Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/qEGXG0SjmhzitvEZHXDteX4N4t4.roa
File:                     qEGXG0SjmhzitvEZHXDteX4N4t4.roa (raw, json)
Hash identifier:          8vo2rTmfDA19G1/QIbUeHEsnjjcYSJbhaLqtzC1OYl4=
Subject key identifier:   A8:41:97:1B:44:A3:9A:1C:E2:B6:F1:19:1D:70:ED:79:7E:0D:E2:DE
Certificate issuer:       /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial:       372DF97B
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/qEGXG0SjmhzitvEZHXDteX4N4t4.roa
Signing time:             Thu 21 Apr 2022 13:58:59 +0000
ROA not before:           Thu 21 Apr 2022 13:58:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51789
IP address blocks:        91.220.109.0/24 maxlen: 24
                          193.164.152.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 925759867 (0x372df97b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
        Validity
            Not Before: Apr 21 13:58:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a841971b44a39a1ce2b6f1191d70ed797e0de2de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f6:e5:77:52:5f:b2:2c:62:6c:46:98:84:00:
                    7f:48:1a:e9:3b:4e:50:69:57:72:9f:54:b6:b3:af:
                    43:86:ad:72:1c:64:a9:bb:e6:13:ab:4b:66:85:c4:
                    ea:37:17:21:dc:c2:af:ec:3f:c3:fb:c8:23:dd:ab:
                    d9:22:95:9e:f9:6d:78:79:71:d2:ac:a2:c9:65:71:
                    b9:2d:a2:95:1d:d6:1e:a6:68:f8:0c:59:2c:6a:ba:
                    f2:c3:cc:ad:7e:4a:48:88:b7:9b:c9:a6:2e:11:f9:
                    6f:3e:69:67:c8:f0:0a:49:43:f8:78:6d:27:4c:96:
                    7b:e7:20:10:f5:06:fb:7a:d0:38:1c:13:ea:47:4e:
                    30:f4:6e:30:0c:a5:d0:b1:e1:d1:85:30:49:fc:cd:
                    f3:4c:22:47:67:d1:75:77:70:e7:97:61:01:f6:57:
                    b8:13:f1:b7:f1:9f:25:e2:d0:4e:db:45:28:fe:a1:
                    b9:f6:d3:59:3b:0e:c2:ac:83:66:20:67:6b:f0:e1:
                    7f:5f:dd:ce:8f:c4:7c:1f:e5:9c:b4:44:32:c8:e0:
                    da:28:b4:5f:00:45:b1:9d:8f:d2:9f:d8:10:2d:0a:
                    ab:27:eb:2e:36:8b:7f:55:66:41:08:77:ec:9c:98:
                    c1:08:a4:bc:ee:e9:70:46:3d:14:7d:a6:92:dc:3d:
                    01:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:41:97:1B:44:A3:9A:1C:E2:B6:F1:19:1D:70:ED:79:7E:0D:E2:DE
            X509v3 Authority Key Identifier:
                keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/qEGXG0SjmhzitvEZHXDteX4N4t4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.109.0/24
                  193.164.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:78:aa:a4:66:f6:f7:d9:63:eb:0b:3f:a7:ee:74:af:91:ef:
         9a:a3:f5:03:9b:7e:87:bf:cf:a0:f6:75:5e:71:e4:89:1e:15:
         cb:d1:dc:c3:89:02:98:1b:6c:d2:ba:ac:fd:88:cf:fe:c4:8c:
         8a:ec:15:43:c8:0e:48:b0:1c:3c:3f:df:99:79:5c:a2:00:11:
         fa:9b:81:eb:7b:e8:47:5b:77:7c:37:46:ed:a4:ee:a1:f0:0b:
         a3:d1:75:3e:cc:f0:ab:cf:c4:1a:1c:34:6e:56:e3:f9:e5:ed:
         c6:ae:ac:15:d7:f3:39:67:31:eb:32:27:25:79:f3:d0:14:bf:
         70:d6:81:e4:d2:d4:01:a6:4a:bb:c3:e5:95:59:46:99:c9:32:
         67:e7:de:2a:c6:4b:6f:ec:73:87:07:ab:74:70:f7:9c:17:32:
         5f:a9:a3:db:36:0b:17:8c:f1:64:c5:94:99:44:16:60:6a:9d:
         b5:26:d1:53:e4:9b:be:d2:39:8e:ec:65:51:26:e3:ee:35:9a:
         c3:f1:4c:59:69:a3:45:8d:02:0a:4a:7f:6c:86:27:14:29:1b:
         46:a6:50:58:cc:26:18:e6:d0:68:92:93:de:ff:ef:cf:28:8a:
         86:55:2a:fe:cf:b7:df:9b:e0:8c:bb:da:63:47:f0:fc:18:0a:
         22:df:e6:20
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENy35ezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTYwYjJiMWM4MjlkODg5MzZiMWFkYWVlYzk3ZmRkMWI0MGQ0MWU1MB4XDTIyMDQy
MTEzNTg1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg0MTk3MWI0NGEz
OWExY2UyYjZmMTE5MWQ3MGVkNzk3ZTBkZTJkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALD25XdSX7IsYmxGmIQAf0ga6TtOUGlXcp9UtrOvQ4atchxk
qbvmE6tLZoXE6jcXIdzCr+w/w/vII92r2SKVnvlteHlx0qyiyWVxuS2ilR3WHqZo
+AxZLGq68sPMrX5KSIi3m8mmLhH5bz5pZ8jwCklD+HhtJ0yWe+cgEPUG+3rQOBwT
6kdOMPRuMAyl0LHh0YUwSfzN80wiR2fRdXdw55dhAfZXuBPxt/GfJeLQTttFKP6h
ufbTWTsOwqyDZiBna/Dhf1/dzo/EfB/lnLREMsjg2ii0XwBFsZ2P0p/YEC0Kqyfr
LjaLf1VmQQh37JyYwQikvO7pcEY9FH2mktw9AaMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSoQZcbRKOaHOK28RkdcO15fg3i3jAfBgNVHSMEGDAWgBQhYLKxyCnYiTax
ra7sl/3RtA1B5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lXQ3lzY2dwMklrMnNhMnU3SmY5MGJRTlFlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvZGIxZTIwLWRjMzYtNDg4ZC05MWExLTNkZjdmYWYzNTM1ZC8x
L3FFR1hHMFNqbWh6aXR2RVpIWER0ZVg0TjR0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
ZGIxZTIwLWRjMzYtNDg4ZC05MWExLTNkZjdmYWYzNTM1ZC8xL0lXQ3lzY2dwMklr
MnNhMnU3SmY5MGJRTlFlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvcbQMEAMGkmDANBgkqhkiG9w0B
AQsFAAOCAQEAFHiqpGb299lj6ws/p+50r5HvmqP1A5t+h7/PoPZ1XnHkiR4Vy9Hc
w4kCmBts0rqs/YjP/sSMiuwVQ8gOSLAcPD/fmXlcogAR+puB63voR1t3fDdG7aTu
ofALo9F1Pszwq8/EGhw0blbj+eXtxq6sFdfzOWcx6zInJXnz0BS/cNaB5NLUAaZK
u8PllVlGmckyZ+feKsZLb+xzhwerdHD3nBcyX6mj2zYLF4zxZMWUmUQWYGqdtSbR
U+SbvtI5juxlUSbj7jWaw/FMWWmjRY0CCkp/bIYnFCkbRqZQWMwmGObQaJKT3v/v
zyiKhlUq/s+335vgjLvaY0fw/BgKIt/mIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:40 2024 by rpki-client on console-fra.rpki-client.org