Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/Xwj_ScVb3CijeDJtmvDnajp8IJQ.roa
File:                     Xwj_ScVb3CijeDJtmvDnajp8IJQ.roa (raw, json)
Hash identifier:          SNm1+44CX3IF0rjEBz6xxpqCk4nBVyhsrx5IXdjNXz4=
Subject key identifier:   5F:08:FF:49:C5:5B:DC:28:A3:78:32:6D:9A:F0:E7:6A:3A:7C:20:94
Certificate issuer:       /CN=2fa5f05f99e0250040a431d2bedcab7f8928e9b2
Certificate serial:       057D77FF
Authority key identifier: 2F:A5:F0:5F:99:E0:25:00:40:A4:31:D2:BE:DC:AB:7F:89:28:E9:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L6XwX5ngJQBApDHSvtyrf4ko6bI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/Xwj_ScVb3CijeDJtmvDnajp8IJQ.roa
Signing time:             Sat 01 Jan 2022 11:05:06 +0000
ROA not before:           Sat 01 Jan 2022 11:05:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8896
IP address blocks:        91.201.201.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 92108799 (0x57d77ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fa5f05f99e0250040a431d2bedcab7f8928e9b2
        Validity
            Not Before: Jan  1 11:05:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5f08ff49c55bdc28a378326d9af0e76a3a7c2094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:82:57:c7:16:db:a6:f6:a9:0d:0d:1e:b9:24:
                    5f:16:e3:c1:1e:46:cc:74:de:16:3d:87:13:64:09:
                    77:26:fa:37:d6:7d:f6:aa:ee:6e:3c:ee:44:86:40:
                    c9:c6:95:d4:15:d3:bc:4c:28:3f:65:0d:0a:97:b1:
                    fb:1c:33:87:2d:77:02:dd:23:1e:83:dd:11:58:6e:
                    0b:3d:3d:5a:60:48:3b:93:ba:6c:c9:5a:7f:f0:13:
                    20:d2:27:71:f4:6e:a6:dd:3c:12:fa:8a:58:b2:6e:
                    54:d7:2f:92:89:02:cf:ba:70:a9:19:51:e8:6b:6b:
                    85:8e:f6:72:41:a6:01:67:5d:6d:c9:23:97:8f:59:
                    7f:28:64:da:91:cd:6e:63:3c:7a:50:f9:df:f7:0e:
                    5e:28:d1:1e:a8:7a:d8:f6:70:d0:c2:23:a9:fe:90:
                    a4:74:af:a8:56:38:35:86:89:df:7a:a1:30:82:f4:
                    1f:03:ec:e2:ec:cb:1b:4f:ab:af:fe:4a:f4:c1:fb:
                    f2:6d:c6:aa:9c:52:4c:f0:c7:14:14:ad:68:d4:3a:
                    e3:a1:a1:90:01:50:83:0a:39:fa:5b:c2:de:c6:f5:
                    4e:15:e0:bc:3c:42:60:5c:81:99:0d:d6:3a:f6:fe:
                    b0:7a:ca:03:55:d9:bb:d6:db:f7:9f:a6:c2:70:30:
                    28:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:08:FF:49:C5:5B:DC:28:A3:78:32:6D:9A:F0:E7:6A:3A:7C:20:94
            X509v3 Authority Key Identifier:
                keyid:2F:A5:F0:5F:99:E0:25:00:40:A4:31:D2:BE:DC:AB:7F:89:28:E9:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6XwX5ngJQBApDHSvtyrf4ko6bI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/Xwj_ScVb3CijeDJtmvDnajp8IJQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/L6XwX5ngJQBApDHSvtyrf4ko6bI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.201.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:c7:81:eb:53:4e:2a:99:ba:a7:74:69:a8:95:15:53:ee:14:
