Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/MSOy5UyBcImZHquxLHWDQNSF8sQ.roa
File:                     MSOy5UyBcImZHquxLHWDQNSF8sQ.roa (raw, json)
Hash identifier:          EmYTIZev8EVmpaGQR7JhQfQn9mLUtWRP+H231qRoE8c=
Subject key identifier:   31:23:B2:E5:4C:81:70:89:99:1E:AB:B1:2C:75:83:40:D4:85:F2:C4
Certificate issuer:       /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial:       370EFE09
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/MSOy5UyBcImZHquxLHWDQNSF8sQ.roa
Signing time:             Fri 08 Apr 2022 09:44:01 +0000
ROA not before:           Fri 08 Apr 2022 09:44:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51789
IP address blocks:        91.220.109.0/24 maxlen: 24
                          193.164.152.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 923729417 (0x370efe09)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
        Validity
            Not Before: Apr  8 09:44:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3123b2e54c817089991eabb12c758340d485f2c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:82:69:66:e1:13:da:8f:dd:73:89:7e:c9:9f:
                    f6:ca:50:de:7a:5f:3f:df:6f:89:72:0a:b0:2e:51:
                    3e:50:d4:e5:65:08:0d:64:4e:ff:f5:9a:ac:ea:15:
                    0e:fb:c9:ea:4a:e6:f3:42:c2:fd:76:2a:49:c9:eb:
                    32:1b:36:40:d6:64:87:2f:ef:6d:99:82:2d:00:08:
                    a5:0e:76:36:5a:c3:10:7e:59:28:c8:b4:97:93:a3:
                    75:17:15:13:48:c7:85:d9:b1:41:33:d5:3f:0f:10:
                    19:a8:a0:ef:ac:40:f1:38:39:5e:db:9e:94:78:5a:
                    32:8a:d8:3b:a3:09:97:6c:70:50:aa:04:1d:f8:e2:
                    f0:18:e8:52:fb:77:92:9b:ac:e1:9a:aa:4a:ff:e7:
                    94:e9:03:6c:d5:97:21:88:58:e5:25:e3:06:fd:19:
                    84:e4:5b:1b:f3:23:42:08:cc:47:c0:20:39:28:54:
                    ea:ce:01:17:6d:0f:33:39:35:0b:f6:68:7e:83:de:
                    ad:77:c5:57:ee:dd:7a:66:8f:37:47:4c:01:49:02:
                    ec:f0:7a:3a:b6:c5:49:1e:88:dd:bb:48:e1:b1:fa:
                    15:66:9d:51:06:9a:7b:77:dd:ab:6b:5a:32:59:dc:
                    e6:22:38:5f:3c:fa:6b:71:e9:9c:6f:ac:8e:cd:73:
                    a0:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:23:B2:E5:4C:81:70:89:99:1E:AB:B1:2C:75:83:40:D4:85:F2:C4
            X509v3 Authority Key Identifier:
                keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/MSOy5UyBcImZHquxLHWDQNSF8sQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.109.0/24
                  193.164.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:11:7c:42:76:19:2f:88:54:1d:bc:ce:d5:74:e9:b7:f3:e8:
         42:0b:0d:1f:4e:e8:8e:e1:b6:d4:3e:d5:ed:a4:e9:ed:b8:5b:
         24:f3:43:a3:b7:6b:27:4c:5c:f2:ba:96:7f:2b:09:62:e2:72:
         28:c9:b8:b7:bb:a4:fd:cc:5e:bc:f8:e2:ad:f4:b6:7a:87:53:
         79:f5:59:fb:3f:4b:11:df:52:90:68:bf:fe:ad:37:f9:d1:e2:
         66:b5:32:e8:7d:f6:25:8b:6b:14:8e:0d:de:7f:8d:05:de:cb:
         87:c6:44:50:6d:2e:35:bc:43:a4:2a:c4:11:7a:cc:8b:9b:79:
         50:61:da:bd:a2:0e:18:f8:31:8f:25:6a:5f:fc:d4:52:ed:23:
         dd:e1:61:35:b5:a2:8a:57:c4:e1:c8:21:d3:13:95:ae:ac:24:
         69:d4:7b:4b:e3:d4:1f:27:70:08:c8:c7:39:31:30:fd:d6:2e:
         7d:69:e8:ea:cc:4a:9a:a3:c6:cf:86:f0:9d:a8:a8:7c:e1:a4:
         e9:da:46:ac:c8:52:bb:22:48:aa:b3:a0:eb:f4:6b:df:69:2f:
         0d:74:87:6b:b9:a7:9f:12:99:c4:05:01:1f:2f:f6:d0:8c:b5:
         63:92:9a:c2:05:53:02:1d:17:ee:b8:bc:1d:48:94:2e:a9:3f:
         b5:5b:55:78
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENw7+CTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTYwYjJiMWM4MjlkODg5MzZiMWFkYWVlYzk3ZmRkMWI0MGQ0MWU1MB4XDTIyMDQw
ODA5NDQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzEyM2IyZTU0Yzgx
NzA4OTk5MWVhYmIxMmM3NTgzNDBkNDg1ZjJjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2CaWbhE9qP3XOJfsmf9spQ3npfP99viXIKsC5RPlDU5WUI
DWRO//WarOoVDvvJ6krm80LC/XYqScnrMhs2QNZkhy/vbZmCLQAIpQ52NlrDEH5Z
KMi0l5OjdRcVE0jHhdmxQTPVPw8QGaig76xA8Tg5XtuelHhaMorYO6MJl2xwUKoE
Hfji8BjoUvt3kpus4ZqqSv/nlOkDbNWXIYhY5SXjBv0ZhORbG/MjQgjMR8AgOShU
6s4BF20PMzk1C/ZofoPerXfFV+7demaPN0dMAUkC7PB6OrbFSR6I3btI4bH6FWad
UQaae3fdq2taMlnc5iI4Xzz6a3HpnG+sjs1zoAcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQxI7LlTIFwiZkeq7EsdYNA1IXyxDAfBgNVHSMEGDAWgBQhYLKxyCnYiTax
ra7sl/3RtA1B5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lXQ3lzY2dwMklrMnNhMnU3SmY5MGJRTlFlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvZGIxZTIwLWRjMzYtNDg4ZC05MWExLTNkZjdmYWYzNTM1ZC8x
L01TT3k1VXlCY0ltWkhxdXhMSFdEUU5TRjhzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
ZGIxZTIwLWRjMzYtNDg4ZC05MWExLTNkZjdmYWYzNTM1ZC8xL0lXQ3lzY2dwMklr
MnNhMnU3SmY5MGJRTlFlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvcbQMEAMGkmDANBgkqhkiG9w0B
AQsFAAOCAQEAbBF8QnYZL4hUHbzO1XTpt/PoQgsNH07ojuG21D7V7aTp7bhbJPND
o7drJ0xc8rqWfysJYuJyKMm4t7uk/cxevPjirfS2eodTefVZ+z9LEd9SkGi//q03
+dHiZrUy6H32JYtrFI4N3n+NBd7Lh8ZEUG0uNbxDpCrEEXrMi5t5UGHavaIOGPgx
jyVqX/zUUu0j3eFhNbWiilfE4cgh0xOVrqwkadR7S+PUHydwCMjHOTEw/dYufWno
6sxKmqPGz4bwnaiofOGk6dpGrMhSuyJIqrOg6/Rr32kvDXSHa7mnnxKZxAUBHy/2
0Iy1Y5KawgVTAh0X7ri8HUiULqk/tVtVeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:40 2024 by rpki-client on console-fra.rpki-client.org