Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uyLMFIW4bex43ts7LUgSzXMN2Eg.roa
File:                     uyLMFIW4bex43ts7LUgSzXMN2Eg.roa (raw, json)
Hash identifier:          j4uslBnX+6PvjzLfWjfSv0RrXsJvfYO8PvSS80ET/vo=
Subject key identifier:   BB:22:CC:14:85:B8:6D:EC:78:DE:DB:3B:2D:48:12:CD:73:0D:D8:48
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0182468AEAE2818D067F7F83DA12A8E8AD7E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uyLMFIW4bex43ts7LUgSzXMN2Eg.roa
Signing time:             Thu 28 Jul 2022 20:41:25 +0000
ROA not before:           Thu 28 Jul 2022 20:41:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     996
IP address blocks:        77.90.168.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:46:8a:ea:e2:81:8d:06:7f:7f:83:da:12:a8:e8:ad:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jul 28 20:41:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bb22cc1485b86dec78dedb3b2d4812cd730dd848
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:8e:ea:e6:9b:19:12:ef:5f:30:97:4d:f3:98:
                    37:bc:4f:c8:dc:b2:dc:a8:90:dd:1a:10:78:61:b2:
                    fa:6a:6c:1a:6e:dd:50:96:58:1e:06:63:b1:19:1e:
                    09:b4:8a:f2:13:64:d5:87:6e:31:87:a8:aa:52:78:
                    8c:4f:45:e6:c2:12:4f:49:31:f1:5f:0a:bb:d3:4e:
                    0c:c3:9a:a3:2b:17:b6:0d:10:ca:4e:11:e0:e6:1f:
                    5b:f6:8f:39:72:61:a8:1d:8e:df:d2:21:9e:0c:9b:
                    79:bc:21:36:07:aa:9b:12:e7:50:c2:45:9d:b9:1d:
                    91:e1:2b:f3:48:66:9d:78:15:ff:c7:9b:d4:a5:24:
                    ee:c5:78:0d:56:39:b4:ff:d3:ab:63:ca:3a:77:d9:
                    5d:cd:4a:62:83:24:c9:23:a6:62:7c:b3:c1:65:f5:
                    b6:53:63:eb:3b:87:1a:ff:0e:3b:9b:54:cd:5d:be:
                    d9:c0:2d:38:19:84:40:17:7d:16:23:3c:13:e1:b3:
                    05:86:91:1e:3c:f2:46:c9:05:b7:c3:a0:26:d0:6e:
                    b3:7c:1e:ef:61:f0:04:79:37:19:59:44:15:32:d1:
                    10:40:e5:2c:17:58:cc:28:d3:9e:75:4d:bd:f6:3f:
                    59:a9:fb:a0:47:8e:d0:af:94:25:cf:9f:26:e4:42:
                    a1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:22:CC:14:85:B8:6D:EC:78:DE:DB:3B:2D:48:12:CD:73:0D:D8:48
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/uyLMFIW4bex43ts7LUgSzXMN2Eg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:3e:cb:07:f7:45:05:cb:b1:0b:c9:08:67:cf:80:83:ee:be:
         22:6e:49:b5:cd:e6:92:25:ed:df:86:ab:b1:67:21:c2:e2:ec:
         0d:2a:82:e7:cb:92:cf:7c:d0:d3:6d:24:0f:89:5b:17:3e:eb:
         ec:53:27:e5:1c:7c:40:33:91:15:85:e8:04:9a:50:42:58:9c:
         e0:d6:98:d3:8d:f7:69:36:18:15:30:01:33:22:2b:bb:a6:f0:
         65:d5:5f:18:c5:9e:42:ec:2e:74:b1:75:e9:c9:a6:ed:78:87:
         8d:1f:c9:7a:39:88:e1:5b:8d:eb:2f:68:c2:f2:37:44:11:cd:
         b8:d6:4f:8c:92:e0:59:bd:8c:69:76:ce:4d:8e:5e:c5:5b:f2:
         37:e6:35:08:89:df:26:9a:8c:d7:5b:27:9d:54:99:b7:34:a0:
         bc:02:e1:1f:c0:ff:28:bc:34:2b:e3:77:8d:65:e3:37:63:3b:
         17:e7:d2:f1:91:08:5b:f2:06:53:ac:75:7a:70:81:b5:57:cb:
         f0:15:d1:e8:8c:94:d1:ce:af:90:ee:04:d0:46:bd:47:40:72:
         c3:3d:28:c9:fe:ae:15:cc:d1:d9:fe:20:74:8f:9d:e3:a3:5d:
         dd:3c:b3:2f:c0:af:23:3a:5b:2e:fe:a8:cb:c3:bc:6f:68:57:
         0d:63:18:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJGiurigY0Gf3+D2hKo6K1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzI4MjA0MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjIyY2MxNDg1Yjg2ZGVjNzhkZWRiM2IyZDQ4MTJjZDczMGRkODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA147q5psZEu9fMJdN85g3vE/I3LLc
qJDdGhB4YbL6amwabt1QllgeBmOxGR4JtIryE2TVh24xh6iqUniMT0XmwhJPSTHx
Xwq7004Mw5qjKxe2DRDKThHg5h9b9o85cmGoHY7f0iGeDJt5vCE2B6qbEudQwkWd
uR2R4SvzSGadeBX/x5vUpSTuxXgNVjm0/9OrY8o6d9ldzUpigyTJI6ZifLPBZfW2
U2PrO4ca/w47m1TNXb7ZwC04GYRAF30WIzwT4bMFhpEePPJGyQW3w6Am0G6zfB7v
YfAEeTcZWUQVMtEQQOUsF1jMKNOedU299j9ZqfugR47Qr5Qlz58m5EKhRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLsizBSFuG3seN7bOy1IEs1zDdhIMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdXlMTUZJVzRiZXg0M3RzN0xVZ1N6WE1OMkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqoMA0G
CSqGSIb3DQEBCwUAA4IBAQBwPssH90UFy7ELyQhnz4CD7r4ibkm1zeaSJe3fhqux
ZyHC4uwNKoLny5LPfNDTbSQPiVsXPuvsUyflHHxAM5EVhegEmlBCWJzg1pjTjfdp
NhgVMAEzIiu7pvBl1V8YxZ5C7C50sXXpyabteIeNH8l6OYjhW43rL2jC8jdEEc24
1k+MkuBZvYxpds5Njl7FW/I35jUIid8mmozXWyedVJm3NKC8AuEfwP8ovDQr43eN
ZeM3YzsX59LxkQhb8gZTrHV6cIG1V8vwFdHojJTRzq+Q7gTQRr1HQHLDPSjJ/q4V
zNHZ/iB0j53jo13dPLMvwK8jOlsu/qjLw7xvaFcNYxi6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org