Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/yx9B6MsVnqjXSBHCvbEowYtoeOQ.roa
File:                     yx9B6MsVnqjXSBHCvbEowYtoeOQ.roa (raw, json)
Hash identifier:          uubrl99Cahuiats3dmyNGv/siw27iGOyNKtCdThu7hw=
Subject key identifier:   CB:1F:41:E8:CB:15:9E:A8:D7:48:11:C2:BD:B1:28:C1:8B:68:78:E4
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       018499A3730CA7AFAB3277980E86EB8098AD
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/yx9B6MsVnqjXSBHCvbEowYtoeOQ.roa
Signing time:             Mon 21 Nov 2022 10:02:16 +0000
ROA not before:           Mon 21 Nov 2022 10:02:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        77.90.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:99:a3:73:0c:a7:af:ab:32:77:98:0e:86:eb:80:98:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Nov 21 10:02:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cb1f41e8cb159ea8d74811c2bdb128c18b6878e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:90:5f:0c:a1:14:25:69:7e:18:3d:0a:69:da:
                    0f:eb:a1:24:ef:99:33:0f:9f:0a:79:89:8b:f3:8f:
                    1b:d9:16:4e:a7:52:3d:91:da:44:ea:1f:bc:fb:c5:
                    4c:75:38:a7:f3:69:4c:fa:c2:ea:92:ed:ee:2f:18:
                    9c:36:99:8e:ca:89:cd:85:39:0c:d8:7b:c0:f8:79:
                    90:3f:04:d1:cd:6c:68:24:0f:47:56:7e:31:2e:34:
                    6d:79:06:9b:49:98:a1:69:34:1c:b5:5b:90:e2:6b:
                    02:ba:b3:c5:35:19:72:f1:25:1b:c4:d3:bd:49:01:
                    fe:cb:50:ff:c8:c7:3d:1d:9c:3e:c0:28:24:1c:f6:
                    f2:c0:87:4b:19:19:22:eb:a4:61:2a:41:0b:a0:00:
                    1d:5a:a4:c2:4f:fd:43:9c:ba:bb:41:9d:cc:29:ad:
                    2f:94:9c:dc:54:bc:ac:86:d5:a7:dd:84:e2:c8:fb:
                    5e:9e:53:d3:4e:ea:04:b1:de:f2:72:d5:b8:b7:b7:
                    40:f2:18:f9:b1:72:bd:af:67:40:68:a3:b2:bd:d6:
                    c3:8b:ab:6c:47:35:53:3b:e1:29:5b:70:89:fa:81:
                    40:d9:4e:c8:10:6c:10:42:33:23:45:53:c0:ee:a5:
                    4e:74:7e:e6:76:b9:e1:20:fb:70:29:f4:94:9a:57:
                    f5:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:1F:41:E8:CB:15:9E:A8:D7:48:11:C2:BD:B1:28:C1:8B:68:78:E4
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/yx9B6MsVnqjXSBHCvbEowYtoeOQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:b5:f3:6b:31:40:ba:fc:8c:4a:c2:2d:fd:ae:38:1c:92:68:
         10:80:74:64:04:16:36:f3:70:60:6e:01:51:79:8e:72:0b:92:
         b4:92:09:67:16:14:19:c1:06:47:72:cf:ca:1f:65:ce:35:ff:
         77:da:25:a5:3f:0b:f5:c2:02:5a:48:13:f5:af:19:f7:fc:7c:
         f4:68:c8:e3:3d:71:ab:17:c0:4d:f7:b0:be:b4:a2:97:93:03:
         76:7b:32:df:63:d2:c8:8b:c9:5a:a9:30:1d:e2:16:91:fa:a2:
         81:c1:e9:69:54:54:d4:ae:c0:91:ce:8e:ee:f7:93:ae:43:19:
         04:9a:e3:1a:55:bf:d6:b8:1f:72:94:0c:01:1e:d3:31:ec:c4:
         f1:7a:db:3f:13:7f:51:3f:4c:bd:1c:1d:e3:e6:f2:78:cc:e2:
         82:5e:46:02:f3:3e:c9:9b:cf:86:a5:0a:b5:35:3c:a8:7c:de:
         54:d0:43:00:37:9d:44:f4:75:14:10:f7:c0:20:13:1a:b7:30:
         5c:2e:40:4b:2d:01:94:59:61:8e:9f:a3:75:ba:eb:f7:df:6b:
         4d:14:86:33:5a:bf:f7:04:4c:3d:87:87:1a:9d:12:d6:2f:6b:
         9d:b0:96:3d:38:e2:f6:06:c3:05:45:e3:d1:06:fa:4f:4e:a8:
         a9:52:4d:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSZo3MMp6+rMneYDobrgJitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTIxMTAwMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjFmNDFlOGNiMTU5ZWE4ZDc0ODExYzJiZGIxMjhjMThiNjg3OGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpBfDKEUJWl+GD0KadoP66Ek75kz
D58KeYmL848b2RZOp1I9kdpE6h+8+8VMdTin82lM+sLqku3uLxicNpmOyonNhTkM
2HvA+HmQPwTRzWxoJA9HVn4xLjRteQabSZihaTQctVuQ4msCurPFNRly8SUbxNO9
SQH+y1D/yMc9HZw+wCgkHPbywIdLGRki66RhKkELoAAdWqTCT/1DnLq7QZ3MKa0v
lJzcVLyshtWn3YTiyPtenlPTTuoEsd7yctW4t7dA8hj5sXK9r2dAaKOyvdbDi6ts
RzVTO+EpW3CJ+oFA2U7IEGwQQjMjRVPA7qVOdH7mdrnhIPtwKfSUmlf1bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsfQejLFZ6o10gRwr2xKMGLaHjkMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEveXg5QjZNc1ZucWpYU0JIQ3ZiRW93WXRvZU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqZMA0G
CSqGSIb3DQEBCwUAA4IBAQBktfNrMUC6/IxKwi39rjgckmgQgHRkBBY283BgbgFR
eY5yC5K0kglnFhQZwQZHcs/KH2XONf932iWlPwv1wgJaSBP1rxn3/Hz0aMjjPXGr
F8BN97C+tKKXkwN2ezLfY9LIi8laqTAd4haR+qKBwelpVFTUrsCRzo7u95OuQxkE
muMaVb/WuB9ylAwBHtMx7MTxets/E39RP0y9HB3j5vJ4zOKCXkYC8z7Jm8+GpQq1
NTyofN5U0EMAN51E9HUUEPfAIBMatzBcLkBLLQGUWWGOn6N1uuv332tNFIYzWr/3
BEw9h4canRLWL2udsJY9OOL2BsMFRePRBvpPTqipUk20
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org