Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/5sWcmEX-shymyfWeEItc7BYPuzk.roa
File:                     5sWcmEX-shymyfWeEItc7BYPuzk.roa (raw, json)
Hash identifier:          dBrgCbM6SJIwZoN7HKD1vk1cRJD6ESfn+6DoNHcpTjo=
Subject key identifier:   E6:C5:9C:98:45:FE:B2:1C:A6:C9:F5:9E:10:8B:5C:EC:16:0F:BB:39
Certificate issuer:       /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial:       0183361CA5EE19CBD3EADE3FD59D8E65F01B
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/5sWcmEX-shymyfWeEItc7BYPuzk.roa
Signing time:             Tue 13 Sep 2022 09:09:50 +0000
ROA not before:           Tue 13 Sep 2022 09:09:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58000
IP address blocks:        91.237.182.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:36:1c:a5:ee:19:cb:d3:ea:de:3f:d5:9d:8e:65:f0:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
        Validity
            Not Before: Sep 13 09:09:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e6c59c9845feb21ca6c9f59e108b5cec160fbb39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:8d:a7:2a:be:a7:3c:77:9c:fa:7f:6d:b1:36:
                    a1:b0:5b:cf:4b:06:0e:7a:db:71:ab:de:48:5d:3e:
                    26:32:65:bb:3a:7c:f2:c1:89:66:6d:b3:60:d6:4b:
                    02:b4:7d:77:8b:0f:fd:05:ad:54:9f:bd:01:cd:a6:
                    cc:43:56:89:8c:bc:1e:f3:72:60:1f:1a:b2:32:47:
                    df:29:dc:f9:fb:30:1b:72:be:ee:40:0b:4d:0e:0f:
                    f5:e9:96:2f:4e:c5:bd:8b:1e:6e:c6:68:86:3c:f3:
                    c9:6f:6d:ca:46:3d:9d:1b:2e:b9:31:57:80:23:1b:
                    54:f4:7c:37:f3:0d:a4:a5:2c:8c:88:3c:5a:01:1c:
                    08:78:68:4d:58:2d:bc:d0:ef:82:6d:1d:33:2e:8a:
                    01:ce:2d:3b:7d:f2:ce:be:62:a9:fb:dc:2b:8f:e4:
                    d0:00:a6:6c:bd:ac:91:67:45:91:54:7a:04:69:10:
                    da:f3:11:32:2d:81:f8:44:dd:aa:15:bf:79:df:39:
                    3e:2d:4e:af:61:e7:ea:d5:0c:7c:cb:2d:3a:1b:b4:
                    d3:08:d6:ae:3d:c6:3d:56:5d:f3:d7:71:67:23:81:
                    e9:3d:09:14:81:7d:76:df:2d:8e:1a:de:02:1c:0a:
                    1c:bd:4f:63:75:5e:dc:dd:80:66:2b:d2:66:60:dd:
                    8a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:C5:9C:98:45:FE:B2:1C:A6:C9:F5:9E:10:8B:5C:EC:16:0F:BB:39
            X509v3 Authority Key Identifier:
                keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/5sWcmEX-shymyfWeEItc7BYPuzk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.182.0/23

    Signature Algorithm: sha256WithRSAEncryption
         79:7b:93:cd:42:60:9e:49:64:43:f5:09:8f:6e:8d:6f:61:17:
         a8:3a:52:d3:07:7b:b2:2a:7f:ec:da:b6:75:3c:2c:e0:65:88:
         ac:bc:b7:72:c9:2d:bd:38:7a:21:17:67:fe:21:46:09:ce:db:
         67:0c:19:a5:ed:82:ef:32:76:b9:f9:c3:32:52:45:11:51:54:
         df:83:a6:3b:ae:74:34:6d:8a:d9:db:49:0b:46:35:c5:34:e0:
         40:22:d3:20:63:66:1e:c9:95:90:15:18:00:a7:15:ea:b4:de:
         18:59:d5:8f:9e:6d:e1:ab:e4:44:79:71:f4:dd:05:4c:27:25:
         82:81:5b:74:81:64:9b:af:26:c2:6e:6c:90:9e:64:b1:7b:04:
         d9:82:35:79:56:8e:49:dc:6e:ec:5a:cd:93:55:3f:1d:f2:f2:
         72:68:f0:fe:8e:43:da:1c:1b:ce:5f:a7:80:6e:72:88:60:6a:
         d9:5e:b9:22:c9:82:aa:24:c0:36:11:79:42:94:f2:34:86:1e:
         8f:5b:f0:3d:dc:3c:e9:a0:d8:33:ff:82:27:ce:3f:ab:33:5f:
         24:25:9c:fb:37:76:5e:36:30:b7:6b:d0:83:b2:ed:d9:18:96:
         45:59:ef:cf:7d:4c:4d:45:68:f1:e2:2e:9e:b2:44:a0:60:72:
         f9:fe:92:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM2HKXuGcvT6t4/1Z2OZfAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjIwOTEzMDkwOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmM1OWM5ODQ1ZmViMjFjYTZjOWY1OWUxMDhiNWNlYzE2MGZiYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Y2nKr6nPHec+n9tsTahsFvPSwYO
ettxq95IXT4mMmW7OnzywYlmbbNg1ksCtH13iw/9Ba1Un70BzabMQ1aJjLwe83Jg
HxqyMkffKdz5+zAbcr7uQAtNDg/16ZYvTsW9ix5uxmiGPPPJb23KRj2dGy65MVeA
IxtU9Hw38w2kpSyMiDxaARwIeGhNWC280O+CbR0zLooBzi07ffLOvmKp+9wrj+TQ
AKZsvayRZ0WRVHoEaRDa8xEyLYH4RN2qFb953zk+LU6vYefq1Qx8yy06G7TTCNau
PcY9Vl3z13FnI4HpPQkUgX123y2OGt4CHAocvU9jdV7c3YBmK9JmYN2KJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObFnJhF/rIcpsn1nhCLXOwWD7s5MB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvNXNXY21FWC1zaHlteWZXZUVJdGM3QllQdXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+22MA0G
CSqGSIb3DQEBCwUAA4IBAQB5e5PNQmCeSWRD9QmPbo1vYReoOlLTB3uyKn/s2rZ1
PCzgZYisvLdyyS29OHohF2f+IUYJzttnDBml7YLvMna5+cMyUkURUVTfg6Y7rnQ0
bYrZ20kLRjXFNOBAItMgY2YeyZWQFRgApxXqtN4YWdWPnm3hq+REeXH03QVMJyWC
gVt0gWSbrybCbmyQnmSxewTZgjV5Vo5J3G7sWs2TVT8d8vJyaPD+jkPaHBvOX6eA
bnKIYGrZXrkiyYKqJMA2EXlClPI0hh6PW/A93DzpoNgz/4Inzj+rM18kJZz7N3Ze
NjC3a9CDsu3ZGJZFWe/PfUxNRWjx4i6eskSgYHL5/pIO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org