiYOngjrsZKr8otDMyhrOVuEE4jdUl2t0VnQW
Mx6qL7T5pWsDHJLTlzsZGNmxtJTEBhnV/YAAnQ8oRCdZ8tNBcmRLnhL6SkFHRgM3
tnhvNtOLcZnqhcENoejdiQtQyHtjRPv1NHrihpkI8WHDAuixUYZ+rNvm5zsXPVkV
p9CjkIqQsCvD5B37ZZ2rpU4wuWwf+K5H2Qi4Jv9bK1rVYqm3sj+n3GyNzfeRoTnN
e6e5ti6mFjkhaOCP+y3tJrCHcPLhcrwO0h64Wk8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS0NFzU+bQJM+IKs5RwF026msuCYTAfBgNVHSMEGDAWgBQRDlYXcwjCDEL7
9C8xD0wO9rJ4kDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VRNVdGM01Jd2d4Qy1fUXZNUTlNRHZheWVKQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvMGU1NzExLTJmZDQtNDBjYS05MTM2LTZmNGU2NTg1YjU0Yi8x
L3REUmMxUG0wQ1RQaUNyT1VjQmROdXByTGdtRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
MGU1NzExLTJmZDQtNDBjYS05MTM2LTZmNGU2NTg1YjU0Yi8xL0VRNVdGM01Jd2d4
Qy1fUXZNUTlNRHZheWVKQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvOMDANBgkqhkiG9w0BAQsFAAOC
AQEATaS/gi3J0g7SmkK1ZTJKqkuYi0I6PCean9yKEoVmKdgsPJvSa3KWX7wCpVL+
2+v9FoBPeNtl35d4KTV7dVAu9Sp9aeBjVj/l6UUUlc07PaX5HGvXI06bTHpXLQKm
6R/cDja7C/FtCMOteebAnQUSSFtpRDpz8xXPAXa3+DUEh17i5VHmehgQ4+fqGuoh
GQJsDS5kbv0pgSbWrLFyPaj933eoAvvm9WEy0h7vPOvmRVq97t9ojJdcLSkBtr5l
zyBvRwmvHKBTW8l9TT6ooEsjJlPWeemUrc/InJd3VPOC54sLe6kj1+mvpM9BJZbo
MKrlJNjbFLaX2lSuGmfvOAb7Bw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:59 2023 by rpki-client on console-ams.rpki-client.org