         8a:9f:95:75:4d:41:ee:86:bc:91:6a:bb:2e:1c:e2:83:75:4c:
         80:f7:c2:45:0b:60:80:60:72:a4:4c:ad:c9:c5:ce:dd:3e:c6:
         70:51:c1:1c:0b:9b:8a:51:b0:3d:9c:43:b2:40:e4:71:26:cf:
         3d:b7:c6:d1:87:fa:1e:61:fc:9b:6e:86:0a:01:88:0a:5a:04:
         01:4a:d4:af:ea:36:59:8f:bc:71:fc:cf:6f:c8:be:20:7f:43:
         65:3d:34:19:44:25:5b:84:4d:ae:e3:b0:c8:0b:1a:7e:2d:f6:
         65:33:2e:4d:dc:be:10:50:e1:9c:cf:98:1a:e8:14:07:1a:23:
         69:0b:70:68:98:fc:8a:80:80:73:55:98:16:15:84:b1:84:b2:
         8f:fa:84:d8:ab:85:bd:48:2e:9b:2e:58:db:7f:ac:36:01:3c:
         b0:a9:68:29:c9:4c:dc:fa:aa:f3:a3:b8:0c:d5:00:8f:59:5f:
         08:8c:c7:36:5e:91:5e:1d:d9:a7:06:a0:a2:33:61:68:27:bc:
         08:cb:31:7a:ae:cd:03:5c:3e:5b:13:eb:37:8e:6b:0a:17:a1:
         00:8a:76:81:91:8c:13:e3:8f:fb:3c:98:ba:f4:14:ea:6b:88:
         35:c9:9d:ca
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBX13/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZmE1ZjA1Zjk5ZTAyNTAwNDBhNDMxZDJiZWRjYWI3Zjg5MjhlOWIyMB4XDTIyMDEw
MTExMDUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYwOGZmNDljNTVi
ZGMyOGEzNzgzMjZkOWFmMGU3NmEzYTdjMjA5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJiCV8cW26b2qQ0NHrkkXxbjwR5GzHTeFj2HE2QJdyb6N9Z9
9qrubjzuRIZAycaV1BXTvEwoP2UNCpex+xwzhy13At0jHoPdEVhuCz09WmBIO5O6
bMlaf/ATINIncfRupt08EvqKWLJuVNcvkokCz7pwqRlR6GtrhY72ckGmAWddbckj
l49Zfyhk2pHNbmM8elD53/cOXijRHqh62PZw0MIjqf6QpHSvqFY4NYaJ33qhMIL0
HwPs4uzLG0+rr/5K9MH78m3GqpxSTPDHFBStaNQ646GhkAFQgwo5+lvC3sb1ThXg
vDxCYFyBmQ3WOvb+sHrKA1XZu9bb95+mwnAwKO8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfCP9JxVvcKKN4Mm2a8OdqOnwglDAfBgNVHSMEGDAWgBQvpfBfmeAlAECk
MdK+3Kt/iSjpsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w2WHdYNW5nSlFCQXBESFN2dHlyZjRrbzZiSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvZGMwNmJkLWU4MzQtNDA1Zi04YzMzLTllNWY5MDUzODMzNi8x
L1h3al9TY1ZiM0NpamVESnRtdkRuYWpwOElKUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
ZGMwNmJkLWU4MzQtNDA1Zi04YzMzLTllNWY5MDUzODMzNi8xL0w2WHdYNW5nSlFC
QXBESFN2dHlyZjRrbzZiSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvJyTANBgkqhkiG9w0BAQsFAAOC
AQEAZseB61NOKpm6p3RpqJUVU+4Uip+VdU1B7oa8kWq7Lhzig3VMgPfCRQtggGBy
pEytycXO3T7GcFHBHAubilGwPZxDskDkcSbPPbfG0Yf6HmH8m26GCgGICloEAUrU
r+o2WY+8cfzPb8i+IH9DZT00GUQlW4RNruOwyAsafi32ZTMuTdy+EFDhnM+YGugU
BxojaQtwaJj8ioCAc1WYFhWEsYSyj/qE2KuFvUgumy5Y23+sNgE8sKloKclM3Pqq
86O4DNUAj1lfCIzHNl6RXh3ZpwagojNhaCe8CMsxeq7NA1w+WxPrN45rChehAIp2
gZGME+OP+zyYuvQU6muINcmdyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:08 2024 by rpki-client on console-fra.rpki-client.org