Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/00f5b4-dfd9-4eb2-afdb-138ed591efaa/1/9Gy7ufyLrPl3tpA5tZUHEt0-A2w.roa
File:                     9Gy7ufyLrPl3tpA5tZUHEt0-A2w.roa (raw, json)
Hash identifier:          AV//15yrw+Y5qLLFH+/Rb3UUazrr3zDpGHIKH68FaOU=
Subject key identifier:   F4:6C:BB:B9:FC:8B:AC:F9:77:B6:90:39:B5:95:07:12:DD:3E:03:6C
Certificate issuer:       /CN=9bae428ee8cd4604c1fbc141278ef0d75376282a
Certificate serial:       03F99647
Authority key identifier: 9B:AE:42:8E:E8:CD:46:04:C1:FB:C1:41:27:8E:F0:D7:53:76:28:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m65CjujNRgTB-8FBJ47w11N2KCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/00f5b4-dfd9-4eb2-afdb-138ed591efaa/1/9Gy7ufyLrPl3tpA5tZUHEt0-A2w.roa
Signing time:             Sat 01 Jan 2022 04:03:32 +0000
ROA not before:           Sat 01 Jan 2022 04:03:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61213
IP address blocks:        91.123.48.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66688583 (0x3f99647)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bae428ee8cd4604c1fbc141278ef0d75376282a
        Validity
            Not Before: Jan  1 04:03:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f46cbbb9fc8bacf977b69039b5950712dd3e036c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d5:80:b7:08:b3:2f:3f:49:e8:67:2b:4e:be:
                    d7:2e:4a:8c:02:dc:71:b1:15:7c:1c:72:16:e8:45:
                    d1:b2:5a:a0:db:fe:6f:f3:8e:60:c5:b0:57:65:cc:
                    11:ab:be:ba:04:08:e8:58:ed:70:c0:3b:86:0f:09:
                    2d:cd:d6:3c:cd:5a:bf:ad:92:eb:5a:bb:05:7c:7f:
                    6a:ab:15:60:2b:4e:2a:78:c0:2b:2b:96:aa:73:51:
                    b0:80:d3:b8:d6:ca:b9:5f:26:64:ac:94:68:c9:92:
                    38:4e:e3:ec:86:0a:08:58:fc:fb:53:b4:52:69:c5:
                    ef:82:e9:16:22:dc:30:1d:fa:4e:9d:dc:74:df:f2:
                    28:5f:45:68:8f:4f:2f:e2:66:01:a5:16:00:d0:ba:
                    e7:90:89:63:77:d6:fe:8e:86:95:a9:88:11:66:4c:
                    ba:10:23:dc:8c:17:09:fb:d9:70:64:fe:4a:e0:92:
                    55:7d:c8:6b:1b:09:76:23:28:81:56:44:41:a2:76:
                    1d:07:fe:0a:d5:e5:5c:eb:e8:aa:fe:28:19:1d:03:
                    23:58:21:02:99:35:93:cc:80:e1:e3:6f:3c:f3:1b:
                    b7:09:b1:dc:b8:98:99:31:3d:f5:cf:c3:64:22:18:
                    36:24:d0:8a:cd:db:36:07:9d:cd:eb:4f:37:0b:6f:
                    92:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:6C:BB:B9:FC:8B:AC:F9:77:B6:90:39:B5:95:07:12:DD:3E:03:6C
            X509v3 Authority Key Identifier:
