Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/u313SuuAc-XZoy2SsulQUm9ZwwY.roa
File:                     u313SuuAc-XZoy2SsulQUm9ZwwY.roa (raw, json)
Hash identifier:          HtLJN0wJyAUlzi4qW1zWDH+8lQLL+OL3uLZrmAIn1uY=
Subject key identifier:   BB:7D:77:4A:EB:80:73:E5:D9:A3:2D:92:B2:E9:50:52:6F:59:C3:06
Certificate issuer:       /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial:       362F60D5
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/u313SuuAc-XZoy2SsulQUm9ZwwY.roa
Signing time:             Sat 01 Jan 2022 06:00:19 +0000
ROA not before:           Sat 01 Jan 2022 06:00:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51789
IP address blocks:        91.220.109.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 909074645 (0x362f60d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
        Validity
            Not Before: Jan  1 06:00:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bb7d774aeb8073e5d9a32d92b2e950526f59c306
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b3:b5:bc:b7:85:c7:da:74:eb:8e:2f:dc:ff:
                    e1:23:05:25:fb:8b:6c:8f:6d:25:c2:af:c7:42:5a:
                    c7:af:5d:78:b0:56:f0:79:e8:fb:30:b6:b9:ff:a4:
                    7b:cc:00:d9:17:02:04:e8:cc:24:d1:4b:5e:b9:f9:
                    c4:ec:33:37:0d:a0:83:10:28:fa:59:f4:b1:2c:49:
                    d0:21:60:cf:36:05:9a:e9:14:91:ba:5d:62:20:ff:
                    26:48:03:2d:a9:21:38:5d:0d:93:3d:af:39:7f:19:
                    c3:b5:76:79:95:7b:a9:b7:7c:c6:e2:c5:7e:7b:56:
                    e4:1e:3c:dc:8a:cd:4e:62:44:87:ab:2d:65:f3:84:
                    db:b9:e4:b6:41:88:7b:1f:60:70:94:ae:05:cd:05:
                    6c:76:88:2d:f7:b1:ce:79:e0:89:0c:04:b1:d4:9d:
                    40:5d:96:d8:06:98:01:cc:5c:83:20:6d:a5:3d:d2:
                    ef:e7:f0:d2:34:61:a3:bb:47:93:4b:87:0f:47:cd:
                    28:75:37:af:83:8a:16:66:52:ff:98:0c:21:33:39:
                    3c:55:d2:eb:49:fa:3a:76:41:f3:f4:8b:54:90:75:
                    73:53:b3:83:ea:35:99:90:7f:e6:f8:95:11:2e:f2:
                    fd:50:43:2a:30:b0:3b:c0:a5:e3:a1:56:32:18:83:
                    91:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:7D:77:4A:EB:80:73:E5:D9:A3:2D:92:B2:E9:50:52:6F:59:C3:06
            X509v3 Authority Key Identifier:
                keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/u313SuuAc-XZoy2SsulQUm9ZwwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:8f:d6:ad:da:6a:92:b4:fa:ff:d3:3d:73:3c:9e:b2:7e:c5:
         24:6d:4f:b3:3b:e2:c5:1e:5e:c1:fc:f8:8f:21:17:ef:e0:7d:
         63:dd:6d:69:7f:61:c7:ae:3b:55:98:de:8b:ce:ff:95:a6:65:
         65:3f:9c:6a:1c:87:2c:20:83:61:42:42:e7:91:be:19:1f:5e:
         03:50:b9:11:0e:cf:94:7d:dc:48:5b:6c:52:a2:4d:2d:76:c2:
         de:bd:29:0c:df:69:9d:5c:5c:e3:75:6e:e3:e9:12:cc:15:51:
         85:f2:83:70:5e:43:66:71:f3:d7:02:1d:c6:c7:b5:05:b0:37:
         82:80:b0:9e:56:f7:e2:46:cd:dd:88:51:3c:f5:c7:af:94:0f:
         9a:1f:a4:bb:1b:e6:90:10:b0:09:82:0b:dd:46:6a:df:59:3c:
         f9:4e:71:d5:8d:e4:3c:5d:45:f9:7a:33:8a:2e:e0:7a:9f:89:
         13:df:a5:5f:27:bb:06:35:49:24:f1:9d:f4:c5:2c:40:6f:1d:
         5a:d1:ef:79:0c:ab:44:59:48:fc:7b:7d:cd:7a:1f:bb:03:dd:
         20:18:5a:7f:57:c8:f4:96:b7:8b:1f:37:e5:17:07:7a:19:3f:
         63:bb:35:8b:a2:13:0f:31:1f:68:46:f1:80:58:11:ba:5a:68:
         b1:6f:a3:1b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENi9g1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTYwYjJiMWM4MjlkODg5MzZiMWFkYWVlYzk3ZmRkMWI0MGQ0MWU1MB4XDTIyMDEw
MTA2MDAxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI3ZDc3NGFlYjgw
NzNlNWQ5YTMyZDkyYjJlOTUwNTI2ZjU5YzMwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJCztby3hcfadOuOL9z/4SMFJfuLbI9tJcKvx0Jax69deLBW
8Hno+zC2uf+ke8wA2RcCBOjMJNFLXrn5xOwzNw2ggxAo+ln0sSxJ0CFgzzYFmukU
kbpdYiD/JkgDLakhOF0Nkz2vOX8Zw7V2eZV7qbd8xuLFfntW5B483IrNTmJEh6st
ZfOE27nktkGIex9gcJSuBc0FbHaILfexznngiQwEsdSdQF2W2AaYAcxcgyBtpT3S
7+fw0jRho7tHk0uHD0fNKHU3r4OKFmZS/5gMITM5PFXS60n6OnZB8/SLVJB1c1Oz
g+o1mZB/5viVES7y/VBDKjCwO8Cl46FWMhiDke8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS7fXdK64Bz5dmjLZKy6VBSb1nDBjAfBgNVHSMEGDAWgBQhYLKxyCnYiTax
ra7sl/3RtA1B5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lXQ3lzY2dwMklrMnNhMnU3SmY5MGJRTlFlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvZGIxZTIwLWRjMzYtNDg4ZC05MWExLTNkZjdmYWYzNTM1ZC8x
L3UzMTNTdXVBYy1YWm95MlNzdWxRVW05Wnd3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
ZGIxZTIwLWRjMzYtNDg4ZC05MWExLTNkZjdmYWYzNTM1ZC8xL0lXQ3lzY2dwMklr
MnNhMnU3SmY5MGJRTlFlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvcbTANBgkqhkiG9w0BAQsFAAOC
AQEAnY/WrdpqkrT6/9M9czyesn7FJG1PszvixR5ewfz4jyEX7+B9Y91taX9hx647
VZjei87/laZlZT+cahyHLCCDYUJC55G+GR9eA1C5EQ7PlH3cSFtsUqJNLXbC3r0p
DN9pnVxc43Vu4+kSzBVRhfKDcF5DZnHz1wIdxse1BbA3goCwnlb34kbN3YhRPPXH
r5QPmh+kuxvmkBCwCYIL3UZq31k8+U5x1Y3kPF1F+Xozii7gep+JE9+lXye7BjVJ
JPGd9MUsQG8dWtHveQyrRFlI/Ht9zXofuwPdIBhaf1fI9Ja3ix835RcHehk/Y7s1
i6ITDzEfaEbxgFgRulposW+jGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:03 2024 by rpki-client on console-ams.rpki-client.org