Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/uZfAra-vgLgElYWLwKwDH9Dfj_k.roa
File:                     uZfAra-vgLgElYWLwKwDH9Dfj_k.roa (raw, json)
Hash identifier:          A1WQFdPAKtZSKFpCplZ8G3tmSddKgwrKfdGh21tfaMg=
Subject key identifier:   B9:97:C0:AD:AF:AF:80:B8:04:95:85:8B:C0:AC:03:1F:D0:DF:8F:F9
Certificate issuer:       /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial:       01828B9CCBA8E2DB56F6F19389E79DC36800
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/uZfAra-vgLgElYWLwKwDH9Dfj_k.roa
Signing time:             Thu 11 Aug 2022 06:34:44 +0000
ROA not before:           Thu 11 Aug 2022 06:34:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212361
IP address blocks:        147.234.90.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:8b:9c:cb:a8:e2:db:56:f6:f1:93:89:e7:9d:c3:68:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
        Validity
            Not Before: Aug 11 06:34:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b997c0adafaf80b80495858bc0ac031fd0df8ff9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:98:07:bc:a1:e8:74:96:4d:38:80:ba:23:84:
                    27:e4:af:82:b2:87:4a:1e:7f:a7:b6:80:c6:6a:84:
                    0f:59:de:3d:34:2e:3c:a4:b7:95:18:b9:a9:88:7b:
                    fd:a0:67:b2:df:2d:1c:ee:b6:8b:15:1a:27:ae:1f:
                    ac:6f:31:91:42:97:21:a0:87:2d:a1:4c:5c:50:1a:
                    49:ff:10:43:2e:78:f2:c5:d8:55:bc:2d:cb:e0:a4:
                    4d:cc:88:50:9f:97:1d:fa:28:c9:51:a7:65:22:71:
                    c8:35:fe:8a:f0:ec:8f:87:42:cf:5a:12:13:2d:bc:
                    15:3a:e4:a9:4a:5a:c8:22:6d:a0:05:89:71:55:5e:
                    d9:78:82:12:fa:ab:e5:c4:21:c5:80:42:84:31:d9:
                    43:6a:20:3f:94:88:13:c5:57:a1:57:47:4a:8c:6e:
                    0f:c2:54:5f:9c:03:8b:6e:29:c2:e8:fb:a0:bf:8e:
                    dd:95:af:54:5b:e1:4f:99:ae:23:e9:04:8e:9f:ac:
                    09:49:10:ad:2f:25:5f:f0:8d:5a:39:34:45:39:3e:
                    7c:d9:f2:5b:93:0a:5f:ed:cf:6a:c9:bc:ae:97:b8:
                    c5:15:02:ba:f5:cb:75:c2:c7:24:4c:4e:d9:dc:3f:
                    ce:a5:6d:b9:ec:43:d6:44:d9:47:f6:56:88:39:b4:
                    a8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:97:C0:AD:AF:AF:80:B8:04:95:85:8B:C0:AC:03:1F:D0:DF:8F:F9
            X509v3 Authority Key Identifier:
                keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/uZfAra-vgLgElYWLwKwDH9Dfj_k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.234.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:58:42:ab:f7:e1:7c:ee:b7:20:d7:76:43:0b:12:39:67:9a:
         7d:e7:16:88:28:75:03:23:41:be:e2:13:65:de:0b:b5:4f:36:
         17:62:8e:7c:93:7e:26:36:fc:6c:5b:d1:5c:dd:df:7e:03:5a:
         38:8b:fd:85:e5:2a:b9:66:2e:7c:7a:64:b1:e3:29:e7:36:01:
         b5:3f:be:c3:c4:9d:b8:e7:b1:8a:db:a7:02:4e:e3:15:ee:39:
         43:9b:5d:b1:80:54:d3:6d:cf:6f:25:67:c7:59:1d:dc:4d:85:
         ff:48:af:b0:34:e9:b8:66:32:90:e0:98:41:2b:1d:ff:e2:59:
         c3:f3:fc:df:7b:46:d4:88:8f:e4:f6:32:57:57:37:b0:e4:03:
         bf:45:07:47:37:62:1f:64:25:df:1f:a5:b2:4d:20:2d:77:b0:
         c3:69:fd:59:ff:8c:b0:49:77:9a:b0:3e:4a:b8:dc:8a:ad:10:
         06:d7:3f:e4:b8:f2:96:ae:98:26:c8:82:0e:83:f0:db:05:db:
         51:71:37:4c:56:93:a2:b3:a0:78:0f:7b:a6:b4:ac:7a:96:3d:
         86:b4:e9:e7:87:fe:bd:53:40:97:5b:9c:1d:e4:ed:ca:5a:3b:
         9a:a2:28:b4:41:d9:34:28:a7:44:a7:5c:2b:cb:45:8b:98:b4:
         54:39:68:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKLnMuo4ttW9vGTieedw2gAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjIwODExMDYzNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTk3YzBhZGFmYWY4MGI4MDQ5NTg1OGJjMGFjMDMxZmQwZGY4ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJgHvKHodJZNOIC6I4Qn5K+CsodK
Hn+ntoDGaoQPWd49NC48pLeVGLmpiHv9oGey3y0c7raLFRonrh+sbzGRQpchoIct
oUxcUBpJ/xBDLnjyxdhVvC3L4KRNzIhQn5cd+ijJUadlInHINf6K8OyPh0LPWhIT
LbwVOuSpSlrIIm2gBYlxVV7ZeIIS+qvlxCHFgEKEMdlDaiA/lIgTxVehV0dKjG4P
wlRfnAOLbinC6Pugv47dla9UW+FPma4j6QSOn6wJSRCtLyVf8I1aOTRFOT582fJb
kwpf7c9qybyul7jFFQK69ct1wsckTE7Z3D/OpW257EPWRNlH9laIObSo0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLmXwK2vr4C4BJWFi8CsAx/Q34/5MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvdVpmQXJhLXZnTGdFbFlXTHdLd0RIOURmal9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+paMA0G
CSqGSIb3DQEBCwUAA4IBAQC0WEKr9+F87rcg13ZDCxI5Z5p95xaIKHUDI0G+4hNl
3gu1TzYXYo58k34mNvxsW9Fc3d9+A1o4i/2F5Sq5Zi58emSx4ynnNgG1P77DxJ24
57GK26cCTuMV7jlDm12xgFTTbc9vJWfHWR3cTYX/SK+wNOm4ZjKQ4JhBKx3/4lnD
8/zfe0bUiI/k9jJXVzew5AO/RQdHN2IfZCXfH6WyTSAtd7DDaf1Z/4ywSXeasD5K
uNyKrRAG1z/kuPKWrpgmyIIOg/DbBdtRcTdMVpOis6B4D3umtKx6lj2GtOnnh/69
U0CXW5wd5O3KWjuaoii0Qdk0KKdEp1wry0WLmLRUOWix
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:17 2024 by rpki-client on console-fra.rpki-client.org