Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vzHH2Jf-swtj7rNFbfcU5dTXpos.roa
File:                     vzHH2Jf-swtj7rNFbfcU5dTXpos.roa (raw, json)
Hash identifier:          /PuvrwNlQ0h9fg/RvLBIZhD3vGxEO+mladAlLciL7YM=
Subject key identifier:   BF:31:C7:D8:97:FE:B3:0B:63:EE:B3:45:6D:F7:14:E5:D4:D7:A6:8B
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0184CCEC7C3051F277960011BFF749952BC0
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vzHH2Jf-swtj7rNFbfcU5dTXpos.roa
Signing time:             Thu 01 Dec 2022 09:02:41 +0000
ROA not before:           Thu 01 Dec 2022 09:02:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16265
IP address blocks:        77.90.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:cc:ec:7c:30:51:f2:77:96:00:11:bf:f7:49:95:2b:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Dec  1 09:02:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bf31c7d897feb30b63eeb3456df714e5d4d7a68b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3b:28:f1:9e:9f:b8:8a:53:cd:1c:43:3a:10:
                    69:fe:b5:a0:8f:f8:78:c4:fe:7e:4a:37:f1:20:a9:
                    9b:1e:8f:ca:49:2c:95:7f:6d:bb:8f:91:16:76:1b:
                    ae:1c:b3:8e:4e:79:14:2a:d7:a4:61:3a:0e:81:e4:
                    c6:b5:ca:da:38:51:09:a2:dd:5d:de:a1:1f:9e:b1:
                    f1:22:bf:35:25:32:2c:e1:96:cd:e9:71:a3:03:de:
                    3e:be:87:b8:19:8a:83:3a:e7:f6:5a:29:de:93:bb:
                    0f:4b:a5:8c:fb:f0:63:ef:e9:f2:3f:61:94:44:71:
                    e6:9c:02:49:80:6e:83:1c:bf:df:55:7e:3c:dc:8e:
                    33:f7:2d:31:4e:f4:d6:13:9e:ce:8b:28:13:71:ed:
                    4c:d4:79:d5:23:92:77:8d:f3:c5:db:3e:b9:fa:19:
                    a0:13:94:12:59:5d:ef:6f:39:df:10:b2:ed:9f:10:
                    dd:ea:bb:3f:5e:43:02:bb:09:5c:6e:00:74:7b:dc:
                    25:fe:12:a1:ac:4c:00:95:6f:67:4a:8b:0c:65:5e:
                    1f:bd:97:e6:b0:b2:b9:34:d9:ea:70:c9:83:b5:48:
                    74:01:48:df:c9:7c:af:07:06:d3:16:ec:3a:02:49:
                    f5:04:52:d1:51:26:30:eb:c6:73:e1:7a:fb:1f:9a:
                    53:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:31:C7:D8:97:FE:B3:0B:63:EE:B3:45:6D:F7:14:E5:D4:D7:A6:8B
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/vzHH2Jf-swtj7rNFbfcU5dTXpos.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:4f:d1:c6:4e:fa:bc:ee:95:9a:1f:07:46:53:f1:21:e3:e8:
         11:e0:e8:e5:5d:dd:2e:44:2b:67:7f:e7:e0:f4:3e:96:ad:17:
         69:2b:ed:1e:c0:46:dd:bb:72:17:34:5c:42:84:91:e9:35:da:
         d6:9d:5f:32:a3:ca:17:40:69:9a:2d:25:50:9f:c0:2d:65:b9:
         9a:c2:61:f1:6c:ac:0f:2d:2e:c7:cf:c8:78:37:3c:fe:3f:d7:
         06:76:d2:f0:15:b0:e7:af:85:b3:a2:34:cf:8e:b3:ad:89:2d:
         3f:f7:b2:52:3d:c3:f8:f4:d5:85:73:80:0e:f4:55:a5:c9:ac:
         43:d5:45:10:48:0c:b0:b1:a3:5d:75:14:4c:f3:cc:94:15:81:
         34:75:b0:35:45:85:30:e1:23:09:34:33:6d:a0:21:39:f2:f9:
         76:48:bd:90:90:91:af:a3:28:7f:ce:b6:c7:a3:5f:45:05:2d:
         50:09:32:b5:ec:66:ad:a9:a1:61:03:82:90:02:9b:70:82:b3:
         11:22:fe:95:c3:7d:6b:ae:f9:38:cc:94:69:5f:6e:06:a8:88:
         a4:8a:fc:9d:e6:3c:07:6c:bd:5f:36:48:86:47:75:7f:84:f1:
         f9:35:9c:cd:92:ee:0d:de:4a:b5:7a:2a:00:8d:20:3e:8d:b0:
         1e:18:4a:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTM7HwwUfJ3lgARv/dJlSvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMjAxMDkwMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjMxYzdkODk3ZmViMzBiNjNlZWIzNDU2ZGY3MTRlNWQ0ZDdhNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjso8Z6fuIpTzRxDOhBp/rWgj/h4
xP5+SjfxIKmbHo/KSSyVf227j5EWdhuuHLOOTnkUKtekYToOgeTGtcraOFEJot1d
3qEfnrHxIr81JTIs4ZbN6XGjA94+voe4GYqDOuf2Winek7sPS6WM+/Bj7+nyP2GU
RHHmnAJJgG6DHL/fVX483I4z9y0xTvTWE57OiygTce1M1HnVI5J3jfPF2z65+hmg
E5QSWV3vbznfELLtnxDd6rs/XkMCuwlcbgB0e9wl/hKhrEwAlW9nSosMZV4fvZfm
sLK5NNnqcMmDtUh0AUjfyXyvBwbTFuw6Akn1BFLRUSYw68Zz4Xr7H5pTKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8xx9iX/rMLY+6zRW33FOXU16aLMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvdnpISDJKZi1zd3RqN3JORmJmY1U1ZFRYcG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqLMA0G
CSqGSIb3DQEBCwUAA4IBAQCeT9HGTvq87pWaHwdGU/Eh4+gR4OjlXd0uRCtnf+fg
9D6WrRdpK+0ewEbdu3IXNFxChJHpNdrWnV8yo8oXQGmaLSVQn8AtZbmawmHxbKwP
LS7Hz8h4Nzz+P9cGdtLwFbDnr4WzojTPjrOtiS0/97JSPcP49NWFc4AO9FWlyaxD
1UUQSAywsaNddRRM88yUFYE0dbA1RYUw4SMJNDNtoCE58vl2SL2QkJGvoyh/zrbH
o19FBS1QCTK17GatqaFhA4KQAptwgrMRIv6Vw31rrvk4zJRpX24GqIikivyd5jwH
bL1fNkiGR3V/hPH5NZzNku4N3kq1eioAjSA+jbAeGEqs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org