Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/R0QnCLK_niO6yn_d2unWRm-0SbQ.roa
File:                     R0QnCLK_niO6yn_d2unWRm-0SbQ.roa (raw, json)
Hash identifier:          eLyMMpVFWok7dP+x4w/CYSZYyz448rRqMV3Rn+sDVRE=
Subject key identifier:   47:44:27:08:B2:BF:9E:23:BA:CA:7F:DD:DA:E9:D6:46:6F:B4:49:B4
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       08EDE9D1
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/R0QnCLK_niO6yn_d2unWRm-0SbQ.roa
Signing time:             Wed 04 May 2022 11:31:08 +0000
ROA not before:           Wed 04 May 2022 11:31:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39144
IP address blocks:        77.90.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 149809617 (0x8ede9d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: May  4 11:31:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=47442708b2bf9e23baca7fdddae9d6466fb449b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:0b:b5:aa:61:6a:fe:0c:d8:e2:ee:ce:03:c2:
                    4c:f1:75:6b:ea:5a:bc:60:93:29:18:52:8a:b7:a3:
                    bc:e7:8a:ca:f6:17:8d:7d:b5:a0:b2:6b:3d:75:72:
                    0e:48:38:9e:f6:74:06:b9:5b:17:fb:d7:51:87:bc:
                    37:2a:39:00:9e:81:a4:97:43:12:32:ec:3f:43:8a:
                    fb:30:57:94:41:33:86:9a:7d:1e:83:9b:87:c8:55:
                    19:99:06:af:5b:60:a5:66:0c:5f:f3:84:ef:9f:0c:
                    94:46:44:d5:db:82:03:55:eb:59:c2:af:3f:67:e2:
                    d6:27:69:12:40:0f:38:e6:f6:be:e0:0c:4c:d5:5d:
                    3b:f9:12:55:5e:f1:27:63:51:2c:39:1b:4d:00:1c:
                    c6:92:82:3a:f4:04:92:e6:0a:ff:ef:47:94:ca:84:
                    7b:e0:6b:d5:1a:15:23:cc:ce:08:19:ee:22:2a:ea:
                    87:f4:67:fb:36:fd:3b:cb:9b:50:a4:6b:69:b8:71:
                    3a:4d:c7:c4:c4:73:a4:a3:26:cb:a4:25:35:ae:34:
                    ae:5a:3b:20:a4:7e:60:65:84:86:4b:a1:bd:77:d2:
                    85:c2:00:11:3d:bc:58:2d:ca:40:33:dc:d3:af:11:
                    15:79:a1:f7:58:3c:5b:44:6b:da:81:12:70:8f:17:
                    44:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:44:27:08:B2:BF:9E:23:BA:CA:7F:DD:DA:E9:D6:46:6F:B4:49:B4
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/R0QnCLK_niO6yn_d2unWRm-0SbQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:89:a4:96:0f:1d:a6:aa:ab:91:0c:ab:7c:8d:8e:6b:9b:bc:
         e1:4d:04:26:d5:4e:cd:eb:ca:36:76:bc:49:2e:de:d4:e1:77:
         f8:82:ab:96:ec:63:a7:67:ad:c3:5e:e4:19:72:24:52:cf:10:
         e6:6e:70:90:e1:d5:66:49:d9:19:11:9b:b6:99:1f:65:df:bf:
         5a:17:24:22:bc:ff:0c:11:3c:69:61:b8:d0:c1:2b:02:15:a1:
         2a:89:48:6f:ef:25:fb:37:66:29:04:ae:49:d7:10:24:e7:78:
         4b:ba:e7:e2:5d:2b:db:cb:8f:3d:7f:3b:d5:fe:76:5f:9b:53:
         f7:51:d7:13:1d:f5:30:5a:b5:96:af:07:8a:98:d1:6e:72:dd:
         53:05:f7:40:5f:f1:39:3b:27:95:ef:13:5f:69:7c:52:21:81:
         d7:e9:23:0a:fc:68:c4:e1:b3:59:a6:7b:aa:d1:26:33:c5:2e:
         ea:38:12:cf:80:33:16:d6:34:0a:16:1f:e7:08:d9:e1:63:42:
         00:a6:bd:7b:8a:0c:4e:43:c7:f3:55:2e:70:e4:6e:c6:93:2f:
         66:44:70:de:3e:e2:e8:39:8a:0d:f1:d2:29:64:54:03:2b:1d:
         18:80:7e:d7:2d:c8:17:ce:2d:55:9d:2a:05:9d:02:fa:e6:56:
         15:0e:50:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECO3p0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUw
NDExMzEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc0NDI3MDhiMmJm
OWUyM2JhY2E3ZmRkZGFlOWQ2NDY2ZmI0NDliNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPILtaphav4M2OLuzgPCTPF1a+pavGCTKRhSirejvOeKyvYX
jX21oLJrPXVyDkg4nvZ0BrlbF/vXUYe8Nyo5AJ6BpJdDEjLsP0OK+zBXlEEzhpp9
HoObh8hVGZkGr1tgpWYMX/OE758MlEZE1duCA1XrWcKvP2fi1idpEkAPOOb2vuAM
TNVdO/kSVV7xJ2NRLDkbTQAcxpKCOvQEkuYK/+9HlMqEe+Br1RoVI8zOCBnuIirq
h/Rn+zb9O8ubUKRrabhxOk3HxMRzpKMmy6QlNa40rlo7IKR+YGWEhkuhvXfShcIA
ET28WC3KQDPc068RFXmh91g8W0Rr2oEScI8XREMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRHRCcIsr+eI7rKf93a6dZGb7RJtDAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1IwUW5DTEtfbmlPNnluX2QydW5XUm0tMFNiUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE1aizANBgkqhkiG9w0BAQsFAAOC
AQEADImklg8dpqqrkQyrfI2Oa5u84U0EJtVOzevKNna8SS7e1OF3+IKrluxjp2et
w17kGXIkUs8Q5m5wkOHVZknZGRGbtpkfZd+/WhckIrz/DBE8aWG40MErAhWhKolI
b+8l+zdmKQSuSdcQJOd4S7rn4l0r28uPPX871f52X5tT91HXEx31MFq1lq8HipjR
bnLdUwX3QF/xOTsnle8TX2l8UiGB1+kjCvxoxOGzWaZ7qtEmM8Uu6jgSz4AzFtY0
ChYf5wjZ4WNCAKa9e4oMTkPH81UucORuxpMvZkRw3j7i6DmKDfHSKWRUAysdGIB+
1y3IF84tVZ0qBZ0C+uZWFQ5QOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org