Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/2a4561-f2d3-46d2-a4f2-3f6868b2de98/1/o0OGP2OkMjnpmrwEj8p2ax0UNxU.roa
File:                     o0OGP2OkMjnpmrwEj8p2ax0UNxU.roa (raw, json)
Hash identifier:          Aqxn0uFwz3E2H69ty8cQhnY5E73kaubXoCRzTwVHXyg=
Subject key identifier:   A3:43:86:3F:63:A4:32:39:E9:9A:BC:04:8F:CA:76:6B:1D:14:37:15
Certificate issuer:       /CN=336f977dc3d5ac63bdbd6f0f8ad5e6baa7c54d86
Certificate serial:       134D
Authority key identifier: 33:6F:97:7D:C3:D5:AC:63:BD:BD:6F:0F:8A:D5:E6:BA:A7:C5:4D:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M2-XfcPVrGO9vW8PitXmuqfFTYY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/2a4561-f2d3-46d2-a4f2-3f6868b2de98/1/o0OGP2OkMjnpmrwEj8p2ax0UNxU.roa
Signing time:             Thu 28 Apr 2022 09:55:37 +0000
ROA not before:           Thu 28 Apr 2022 09:55:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57538
IP address blocks:        91.232.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4941 (0x134d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=336f977dc3d5ac63bdbd6f0f8ad5e6baa7c54d86
        Validity
            Not Before: Apr 28 09:55:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a343863f63a43239e99abc048fca766b1d143715
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:7b:74:3f:96:2c:4d:36:a8:b0:cd:4a:35:fe:
                    19:d0:f7:29:b7:18:ce:9b:11:0d:37:22:46:eb:42:
                    44:9c:c4:c0:68:97:20:18:15:95:66:5b:3c:a3:f2:
                    f0:cd:37:87:e9:ea:87:f1:d6:f9:df:6a:53:86:64:
                    0c:89:95:32:e1:b4:f8:d7:ed:40:ec:6d:9e:b8:2c:
                    a9:3e:b7:c2:50:50:b3:d7:75:78:a6:7f:2c:5d:9b:
                    fd:be:f0:08:de:8a:9a:f7:6d:ca:7d:a9:c9:3a:a3:
                    44:a8:0b:5c:c7:fa:15:8e:7a:a1:8d:33:41:0a:ff:
                    28:4b:28:d8:07:c7:71:2a:33:93:36:59:49:d1:27:
                    2b:d7:15:6d:18:6c:ed:69:0b:ca:8f:99:2e:f5:dd:
                    e4:1e:ee:7a:36:b3:29:80:9d:42:ae:11:15:f6:fd:
                    e0:69:49:ab:04:96:2f:c5:58:0a:d0:8b:e3:cf:ba:
                    44:74:e9:49:bf:c6:90:4e:6b:94:ed:e5:43:02:dc:
                    67:89:2f:64:d7:04:55:5c:e0:53:54:df:3c:20:a9:
                    c0:c6:1f:94:f3:fe:0f:a1:da:f0:b5:3a:ab:3a:f5:
                    93:36:e2:2a:fe:6b:b0:1c:d4:8a:6f:d4:fa:83:db:
                    bb:52:46:06:ff:5c:22:f7:9a:2b:ee:d6:43:3a:5a:
                    9c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:43:86:3F:63:A4:32:39:E9:9A:BC:04:8F:CA:76:6B:1D:14:37:15
            X509v3 Authority Key Identifier:
                keyid:33:6F:97:7D:C3:D5:AC:63:BD:BD:6F:0F:8A:D5:E6:BA:A7:C5:4D:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2-XfcPVrGO9vW8PitXmuqfFTYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/2a4561-f2d3-46d2-a4f2-3f6868b2de98/1/o0OGP2OkMjnpmrwEj8p2ax0UNxU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/2a4561-f2d3-46d2-a4f2-3f6868b2de98/1/M2-XfcPVrGO9vW8PitXmuqfFTYY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:d0:72:b2:a3:1d:66:d0:8f:3e:fb:0a:47:c1:cb:68:f0:3f:
