Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9pcFpf_uvx5aLgXtQXGXGwU_vVw.roa
File:                     9pcFpf_uvx5aLgXtQXGXGwU_vVw.roa (raw, json)
Hash identifier:          SnZhZYIMGmPhFfbmMiDf9U5aCPHHXeCmShDBDtuu1GU=
Subject key identifier:   F6:97:05:A5:FF:EE:BF:1E:5A:2E:05:ED:41:71:97:1B:05:3F:BD:5C
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0181F7A9D78C4210A49120BF3C96F059251A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9pcFpf_uvx5aLgXtQXGXGwU_vVw.roa
Signing time:             Wed 13 Jul 2022 13:05:11 +0000
ROA not before:           Wed 13 Jul 2022 13:05:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        77.90.181.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f7:a9:d7:8c:42:10:a4:91:20:bf:3c:96:f0:59:25:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jul 13 13:05:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f69705a5ffeebf1e5a2e05ed4171971b053fbd5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:54:c1:c6:f4:fa:f2:ce:0b:b7:ad:76:99:1d:
                    b3:31:43:5d:69:f8:e8:80:04:8e:5a:de:61:61:e2:
                    95:32:9d:63:ad:9e:2c:f3:fb:98:36:53:3c:12:54:
                    8f:57:67:db:ef:44:4a:99:7f:6c:0b:32:cb:a6:02:
                    79:94:1a:51:bd:41:c2:8c:10:94:73:21:80:8b:eb:
                    f9:e4:51:08:6b:38:7a:ce:f8:1e:56:12:04:70:2c:
                    7f:41:a6:e0:76:28:e6:7e:c3:85:11:f2:13:ab:e2:
                    b0:e1:7e:31:a9:03:aa:9f:bb:03:6e:91:8a:13:0f:
                    aa:25:65:d5:0a:92:ea:d4:17:1d:26:2e:ef:f1:68:
                    fe:2d:5f:e5:eb:6e:63:da:b3:17:48:14:6a:93:95:
                    b8:07:e9:a2:60:66:62:41:d0:dc:54:10:69:23:0e:
                    06:98:90:3c:25:2c:a4:d7:c3:06:07:d7:b1:50:16:
                    7c:e9:ce:8c:e6:85:f8:6c:de:df:07:c3:24:04:cb:
                    1d:3c:89:49:8f:2d:f0:f0:d4:00:c6:f5:0c:9a:32:
                    69:24:2c:1c:7c:9a:ba:52:e5:7c:f5:8b:ea:83:1c:
                    ef:c1:6c:ba:9f:5e:e7:ff:f5:f0:93:d5:f3:94:68:
                    71:f8:72:4f:60:f6:56:77:12:d6:5f:0b:c8:c0:80:
                    39:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:97:05:A5:FF:EE:BF:1E:5A:2E:05:ED:41:71:97:1B:05:3F:BD:5C
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9pcFpf_uvx5aLgXtQXGXGwU_vVw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:59:94:af:95:a1:e7:60:ed:04:c4:81:fa:23:9a:33:bd:71:
         d3:54:7d:59:16:53:a4:64:4d:71:8c:b4:ed:27:05:e1:8f:6d:
         88:60:95:b8:d7:00:9d:d6:f8:4f:cf:9b:61:73:b2:da:f3:35:
         3a:52:1d:d2:39:60:4b:08:9d:9d:50:7f:6a:eb:9a:c4:6c:0c:
         e7:79:56:94:f1:7a:18:14:15:5c:2d:69:60:9f:b5:b6:45:5a:
         40:af:bd:f6:51:e0:30:6f:1a:26:2c:e9:da:0b:e2:08:13:e9:
         d0:3a:36:bc:e5:5e:8b:a0:64:97:95:6d:f0:57:b8:fd:36:d0:
         69:78:2b:fb:3f:33:e7:de:f4:f9:44:41:6b:01:2e:05:29:1b:
         7c:c9:1d:f6:f7:a1:92:80:96:af:22:46:80:1b:a7:63:83:03:
         66:37:58:fd:c4:4b:fa:0c:b6:8b:ad:de:91:29:5f:ba:f3:14:
         05:a7:b0:19:4d:bd:a0:7b:5b:ce:61:9a:e9:b2:96:ba:bd:01:
         e5:78:ea:8e:b9:63:5a:7e:76:4f:c4:aa:f3:3e:b0:e1:93:4d:
         3c:4c:20:3f:06:ac:9d:05:06:42:4a:33:f4:b1:12:90:92:88:
         b9:e7:42:37:13:e1:f3:5f:3e:2a:df:67:15:8c:9c:2d:1a:2f:
         74:27:e2:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH3qdeMQhCkkSC/PJbwWSUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzEzMTMwNTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjk3MDVhNWZmZWViZjFlNWEyZTA1ZWQ0MTcxOTcxYjA1M2ZiZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVTBxvT68s4Lt612mR2zMUNdafjo
gASOWt5hYeKVMp1jrZ4s8/uYNlM8ElSPV2fb70RKmX9sCzLLpgJ5lBpRvUHCjBCU
cyGAi+v55FEIazh6zvgeVhIEcCx/QabgdijmfsOFEfITq+Kw4X4xqQOqn7sDbpGK
Ew+qJWXVCpLq1BcdJi7v8Wj+LV/l625j2rMXSBRqk5W4B+miYGZiQdDcVBBpIw4G
mJA8JSyk18MGB9exUBZ86c6M5oX4bN7fB8MkBMsdPIlJjy3w8NQAxvUMmjJpJCwc
fJq6UuV89YvqgxzvwWy6n17n//Xwk9XzlGhx+HJPYPZWdxLWXwvIwIA5tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPaXBaX/7r8eWi4F7UFxlxsFP71cMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvOXBjRnBmX3V2eDVhTGdYdFFYR1hHd1VfdlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVq1MA0G
CSqGSIb3DQEBCwUAA4IBAQBOWZSvlaHnYO0ExIH6I5ozvXHTVH1ZFlOkZE1xjLTt
JwXhj22IYJW41wCd1vhPz5thc7La8zU6Uh3SOWBLCJ2dUH9q65rEbAzneVaU8XoY
FBVcLWlgn7W2RVpAr732UeAwbxomLOnaC+IIE+nQOja85V6LoGSXlW3wV7j9NtBp
eCv7PzPn3vT5REFrAS4FKRt8yR3296GSgJavIkaAG6djgwNmN1j9xEv6DLaLrd6R
KV+68xQFp7AZTb2ge1vOYZrpspa6vQHleOqOuWNafnZPxKrzPrDhk008TCA/Bqyd
BQZCSjP0sRKQkoi550I3E+HzXz4q32cVjJwtGi90J+Kw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org