Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/zFFP_crI5Dk-hFd1V4wKmCM46vo.roa
File:                     zFFP_crI5Dk-hFd1V4wKmCM46vo.roa (raw, json)
Hash identifier:          QCD6Wk/pL/t84d7UaNJlo9x0PInAheavRVvVCkDNqHc=
Subject key identifier:   CC:51:4F:FD:CA:C8:E4:39:3E:84:57:75:57:8C:0A:98:23:38:EA:FA
Certificate issuer:       /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial:       0AA6493F
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/zFFP_crI5Dk-hFd1V4wKmCM46vo.roa
Signing time:             Sat 01 Jan 2022 12:00:00 +0000
ROA not before:           Sat 01 Jan 2022 12:00:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24891
IP address blocks:        82.222.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 178669887 (0xaa6493f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
        Validity
            Not Before: Jan  1 12:00:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cc514ffdcac8e4393e845775578c0a982338eafa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b9:94:d6:f0:ed:c9:70:a7:4d:61:9e:6e:c9:
                    21:ff:62:e9:00:be:b4:6d:b0:e4:a3:33:1f:66:ce:
                    b5:55:85:ea:87:3d:ab:ff:76:c7:8c:3c:b6:50:0a:
                    93:a9:8d:47:05:1e:ac:59:6e:d9:9a:e0:b7:48:93:
                    ff:8d:66:8f:47:77:c4:dc:c6:5e:3b:de:09:d1:db:
                    2e:e1:d4:43:84:da:21:00:6b:f7:f5:3c:5e:dd:f5:
                    3d:99:01:6d:a9:60:ab:c5:8d:0d:ef:92:47:d7:23:
                    e3:e6:81:b3:84:73:45:e8:a1:a8:b7:97:e5:0a:84:
                    7a:b6:d7:4d:fe:31:90:09:ae:6d:fb:bf:06:fe:27:
                    2a:63:c9:65:7d:3f:cb:03:29:a2:b2:ed:ad:53:37:
                    7d:59:c6:79:bd:e8:fd:1f:0a:47:72:29:07:39:84:
                    e3:1e:bb:42:23:93:ad:86:c1:f1:07:d8:10:fb:db:
                    14:47:b4:7c:df:88:9c:f3:92:86:13:e1:a4:78:65:
                    5b:b3:1b:bd:d3:8e:dc:bc:b3:e6:29:28:06:60:0e:
                    14:02:ab:b3:74:2f:29:dd:8c:6c:2a:a7:b4:7d:93:
                    18:de:5f:56:27:89:0e:f1:bc:59:84:b8:29:9b:c6:
                    55:a4:d0:55:5d:b7:30:9d:c9:69:11:96:25:20:fa:
                    c7:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:51:4F:FD:CA:C8:E4:39:3E:84:57:75:57:8C:0A:98:23:38:EA:FA
            X509v3 Authority Key Identifier:
                keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/zFFP_crI5Dk-hFd1V4wKmCM46vo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.222.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:1b:11:f7:8b:e6:f2:c1:7d:c9:05:5a:81:b8:b7:a6:db:07:
         b8:b6:f9:ff:18:b1:08:d6:cb:73:c8:ee:69:e0:38:56:db:94:
         ad:a6:a5:70:d3:5b:19:18:be:93:3f:ae:3e:73:2f:27:7a:56:
         9c:83:ec:ab:85:a3:f7:0d:09:c0:8c:05:0c:47:81:94:e4:7c:
         9b:fe:5a:a8:27:9c:9d:47:0d:1e:df:06:64:c1:de:d1:5f:93:
         c6:1a:ad:6b:c6:90:fc:a7:f7:58:b1:05:b5:22:5d:e2:7d:5d:
         e6:76:6c:ad:26:f7:38:89:40:c4:79:98:f3:e2:d6:f8:ff:91:
         7d:0f:d5:28:c8:40:22:d7:c6:4e:ed:4e:ca:e9:fc:28:2a:8e:
         73:f7:9a:42:eb:64:95:dd:44:81:41:56:c6:be:72:4f:39:4f:
         96:aa:77:d4:b7:db:5f:5c:05:b8:20:32:9c:6d:40:2a:c0:83:
         d3:af:43:24:e7:1f:5c:cb:f5:98:57:49:03:7e:94:96:9a:6b:
         ac:77:d4:9f:44:8f:55:ee:84:c7:35:7a:0c:d4:5c:b7:d0:12:
         1c:59:39:81:62:57:e4:4e:a3:0f:54:d3:67:31:af:a7:9f:ca:
         ff:3f:80:78:c0:f0:36:db:23:c0:20:61:94:11:cb:6c:8b:6b:
         31:c9:d3:e3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECqZJPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTlkMzBlNjAzNWJlOGI4Mzg2MDYxZjI3MTQ4MWM3MDdlMDRjZTJiMB4XDTIyMDEw
MTEyMDAwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M1MTRmZmRjYWM4
ZTQzOTNlODQ1Nzc1NTc4YzBhOTgyMzM4ZWFmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMO5lNbw7clwp01hnm7JIf9i6QC+tG2w5KMzH2bOtVWF6oc9
q/92x4w8tlAKk6mNRwUerFlu2Zrgt0iT/41mj0d3xNzGXjveCdHbLuHUQ4TaIQBr
9/U8Xt31PZkBbalgq8WNDe+SR9cj4+aBs4RzReihqLeX5QqEerbXTf4xkAmubfu/
Bv4nKmPJZX0/ywMporLtrVM3fVnGeb3o/R8KR3IpBzmE4x67QiOTrYbB8QfYEPvb
FEe0fN+InPOShhPhpHhlW7MbvdOO3Lyz5ikoBmAOFAKrs3QvKd2MbCqntH2TGN5f
VieJDvG8WYS4KZvGVaTQVV23MJ3JaRGWJSD6xyECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTMUU/9ysjkOT6EV3VXjAqYIzjq+jAfBgNVHSMEGDAWgBS6nTDmA1vouDhg
YfJxSBxwfgTOKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VwMHc1Z05iNkxnNFlHSHljVWdjY0g0RXppcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8x
L3pGRlBfY3JJNURrLWhGZDFWNHdLbUNNNDZ2by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8xL3VwMHc1Z05iNkxn
NFlHSHljVWdjY0g0RXppcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFLeqTANBgkqhkiG9w0BAQsFAAOC
AQEAKRsR94vm8sF9yQVagbi3ptsHuLb5/xixCNbLc8juaeA4VtuUraalcNNbGRi+
kz+uPnMvJ3pWnIPsq4Wj9w0JwIwFDEeBlOR8m/5aqCecnUcNHt8GZMHe0V+Txhqt
a8aQ/Kf3WLEFtSJd4n1d5nZsrSb3OIlAxHmY8+LW+P+RfQ/VKMhAItfGTu1Oyun8
KCqOc/eaQutkld1EgUFWxr5yTzlPlqp31LfbX1wFuCAynG1AKsCD069DJOcfXMv1
mFdJA36UlpprrHfUn0SPVe6ExzV6DNRct9ASHFk5gWJX5E6jD1TTZzGvp5/K/z+A
eMDwNtsjwCBhlBHLbItrMcnT4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:00 2024 by rpki-client on console-ams.rpki-client.org