Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UqTZIHoL3LCJU8wnUBNBBuoyUWU.roa
File:                     UqTZIHoL3LCJU8wnUBNBBuoyUWU.roa (raw, json)
Hash identifier:          CoF9tczoU24nLiVqLsWyIO8LtotZHGbqashqEABE1/I=
Subject key identifier:   52:A4:D9:20:7A:0B:DC:B0:89:53:CC:27:50:13:41:06:EA:32:51:65
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0184C53D03BAEF8914C699933F546B65060B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UqTZIHoL3LCJU8wnUBNBBuoyUWU.roa
Signing time:             Tue 29 Nov 2022 21:13:40 +0000
ROA not before:           Tue 29 Nov 2022 21:13:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     138687
IP address blocks:        77.90.178.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c5:3d:03:ba:ef:89:14:c6:99:93:3f:54:6b:65:06:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Nov 29 21:13:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=52a4d9207a0bdcb08953cc2750134106ea325165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:f3:d8:f9:8e:ae:b4:42:d9:53:6b:51:bb:93:
                    85:3f:c6:f9:b5:54:96:3c:c6:a4:aa:bc:93:10:51:
                    29:4a:80:e8:51:6c:5f:d5:83:15:2a:a4:37:91:cf:
                    79:b8:4a:8f:6c:16:83:69:82:68:64:68:91:7d:ba:
                    70:b0:1b:0b:1b:f0:ee:df:2f:34:30:07:4e:3f:c3:
                    58:0a:4d:1e:dc:35:f3:35:84:e7:a8:f8:53:03:10:
                    d8:de:53:f6:0f:16:22:2e:09:5d:a0:8e:ed:6e:26:
                    ee:2a:63:b0:60:fc:81:3a:2a:9e:d2:b6:ef:4c:12:
                    d4:35:0a:9f:58:de:02:fa:08:e8:a8:74:b9:e0:d1:
                    72:27:19:97:8a:bf:3e:f8:b9:fd:97:d3:12:df:42:
                    8d:0f:20:bf:8c:b0:c3:e9:af:e9:b7:12:41:e2:49:
                    c4:bb:b8:5a:3a:e3:77:57:03:40:56:d8:73:f2:dc:
                    02:40:6a:57:0f:8a:86:4d:33:f4:f4:a8:23:87:bc:
                    03:2d:82:ac:63:47:ab:d9:6f:8f:2f:be:e5:3f:66:
                    77:40:d5:0a:6b:6c:48:31:b3:73:9d:e2:37:53:04:
                    6b:fb:03:52:54:58:f7:b6:10:08:4d:f1:48:f1:8e:
                    79:9b:df:d6:ed:56:46:f6:30:e1:49:fe:64:fa:46:
                    2c:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:A4:D9:20:7A:0B:DC:B0:89:53:CC:27:50:13:41:06:EA:32:51:65
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/UqTZIHoL3LCJU8wnUBNBBuoyUWU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:8b:dd:82:0d:c3:40:80:2f:cb:81:93:2b:fe:e7:6a:ee:bd:
         2c:96:cf:e7:6c:15:14:d7:b2:18:e2:ac:25:0c:d7:aa:ae:f8:
         de:9c:e3:11:59:2b:62:57:17:17:f3:3a:1d:d5:12:a9:3f:8f:
         1b:b2:d8:40:0f:93:16:b7:96:cc:00:db:45:47:46:ee:ab:83:
         1d:91:03:fa:24:d5:6b:82:49:35:7b:44:ec:63:4f:9a:18:3a:
         6f:ca:df:64:5b:a9:b4:a8:59:e4:5e:8d:35:51:6b:16:69:bf:
         a8:25:50:de:50:f9:a2:80:36:a6:43:9e:f6:70:26:6c:cf:e7:
         08:12:72:92:a3:4c:4f:17:8e:c9:ad:ec:5e:e4:d6:f1:3b:6a:
         d6:82:e7:4d:a6:56:3b:cc:e1:20:4a:48:54:4d:60:13:72:da:
         ae:71:0f:b1:1e:0e:7d:c5:25:65:2e:64:20:37:ff:e0:ed:ad:
         14:fd:37:ce:86:1f:a3:cb:0d:0b:e5:19:e6:d2:b7:fc:71:64:
         00:5d:29:37:63:ac:32:a5:12:a3:af:17:c0:d8:2b:2e:af:8b:
         20:02:08:d3:ec:13:3d:61:d0:35:67:31:22:95:3e:1e:53:ce:
         47:57:a2:f1:8e:71:6f:5f:13:68:11:35:c2:af:9d:54:24:9e:
         30:1b:b1:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTFPQO674kUxpmTP1RrZQYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTI5MjExMzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmE0ZDkyMDdhMGJkY2IwODk1M2NjMjc1MDEzNDEwNmVhMzI1MTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPPY+Y6utELZU2tRu5OFP8b5tVSW
PMakqryTEFEpSoDoUWxf1YMVKqQ3kc95uEqPbBaDaYJoZGiRfbpwsBsLG/Du3y80
MAdOP8NYCk0e3DXzNYTnqPhTAxDY3lP2DxYiLgldoI7tbibuKmOwYPyBOiqe0rbv
TBLUNQqfWN4C+gjoqHS54NFyJxmXir8++Ln9l9MS30KNDyC/jLDD6a/ptxJB4knE
u7haOuN3VwNAVthz8twCQGpXD4qGTTP09Kgjh7wDLYKsY0er2W+PL77lP2Z3QNUK
a2xIMbNzneI3UwRr+wNSVFj3thAITfFI8Y55m9/W7VZG9jDhSf5k+kYssQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFKk2SB6C9ywiVPMJ1ATQQbqMlFlMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVXFUWklIb0wzTENKVTh3blVCTkJCdW95VVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqyMA0G
CSqGSIb3DQEBCwUAA4IBAQCyi92CDcNAgC/LgZMr/udq7r0sls/nbBUU17IY4qwl
DNeqrvjenOMRWStiVxcX8zod1RKpP48bsthAD5MWt5bMANtFR0buq4MdkQP6JNVr
gkk1e0TsY0+aGDpvyt9kW6m0qFnkXo01UWsWab+oJVDeUPmigDamQ572cCZsz+cI
EnKSo0xPF47Jrexe5NbxO2rWgudNplY7zOEgSkhUTWATctqucQ+xHg59xSVlLmQg
N//g7a0U/TfOhh+jyw0L5Rnm0rf8cWQAXSk3Y6wypRKjrxfA2Csur4sgAgjT7BM9
YdA1ZzEilT4eU85HV6LxjnFvXxNoETXCr51UJJ4wG7Fc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org