         58:d3:e6:45:40:d5:22:1b:75:e6:9b:37:63:e1:3f:3b:91:0a:
         c3:94:2d:31:d4:55:8f:81:6a:62:4f:f4:ef:65:00:60:d5:5e:
         6a:eb:de:31:ac:eb:70:5d:00:bb:71:e8:be:16:6c:8e:a2:de:
         5f:41:e1:17:e5:fd:1f:95:b0:3a:9d:2f:ee:bd:1d:73:3b:27:
         f4:0a:6a:59:7f:16:89:97:d8:1b:1d:23:c6:ec:24:a7:b1:57:
         88:73:ae:2f:d5:5c:9f:71:53:59:bd:f8:d4:92:5f:64:46:4d:
         85:73:f9:36:c3:74:93:89:c7:a4:06:c4:a9:8a:00:5e:4e:34:
         2c:8e:0b:fc:92:99:e8:b0:59:1a:83:0f:b4:b1:12:16:ed:a3:
         08:e2:e1:01:36:d7:44:14:0d:68:e0:ab:3b:46:75:15:46:5b:
         21:e7:22:0f:99:81:a5:b1:38:01:c9:a1:a7:bf:ec:3e:33:7b:
         3b:3a:45:23:b6:57:de:75:10:52:ac:26:2c:70:1b:b6:68:4c:
         ac:6b:a1:79:ef:99:2d:2b:0c:bf:21:e2:01:fc:cd:ad:c4:de:
         32:21:3f:0e:99:06:bf:b4:a4:1c:cf:b8:af:74:fd:98:f4:b7:
         a9:5a:cd:45
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICE00wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzM2
Zjk3N2RjM2Q1YWM2M2JkYmQ2ZjBmOGFkNWU2YmFhN2M1NGQ4NjAeFw0yMjA0Mjgw
OTU1MzdaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGEzNDM4NjNmNjNhNDMy
MzllOTlhYmMwNDhmY2E3NjZiMWQxNDM3MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDie3Q/lixNNqiwzUo1/hnQ9ym3GM6bEQ03IkbrQkScxMBolyAY
FZVmWzyj8vDNN4fp6ofx1vnfalOGZAyJlTLhtPjX7UDsbZ64LKk+t8JQULPXdXim
fyxdm/2+8Ajeipr3bcp9qck6o0SoC1zH+hWOeqGNM0EK/yhLKNgHx3EqM5M2WUnR
JyvXFW0YbO1pC8qPmS713eQe7no2symAnUKuERX2/eBpSasEli/FWArQi+PPukR0
6Um/xpBOa5Tt5UMC3GeJL2TXBFVc4FNU3zwgqcDGH5Tz/g+h2vC1Oqs69ZM24ir+
a7Ac1Ipv1PqD27tSRgb/XCL3mivu1kM6WpzNAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUo0OGP2OkMjnpmrwEj8p2ax0UNxUwHwYDVR0jBBgwFoAUM2+XfcPVrGO9vW8P
itXmuqfFTYYwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9N
Mi1YZmNQVnJHTzl2VzhQaXRYbXVxZkZUWVkuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2Y3LzJhNDU2MS1mMmQzLTQ2ZDItYTRmMi0zZjY4NjhiMmRlOTgvMS9v
ME9HUDJPa01qbnBtcndFajhwMmF4MFVOeFUucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y3LzJh
NDU2MS1mMmQzLTQ2ZDItYTRmMi0zZjY4NjhiMmRlOTgvMS9NMi1YZmNQVnJHTzl2
VzhQaXRYbXVxZkZUWVkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb6NEwDQYJKoZIhvcNAQELBQADggEB
ACXQcrKjHWbQjz77CkfBy2jwP1jT5kVA1SIbdeabN2PhPzuRCsOULTHUVY+BamJP
9O9lAGDVXmrr3jGs63BdALtx6L4WbI6i3l9B4Rfl/R+VsDqdL+69HXM7J/QKall/
FomX2BsdI8bsJKexV4hzri/VXJ9xU1m9+NSSX2RGTYVz+TbDdJOJx6QGxKmKAF5O
NCyOC/ySmeiwWRqDD7SxEhbtowji4QE210QUDWjgqztGdRVGWyHnIg+ZgaWxOAHJ
oae/7D4zezs6RSO2V951EFKsJixwG7ZoTKxroXnvmS0rDL8h4gH8za3E3jIhPw6Z
Br+0pBzPuK90/Zj0t6lazUU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:03 2024 by rpki-client on console-fra.rpki-client.org