                keyid:9B:AE:42:8E:E8:CD:46:04:C1:FB:C1:41:27:8E:F0:D7:53:76:28:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m65CjujNRgTB-8FBJ47w11N2KCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/00f5b4-dfd9-4eb2-afdb-138ed591efaa/1/9Gy7ufyLrPl3tpA5tZUHEt0-A2w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/00f5b4-dfd9-4eb2-afdb-138ed591efaa/1/m65CjujNRgTB-8FBJ47w11N2KCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.123.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         88:fe:c0:d9:90:d7:27:be:5b:f0:bb:31:b7:73:fc:6d:4a:30:
         4e:1e:f9:d7:55:68:61:35:9a:70:15:f0:16:39:2a:5e:04:71:
         d8:59:3e:c1:b5:0c:af:2d:2d:2a:8a:6c:1b:fe:80:b1:0f:1c:
         13:53:8a:bc:eb:50:15:78:69:5f:b9:f6:06:d6:12:9d:e4:a5:
         4b:17:4b:3e:45:b0:62:da:a1:c0:39:e4:24:9e:07:40:05:71:
         06:20:83:f1:c8:b0:f7:c9:35:57:10:99:4b:3c:7b:ce:d7:ca:
         8d:0d:65:a3:e4:f9:ce:0a:89:fc:7e:bb:d5:78:12:c4:3c:f5:
         09:df:2f:d6:09:f8:be:6c:f1:a8:f9:1b:23:83:1f:a8:73:30:
         cb:d4:bf:4e:cf:f5:ee:58:98:32:1d:94:87:6e:5b:bd:68:94:
         fe:cd:5f:9f:cf:2f:62:1b:fc:36:e7:12:6c:41:a5:98:9f:e9:
         bb:71:95:3e:8a:54:d8:44:4c:e5:b8:8b:73:d3:18:a4:84:dd:
         f4:e4:2c:c4:6b:ab:28:7d:1a:f6:ee:e0:fc:8e:3f:76:13:53:
         d6:0c:d7:83:2e:58:35:7e:6b:86:10:4e:56:c9:95:19:1d:48:
         91:35:45:0f:85:70:e3:93:a7:12:76:ed:a0:f2:f9:d1:fb:f6:
         e8:a7:36:ea
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/mWRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YmFlNDI4ZWU4Y2Q0NjA0YzFmYmMxNDEyNzhlZjBkNzUzNzYyODJhMB4XDTIyMDEw
MTA0MDMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ2Y2JiYjlmYzhi
YWNmOTc3YjY5MDM5YjU5NTA3MTJkZDNlMDM2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfVgLcIsy8/SehnK06+1y5KjALccbEVfBxyFuhF0bJaoNv+
b/OOYMWwV2XMEau+ugQI6FjtcMA7hg8JLc3WPM1av62S61q7BXx/aqsVYCtOKnjA
KyuWqnNRsIDTuNbKuV8mZKyUaMmSOE7j7IYKCFj8+1O0UmnF74LpFiLcMB36Tp3c
dN/yKF9FaI9PL+JmAaUWANC655CJY3fW/o6GlamIEWZMuhAj3IwXCfvZcGT+SuCS
VX3IaxsJdiMogVZEQaJ2HQf+CtXlXOvoqv4oGR0DI1ghApk1k8yA4eNvPPMbtwmx
3LiYmTE99c/DZCIYNiTQis3bNgedzetPNwtvkiECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0bLu5/Ius+Xe2kDm1lQcS3T4DbDAfBgNVHSMEGDAWgBSbrkKO6M1GBMH7
wUEnjvDXU3YoKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L202NUNqdWpOUmdUQi04RkJKNDd3MTFOMktDby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvMDBmNWI0LWRmZDktNGViMi1hZmRiLTEzOGVkNTkxZWZhYS8x
LzlHeTd1ZnlMclBsM3RwQTV0WlVIRXQwLUEydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
MDBmNWI0LWRmZDktNGViMi1hZmRiLTEzOGVkNTkxZWZhYS8xL202NUNqdWpOUmdU
Qi04RkJKNDd3MTFOMktDby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFt7MDANBgkqhkiG9w0BAQsFAAOC
AQEAiP7A2ZDXJ75b8Lsxt3P8bUowTh7511VoYTWacBXwFjkqXgRx2Fk+wbUMry0t
KopsG/6AsQ8cE1OKvOtQFXhpX7n2BtYSneSlSxdLPkWwYtqhwDnkJJ4HQAVxBiCD
8ciw98k1VxCZSzx7ztfKjQ1lo+T5zgqJ/H671XgSxDz1Cd8v1gn4vmzxqPkbI4Mf
qHMwy9S/Ts/17liYMh2Uh25bvWiU/s1fn88vYhv8NucSbEGlmJ/pu3GVPopU2ERM
5biLc9MYpITd9OQsxGurKH0a9u7g/I4/dhNT1gzXgy5YNX5rhhBOVsmVGR1IkTVF
D4Vw45OnEnbtoPL50fv26Kc26g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:42 2024 by rpki-client on console-fra.rpki-client.org