Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zhecTFH20a5rcGoPMcXl9c35rw4.roa
File:                     zhecTFH20a5rcGoPMcXl9c35rw4.roa (raw, json)
Hash identifier:          RKZ2U47rC32bJ/ZuabMmZmADf0wiZ10x7IHZE992hcY=
Subject key identifier:   CE:17:9C:4C:51:F6:D1:AE:6B:70:6A:0F:31:C5:E5:F5:CD:F9:AF:0E
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       018365E41070C595813AC04A647010C09EDC
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zhecTFH20a5rcGoPMcXl9c35rw4.roa
Signing time:             Thu 22 Sep 2022 15:49:48 +0000
ROA not before:           Thu 22 Sep 2022 15:49:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208911
IP address blocks:        77.90.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:65:e4:10:70:c5:95:81:3a:c0:4a:64:70:10:c0:9e:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Sep 22 15:49:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ce179c4c51f6d1ae6b706a0f31c5e5f5cdf9af0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:e9:5a:d2:74:1e:c3:26:61:1d:a1:af:99:6e:
                    8d:0e:8b:6f:35:90:ec:22:08:ee:ee:d0:71:78:16:
                    26:9d:94:aa:46:72:21:12:d5:4e:f1:1d:78:0d:8f:
                    43:ce:78:c9:ea:6b:09:2c:00:b9:ca:7e:5f:79:18:
                    ef:e9:93:ce:cf:a9:be:b9:7b:76:33:2c:09:d0:c6:
                    ee:20:97:48:68:17:e9:62:ae:a0:24:0d:f5:bb:15:
                    e7:06:d9:69:7b:b3:39:83:e6:89:0f:67:f9:b7:6d:
                    c8:64:23:38:db:71:7d:29:00:12:97:8b:23:4c:ca:
                    8b:d1:d3:27:5c:2b:9a:d9:9c:3e:cb:24:ac:23:28:
                    37:0e:15:7d:8d:12:d1:39:bb:59:ef:49:bf:cf:f3:
                    ef:1b:b4:ce:83:a3:23:7b:57:b9:28:ec:24:2c:b9:
                    5c:10:14:06:b5:cf:13:99:18:43:44:34:67:27:22:
                    be:c6:a3:82:00:cd:82:fa:b2:07:e1:44:2a:4a:e4:
                    99:0d:da:f4:1f:fa:3c:1c:4a:e9:6a:07:5d:69:5a:
                    bd:55:b7:d3:69:32:78:55:ba:e6:f8:f8:75:2b:54:
                    36:16:59:60:8b:cb:1e:2e:51:c6:64:76:ac:9c:5b:
                    ff:8b:7e:af:be:20:a1:2b:75:e7:3a:b2:83:9a:08:
                    28:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:17:9C:4C:51:F6:D1:AE:6B:70:6A:0F:31:C5:E5:F5:CD:F9:AF:0E
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/zhecTFH20a5rcGoPMcXl9c35rw4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:61:5a:42:eb:8a:29:2b:52:2d:34:cb:95:7e:15:6f:8a:d7:
         d9:47:6b:ab:16:25:49:c8:a0:f5:b1:25:d5:26:7c:cd:48:b0:
         94:5e:1d:6d:50:04:a9:3e:bb:57:b2:6d:53:c6:57:b0:c2:62:
         da:2c:58:27:cd:2e:69:e7:17:cb:28:b5:d8:e7:ca:32:b8:6b:
         92:55:2d:9e:ec:f9:7f:03:ae:11:fa:4b:c9:5b:70:6f:b0:c0:
         25:ad:bf:3c:4c:1c:87:b0:b2:2b:b7:d3:13:d0:35:f8:5b:ef:
         2c:b2:c4:89:09:5b:10:ef:a5:0e:7e:25:24:95:0e:1b:0c:3e:
         30:c1:91:71:8f:41:15:b7:bd:56:45:f4:c3:e3:cd:71:5b:6e:
         d5:fd:8f:74:bc:22:bf:a1:2d:87:06:8b:91:93:30:f7:1a:27:
         22:ed:9d:b1:e7:62:9d:28:6e:98:34:53:a4:f2:0b:fe:34:b2:
         d5:fd:be:b2:6f:8f:bc:68:d8:bb:40:10:24:95:11:9d:c3:67:
         43:bb:ef:3b:33:df:9e:7f:76:af:ca:39:06:da:d9:8a:e2:7b:
         9b:39:63:6b:c1:12:04:7b:26:11:31:9e:c9:a9:57:a7:f6:92:
         2b:5f:02:5a:ba:20:3e:40:b9:3c:b0:a6:9e:ba:bb:ff:65:f4:
         a6:df:9e:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNl5BBwxZWBOsBKZHAQwJ7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwOTIyMTU0OTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTE3OWM0YzUxZjZkMWFlNmI3MDZhMGYzMWM1ZTVmNWNkZjlhZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+la0nQewyZhHaGvmW6NDotvNZDs
Igju7tBxeBYmnZSqRnIhEtVO8R14DY9DznjJ6msJLAC5yn5feRjv6ZPOz6m+uXt2
MywJ0MbuIJdIaBfpYq6gJA31uxXnBtlpe7M5g+aJD2f5t23IZCM423F9KQASl4sj
TMqL0dMnXCua2Zw+yySsIyg3DhV9jRLRObtZ70m/z/PvG7TOg6Mje1e5KOwkLLlc
EBQGtc8TmRhDRDRnJyK+xqOCAM2C+rIH4UQqSuSZDdr0H/o8HErpagddaVq9VbfT
aTJ4Vbrm+Ph1K1Q2Fllgi8seLlHGZHasnFv/i36vviChK3XnOrKDmggoxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM4XnExR9tGua3BqDzHF5fXN+a8OMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvemhlY1RGSDIwYTVyY0dvUE1jWGw5YzM1cnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVq4MA0G
CSqGSIb3DQEBCwUAA4IBAQBqYVpC64opK1ItNMuVfhVvitfZR2urFiVJyKD1sSXV
JnzNSLCUXh1tUASpPrtXsm1TxlewwmLaLFgnzS5p5xfLKLXY58oyuGuSVS2e7Pl/
A64R+kvJW3BvsMAlrb88TByHsLIrt9MT0DX4W+8sssSJCVsQ76UOfiUklQ4bDD4w
wZFxj0EVt71WRfTD481xW27V/Y90vCK/oS2HBouRkzD3Gici7Z2x52KdKG6YNFOk
8gv+NLLV/b6yb4+8aNi7QBAklRGdw2dDu+87M9+ef3avyjkG2tmK4nubOWNrwRIE
eyYRMZ7JqVen9pIrXwJauiA+QLk8sKaeurv/ZfSm357+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org