Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IW2zg_bxJaWE8n7oEdp-RtJsztk.roa
File:                     IW2zg_bxJaWE8n7oEdp-RtJsztk.roa (raw, json)
Hash identifier:          d7uDTay6sexZx3KLhQBAka6Nyo/rFrmJ2MB0KOpCqE4=
Subject key identifier:   21:6D:B3:83:F6:F1:25:A5:84:F2:7E:E8:11:DA:7E:46:D2:6C:CE:D9
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       08A2F5AF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IW2zg_bxJaWE8n7oEdp-RtJsztk.roa
Signing time:             Fri 15 Apr 2022 14:57:07 +0000
ROA not before:           Fri 15 Apr 2022 14:57:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60458
IP address blocks:        77.90.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 144897455 (0x8a2f5af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Apr 15 14:57:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=216db383f6f125a584f27ee811da7e46d26cced9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:28:01:3e:ae:8e:49:4c:6c:5a:19:cb:d9:a5:
                    23:53:21:59:57:a2:eb:be:66:5f:d2:b5:51:b1:f1:
                    68:88:80:3c:33:ad:00:bf:18:c5:8f:3c:06:20:3e:
                    3e:0e:10:74:5f:26:21:08:af:17:35:84:88:f0:fd:
                    c8:30:d7:2d:0b:94:59:3a:98:5c:f2:4b:ab:b4:55:
                    a3:c2:2b:e1:f9:7f:a2:36:d0:db:17:e3:92:b1:df:
                    94:45:ff:66:ae:d9:d7:c1:40:c8:b8:6b:71:ea:fe:
                    fc:15:92:31:95:3a:bc:2e:75:61:e1:3c:a4:81:67:
                    84:4c:98:14:fc:a7:f3:c0:f8:d8:36:52:0e:94:20:
                    10:b3:b9:b9:62:4b:b5:1f:1d:70:67:ef:c8:eb:2b:
                    d3:0d:8d:8c:4b:12:b1:9e:3c:5e:99:a6:d1:fd:d8:
                    40:5a:d7:4c:b1:63:0d:3f:a9:e1:a7:94:b2:bb:a5:
                    e4:66:c6:4c:60:7a:bf:e0:b1:49:90:1c:e2:d2:9a:
                    31:8d:00:19:67:a0:ec:6d:fe:69:53:c3:49:2b:1f:
                    02:6d:66:2b:6c:2b:37:6d:98:9c:7a:2a:62:17:2f:
                    78:d8:8a:ff:9e:8e:a7:4c:f2:fb:35:b9:b8:f3:86:
                    e7:e5:e4:a9:00:6a:8d:e7:ae:f2:21:af:34:98:98:
                    1f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:6D:B3:83:F6:F1:25:A5:84:F2:7E:E8:11:DA:7E:46:D2:6C:CE:D9
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IW2zg_bxJaWE8n7oEdp-RtJsztk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:a7:c8:cb:dc:d4:4c:7c:f4:6f:b1:f7:af:b6:f0:9c:66:1f:
         de:d9:3e:a9:c3:62:07:6d:86:6f:e5:fd:a8:ae:c2:78:31:5c:
         ee:3a:69:01:45:4d:8d:ce:fc:f4:5f:45:74:a7:f9:b4:a0:5d:
         81:43:83:cf:b7:02:cf:26:c7:96:ce:f7:42:3d:8b:9f:ec:9c:
         76:6a:3e:f7:d3:60:01:20:ee:81:48:13:de:ed:86:44:56:15:
         b4:ee:b2:7f:4c:29:5d:80:4c:6e:b6:63:c4:d6:53:81:95:c5:
         69:56:3c:91:d4:fa:e0:0e:81:9b:d9:4a:6a:06:65:24:af:59:
         a4:ab:b9:18:67:4e:7c:21:8e:41:0e:f4:30:42:20:aa:4f:6e:
         19:f0:7e:e6:2f:bc:c1:0a:6b:66:97:b2:7a:43:e8:8f:55:f0:
         11:77:88:93:53:ea:aa:70:49:6e:23:d0:d3:73:5f:44:69:b3:
         1f:3c:42:45:46:5c:ae:1b:97:0d:a1:ad:8d:25:2c:7c:28:81:
         16:8c:01:97:3f:32:ef:dd:0e:f1:03:69:69:e3:c0:30:c6:35:
         6d:c7:ef:fb:58:ad:e7:1f:67:3d:5b:20:9c:59:82:d8:7c:29:
         0e:56:de:af:c2:83:2c:36:3f:b0:00:f2:81:76:11:8b:cf:18:
         cc:13:c2:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECKL1rzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQx
NTE0NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE2ZGIzODNmNmYx
MjVhNTg0ZjI3ZWU4MTFkYTdlNDZkMjZjY2VkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgoAT6ujklMbFoZy9mlI1MhWVei675mX9K1UbHxaIiAPDOt
AL8YxY88BiA+Pg4QdF8mIQivFzWEiPD9yDDXLQuUWTqYXPJLq7RVo8Ir4fl/ojbQ
2xfjkrHflEX/Zq7Z18FAyLhrcer+/BWSMZU6vC51YeE8pIFnhEyYFPyn88D42DZS
DpQgELO5uWJLtR8dcGfvyOsr0w2NjEsSsZ48Xpmm0f3YQFrXTLFjDT+p4aeUsrul
5GbGTGB6v+CxSZAc4tKaMY0AGWeg7G3+aVPDSSsfAm1mK2wrN22YnHoqYhcveNiK
/56Op0zy+zW5uPOG5+XkqQBqjeeu8iGvNJiYHwMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQhbbOD9vElpYTyfugR2n5G0mzO2TAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0lXMnpnX2J4SmFXRThuN29FZHAtUnRKc3p0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE1anDANBgkqhkiG9w0BAQsFAAOC
AQEAoKfIy9zUTHz0b7H3r7bwnGYf3tk+qcNiB22Gb+X9qK7CeDFc7jppAUVNjc78
9F9FdKf5tKBdgUODz7cCzybHls73Qj2Ln+ycdmo+99NgASDugUgT3u2GRFYVtO6y
f0wpXYBMbrZjxNZTgZXFaVY8kdT64A6Bm9lKagZlJK9ZpKu5GGdOfCGOQQ70MEIg
qk9uGfB+5i+8wQprZpeyekPoj1XwEXeIk1PqqnBJbiPQ03NfRGmzHzxCRUZcrhuX
DaGtjSUsfCiBFowBlz8y790O8QNpaePAMMY1bcfv+1it5x9nPVsgnFmC2HwpDlbe
r8KDLDY/sADygXYRi88YzBPC+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org