Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/a2bf35-54a3-4f78-b720-4a9e29615c05/1/4smAUrm7T27Puoa4CrdyJYGwKpY.roa
File:                     4smAUrm7T27Puoa4CrdyJYGwKpY.roa (raw, json)
Hash identifier:          GyUUX8eZcpw3Mg+XgTVMeOVty8TdgcHscZbx0DO9Suk=
Subject key identifier:   E2:C9:80:52:B9:BB:4F:6E:CF:BA:86:B8:0A:B7:72:25:81:B0:2A:96
Certificate issuer:       /CN=8d3ad2a1d9ab5c9b4fbb4e5e02521ee052b89d5f
Certificate serial:       0B14183D
Authority key identifier: 8D:3A:D2:A1:D9:AB:5C:9B:4F:BB:4E:5E:02:52:1E:E0:52:B8:9D:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jTrSodmrXJtPu05eAlIe4FK4nV8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/a2bf35-54a3-4f78-b720-4a9e29615c05/1/4smAUrm7T27Puoa4CrdyJYGwKpY.roa
Signing time:             Sat 01 Jan 2022 03:56:28 +0000
ROA not before:           Sat 01 Jan 2022 03:56:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199718
IP address blocks:        91.221.50.0/23 maxlen: 23
                          91.221.50.0/24 maxlen: 24
                          91.221.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 185866301 (0xb14183d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d3ad2a1d9ab5c9b4fbb4e5e02521ee052b89d5f
        Validity
            Not Before: Jan  1 03:56:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e2c98052b9bb4f6ecfba86b80ab7722581b02a96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:31:62:bd:02:13:ef:fb:56:ef:c5:58:3d:13:
                    b9:e6:cb:3e:61:b4:65:92:02:6a:0a:55:e7:9d:54:
                    88:b5:2e:28:ab:df:e3:ab:b3:c1:61:99:33:67:b7:
                    58:c8:ab:38:29:7e:6c:69:ef:4c:ff:bb:37:3c:67:
                    24:9b:bf:5b:a0:89:99:67:73:53:38:ec:95:3f:64:
                    7c:27:8c:d4:84:c6:f7:69:45:0f:0d:e9:98:d2:df:
                    aa:0b:d5:e0:eb:e9:f9:62:f9:a8:32:07:af:ac:be:
                    79:ed:dc:9b:f6:3d:8a:5b:d5:0d:64:bc:e1:fc:26:
                    99:54:08:5d:22:95:e1:64:56:ed:03:bd:04:05:8b:
                    20:f7:cb:45:a9:bb:42:bd:9b:88:6e:59:22:c8:c8:
                    8a:b0:d4:7a:2a:92:88:5b:50:ae:a6:f7:44:01:4f:
                    ac:16:67:a6:f3:a0:32:fd:be:53:72:1d:58:de:3e:
                    8d:52:9e:c1:f7:d7:db:84:81:cf:9b:98:12:2c:05:
                    79:84:e0:32:fa:11:b4:8b:f6:e2:02:8c:1c:03:0d:
                    04:0a:f5:1f:5c:e2:d7:4f:f3:6d:b6:44:d3:78:e9:
                    14:ca:d9:88:65:21:aa:f2:0b:e5:b4:67:64:c3:74:
                    38:22:45:83:a0:bf:cb:90:bd:43:6f:05:99:91:cb:
                    fa:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:C9:80:52:B9:BB:4F:6E:CF:BA:86:B8:0A:B7:72:25:81:B0:2A:96
            X509v3 Authority Key Identifier:
                keyid:8D:3A:D2:A1:D9:AB:5C:9B:4F:BB:4E:5E:02:52:1E:E0:52:B8:9D:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jTrSodmrXJtPu05eAlIe4FK4nV8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a2bf35-54a3-4f78-b720-4a9e29615c05/1/4smAUrm7T27Puoa4CrdyJYGwKpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/a2bf35-54a3-4f78-b720-4a9e29615c05/1/jTrSodmrXJtPu05eAlIe4FK4nV8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.221.50.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:e2:83:98:db:15:51:ff:fb:3d:0c:5c:14:0f:f4:05:0a:32:
         f8:64:f5:6d:7c:a3:f8:6f:7a:cd:11:cd:2c:dc:ee:19:8a:db:
         69:d7:6b:1e:78:6b:77:da:fb:01:e1:1f:5b:6e:2a:71:af:48:
         5f:72:f8:37:08:6f:a2:17:97:ea:2f:80:8a:83:20:6a:7b:dd:
         dd:1d:12:db:68:f7:ec:0f:74:b7:95:90:0b:cb:cb:28:9e:f3:
         76:40:a2:bf:2c:45:4d:c3:66:9e:94:ae:05:76:e5:d2:8b:73:
         cf:0b:fe:55:09:d3:26:99:de:8d:fa:1f:d8:c2:29:6a:e7:db:
         42:c6:f1:57:45:23:d8:a4:4b:5c:bb:7c:89:bb:a3:69:33:92:
         49:43:3e:db:1d:71:02:6d:e4:dd:8b:e2:62:f0:7a:85:3d:e2:
         9d:4b:e3:4b:1a:5d:3a:b0:8f:e6:3c:75:f8:44:e1:78:c2:a0:
         43:f0:78:5f:e0:9d:66:37:ed:ee:79:81:3d:a5:5d:ea:c0:8e:
         99:31:98:01:57:41:6c:06:7b:3a:4d:94:7e:76:73:e1:80:45:
         ca:44:c5:d1:95:1d:da:f5:74:13:7d:36:35:6f:5b:24:cd:2d:
         83:22:9b:97:8c:98:ca:76:b1:54:52:3e:bd:fb:57:37:a5:72:
         6d:42:37:af
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECxQYPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDNhZDJhMWQ5YWI1YzliNGZiYjRlNWUwMjUyMWVlMDUyYjg5ZDVmMB4XDTIyMDEw
MTAzNTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJjOTgwNTJiOWJi
NGY2ZWNmYmE4NmI4MGFiNzcyMjU4MWIwMmE5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsxYr0CE+/7Vu/FWD0TuebLPmG0ZZICagpV551UiLUuKKvf
46uzwWGZM2e3WMirOCl+bGnvTP+7NzxnJJu/W6CJmWdzUzjslT9kfCeM1ITG92lF
Dw3pmNLfqgvV4Ovp+WL5qDIHr6y+ee3cm/Y9ilvVDWS84fwmmVQIXSKV4WRW7QO9
BAWLIPfLRam7Qr2biG5ZIsjIirDUeiqSiFtQrqb3RAFPrBZnpvOgMv2+U3IdWN4+
jVKewffX24SBz5uYEiwFeYTgMvoRtIv24gKMHAMNBAr1H1zi10/zbbZE03jpFMrZ
iGUhqvIL5bRnZMN0OCJFg6C/y5C9Q28FmZHL+gECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTiyYBSubtPbs+6hrgKt3IlgbAqljAfBgNVHSMEGDAWgBSNOtKh2atcm0+7
Tl4CUh7gUridXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pUclNvZG1yWEp0UHUwNWVBbEllNEZLNG5WOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvYTJiZjM1LTU0YTMtNGY3OC1iNzIwLTRhOWUyOTYxNWMwNS8x
LzRzbUFVcm03VDI3UHVvYTRDcmR5SllHd0twWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
YTJiZjM1LTU0YTMtNGY3OC1iNzIwLTRhOWUyOTYxNWMwNS8xL2pUclNvZG1yWEp0
UHUwNWVBbEllNEZLNG5WOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvdMjANBgkqhkiG9w0BAQsFAAOC
AQEAj+KDmNsVUf/7PQxcFA/0BQoy+GT1bXyj+G96zRHNLNzuGYrbaddrHnhrd9r7
AeEfW24qca9IX3L4NwhvoheX6i+AioMganvd3R0S22j37A90t5WQC8vLKJ7zdkCi
vyxFTcNmnpSuBXbl0otzzwv+VQnTJpnejfof2MIpaufbQsbxV0Uj2KRLXLt8ibuj
aTOSSUM+2x1xAm3k3YviYvB6hT3inUvjSxpdOrCP5jx1+ETheMKgQ/B4X+CdZjft
7nmBPaVd6sCOmTGYAVdBbAZ7Ok2UfnZz4YBFykTF0ZUd2vV0E302NW9bJM0tgyKb
l4yYynaxVFI+vftXN6VybUI3rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:41 2024 by rpki-client on console-fra.rpki-client.org