Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/d9ZIY4XPImTjyov26cHJAJgWTyU.roa
File:                     d9ZIY4XPImTjyov26cHJAJgWTyU.roa (raw, json)
Hash identifier:          b22nDUG2kUkMRBu4JTLJOe85UBgwI/Z4ceDoWnRekD8=
Subject key identifier:   77:D6:48:63:85:CF:22:64:E3:CA:8B:F6:E9:C1:C9:00:98:16:4F:25
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1EC13C00
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/d9ZIY4XPImTjyov26cHJAJgWTyU.roa
Signing time:             Mon 30 May 2022 14:08:14 +0000
ROA not before:           Mon 30 May 2022 14:08:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     393398
IP address blocks:        81.161.237.0/24 maxlen: 24
                          193.58.120.0/22 maxlen: 24
                          193.58.122.0/24 maxlen: 24
                          193.58.123.0/24 maxlen: 24
                          193.58.121.0/24 maxlen: 24
                          193.42.33.0/24 maxlen: 24
                          82.115.208.0/22 maxlen: 24
                          193.42.35.0/24 maxlen: 24
                          193.42.34.0/24 maxlen: 24
                          193.42.32.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 515980288 (0x1ec13c00)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 30 14:08:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=77d6486385cf2264e3ca8bf6e9c1c90098164f25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:8f:b6:f3:d3:ff:ba:d4:85:28:a5:37:83:c7:
                    1c:02:21:b3:bd:b6:eb:db:24:f5:c7:fa:6b:97:c9:
                    66:96:5b:a9:d3:61:ad:a5:30:00:20:7f:f6:bf:8f:
                    ee:13:1c:3e:a5:93:4a:c9:10:7c:24:d2:78:5c:70:
                    ff:c7:4c:85:6c:c9:2f:ad:69:27:f5:d1:f5:a6:93:
                    32:de:fc:90:9c:02:1f:c3:aa:2e:3f:cd:28:8e:9f:
                    54:7f:4a:b5:12:f4:4f:7a:67:fa:52:17:f4:c2:2c:
                    05:43:71:dd:c6:c1:ca:cb:57:91:00:ed:7f:48:6a:
                    a1:fd:f2:37:9d:fa:0b:92:2f:d4:ff:58:4e:6b:61:
                    41:2a:d5:37:5e:d6:9e:f4:d5:5e:b9:2f:bf:77:6c:
                    37:d7:b6:cb:9e:97:20:d0:3b:ee:3b:30:49:07:bb:
                    2b:05:5b:eb:9b:6b:40:f4:eb:b0:04:17:ec:fe:25:
                    9c:f9:1e:4e:50:93:0a:7f:61:f7:55:34:e7:fa:86:
                    50:b8:42:61:9f:7d:1a:c5:61:e7:81:a2:d1:c9:22:
                    c7:0c:3b:f5:ee:85:44:53:0d:71:3f:95:b2:81:38:
                    20:de:19:ef:98:8d:e7:d2:e9:e9:83:0c:0a:4d:08:
                    31:5a:83:d5:43:6a:cb:65:f3:18:39:28:ee:e2:6c:
                    ae:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:D6:48:63:85:CF:22:64:E3:CA:8B:F6:E9:C1:C9:00:98:16:4F:25
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/d9ZIY4XPImTjyov26cHJAJgWTyU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.161.237.0/24
                  82.115.208.0/22
                  193.42.32.0/22
                  193.58.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:26:bc:76:3a:7b:8f:8a:6b:06:cd:34:ad:82:f1:f6:7a:a8:
         c7:38:07:0a:7c:9c:92:05:02:d9:a3:dd:95:7c:ea:ae:a1:b6:
         78:c6:db:a3:f0:b5:5d:32:1a:3d:85:28:ca:b4:28:40:36:43:
         c8:4f:db:5d:c0:c9:95:7f:56:a8:8e:be:0e:b4:f2:0b:83:d8:
         3e:9d:d2:32:8f:2f:82:a7:05:b9:11:e1:3e:52:c8:b4:1e:f8:
         77:41:0e:a5:74:2e:a1:45:82:4d:ed:80:42:50:28:8e:bb:a3:
         26:a4:3e:39:5e:f9:7b:fa:ec:49:1e:19:d6:03:8c:ad:55:f0:
         00:17:1a:06:cf:10:65:37:07:c0:ff:cd:c0:7f:e3:89:2c:29:
         6b:a8:0b:2e:2b:d5:b8:c0:8c:5d:22:72:87:51:7d:1f:fd:39:
         89:fa:2e:4a:4a:68:fa:e0:d4:3a:6c:13:fa:af:5b:b1:53:dd:
         54:ed:3a:79:c5:47:d2:f8:4c:d0:9d:47:0d:a4:ab:58:95:d0:
         11:51:76:63:5d:9b:da:26:23:65:b5:4a:f1:d8:aa:59:81:3c:
         2c:79:17:a5:97:d4:4f:aa:e6:3b:46:eb:f3:e0:a3:4e:b8:39:
         a9:37:09:a7:5c:7a:b4:07:0e:3a:f3:ea:c1:fa:7a:7a:51:90:
         98:81:fe:e9
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEHsE8ADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUz
MDE0MDgxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdkNjQ4NjM4NWNm
MjI2NGUzY2E4YmY2ZTljMWM5MDA5ODE2NGYyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6PtvPT/7rUhSilN4PHHAIhs72269sk9cf6a5fJZpZbqdNh
raUwACB/9r+P7hMcPqWTSskQfCTSeFxw/8dMhWzJL61pJ/XR9aaTMt78kJwCH8Oq
Lj/NKI6fVH9KtRL0T3pn+lIX9MIsBUNx3cbBystXkQDtf0hqof3yN536C5Iv1P9Y
TmthQSrVN17WnvTVXrkvv3dsN9e2y56XINA77jswSQe7KwVb65trQPTrsAQX7P4l
nPkeTlCTCn9h91U05/qGULhCYZ99GsVh54Gi0ckixww79e6FRFMNcT+VsoE4IN4Z
75iN59Lp6YMMCk0IMVqD1UNqy2XzGDko7uJsrk0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBR31khjhc8iZOPKi/bpwckAmBZPJTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2Q5WklZNFhQSW1UanlvdjI2Y0hKQUpnV1R5VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFGh7QMEAlJz0AMEAsEqIAMEAsE6
eDANBgkqhkiG9w0BAQsFAAOCAQEABCa8djp7j4prBs00rYLx9nqoxzgHCnyckgUC
2aPdlXzqrqG2eMbbo/C1XTIaPYUoyrQoQDZDyE/bXcDJlX9WqI6+DrTyC4PYPp3S
Mo8vgqcFuRHhPlLItB74d0EOpXQuoUWCTe2AQlAojrujJqQ+OV75e/rsSR4Z1gOM
rVXwABcaBs8QZTcHwP/NwH/jiSwpa6gLLivVuMCMXSJyh1F9H/05ifouSkpo+uDU
OmwT+q9bsVPdVO06ecVH0vhM0J1HDaSrWJXQEVF2Y12b2iYjZbVK8diqWYE8LHkX
pZfUT6rmO0br8+CjTrg5qTcJp1x6tAcOOvPqwfp6elGQmIH+6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org