Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/n-lJkhIek9ad5G47d2gE9UNZCqE.roa
File:                     n-lJkhIek9ad5G47d2gE9UNZCqE.roa (raw, json)
Hash identifier:          GTUwyIMc+uVbZRaAt8+rm39En4f/4P+UcwMlvz1xk9o=
Subject key identifier:   9F:E9:49:92:12:1E:93:D6:9D:E4:6E:3B:77:68:04:F5:43:59:0A:A1
Certificate issuer:       /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial:       02E0B205
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/n-lJkhIek9ad5G47d2gE9UNZCqE.roa
Signing time:             Sat 07 May 2022 17:15:29 +0000
ROA not before:           Sat 07 May 2022 17:15:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        83.97.100.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 48280069 (0x2e0b205)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
        Validity
            Not Before: May  7 17:15:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9fe94992121e93d69de46e3b776804f543590aa1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:ec:94:d0:25:1e:e9:fa:7e:bf:f3:91:7a:4f:
                    c5:36:1a:ae:25:58:44:00:e5:c9:44:61:3a:94:48:
                    9e:12:5d:bb:ae:46:ee:4c:97:f5:d3:c6:76:e5:14:
                    ef:19:45:eb:47:c1:a5:d7:22:cb:e1:5b:9f:a5:e0:
                    9a:00:73:f0:b5:21:e0:a5:a1:56:30:d0:1b:07:dd:
                    93:aa:89:9c:fc:cf:ec:86:c9:81:1b:60:99:9f:be:
                    e0:f9:d2:dd:2a:8d:de:a1:2b:c7:47:8c:b8:02:74:
                    90:73:e2:23:15:9d:05:d8:5d:f4:6b:ba:1e:1d:6a:
                    0f:71:53:56:7e:5d:d7:7b:f0:df:05:ab:08:88:16:
                    94:60:bd:f6:0b:0c:65:6b:e6:bc:66:c2:e9:83:f4:
                    0d:7f:8b:98:7c:8c:8b:3a:7b:d3:88:f4:ac:f9:80:
                    94:34:b6:7c:9f:53:76:42:46:61:f2:34:cb:48:c0:
                    c8:99:2f:c4:4d:07:dc:d7:84:b9:20:04:17:25:84:
                    3a:c8:e8:d0:d7:af:07:6b:fe:4b:d3:0b:b7:23:45:
                    bc:5a:a1:6f:a1:95:a4:79:fc:23:1b:24:2d:7f:71:
                    f7:75:79:19:10:e3:ee:17:82:b4:c3:4f:14:e1:41:
                    61:03:24:cd:b7:19:fd:e7:68:b4:7a:8c:6b:e3:4a:
                    e7:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:E9:49:92:12:1E:93:D6:9D:E4:6E:3B:77:68:04:F5:43:59:0A:A1
            X509v3 Authority Key Identifier:
                keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/n-lJkhIek9ad5G47d2gE9UNZCqE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.97.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         90:32:8f:39:30:d3:e4:35:6b:2d:58:5e:6a:1a:10:3f:72:cd:
         44:c6:49:24:7e:0e:49:66:f8:16:2e:2b:2d:51:b0:e9:03:77:
         57:96:28:7b:08:6a:27:55:b9:72:6c:75:d6:3e:6e:14:00:5f:
         68:ed:9d:48:f0:92:a7:19:a8:61:69:f3:2a:4d:cf:c3:bc:ac:
         b5:f3:be:6b:6e:d3:e9:3b:4c:96:57:13:ec:d3:59:6f:79:71:
         5d:78:03:47:cd:d4:4a:1f:cd:87:07:f5:88:ef:55:fd:19:3b:
         f5:ea:f1:0f:eb:1f:ba:99:8c:3c:7b:34:7e:d4:4b:80:6e:24:
         cd:cf:0d:ac:aa:27:c3:f9:ec:72:4b:0d:1b:fb:e6:31:bc:94:
         95:67:58:1a:fe:99:0d:68:ac:81:a0:80:2c:9e:03:5d:f2:1f:
         32:4b:6b:26:eb:7b:2f:6d:d2:ed:56:33:9a:dd:d1:ec:6f:60:
         82:5b:a2:f6:ff:fe:7b:87:11:6e:cd:d3:f3:3e:b4:93:c2:7e:
         f5:04:24:f2:4f:63:30:7a:4c:f2:a5:f3:74:f9:69:a3:12:68:
         81:0d:8e:19:3e:8b:e7:ca:3b:62:4b:57:30:a9:27:be:ec:f9:
         72:1d:d6:51:7f:b5:03:64:19:98:d4:cd:23:76:6a:22:9c:52:
         45:81:e0:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAuCyBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzRlZDk0MmU1Yzc0MmU3N2JmYjliZWI5NTRmODcyNTM0ZjUyODQ4MB4XDTIyMDUw
NzE3MTUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWZlOTQ5OTIxMjFl
OTNkNjlkZTQ2ZTNiNzc2ODA0ZjU0MzU5MGFhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPXslNAlHun6fr/zkXpPxTYariVYRADlyURhOpRInhJdu65G
7kyX9dPGduUU7xlF60fBpdciy+Fbn6XgmgBz8LUh4KWhVjDQGwfdk6qJnPzP7IbJ
gRtgmZ++4PnS3SqN3qErx0eMuAJ0kHPiIxWdBdhd9Gu6Hh1qD3FTVn5d13vw3wWr
CIgWlGC99gsMZWvmvGbC6YP0DX+LmHyMizp704j0rPmAlDS2fJ9TdkJGYfI0y0jA
yJkvxE0H3NeEuSAEFyWEOsjo0NevB2v+S9MLtyNFvFqhb6GVpHn8IxskLX9x93V5
GRDj7heCtMNPFOFBYQMkzbcZ/edotHqMa+NK57sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSf6UmSEh6T1p3kbjt3aAT1Q1kKoTAfBgNVHSMEGDAWgBQ8TtlC5cdC53v7
m+uVT4clNPUoSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BFN1pRdVhIUXVkNy01dnJsVS1ISlRUMUtFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvMWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8x
L24tbEpraEllazlhZDVHNDdkMmdFOVVOWkNxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
MWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8xL1BFN1pRdVhIUXVk
Ny01dnJsVS1ISlRUMUtFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlNhZDANBgkqhkiG9w0BAQsFAAOC
AQEAkDKPOTDT5DVrLVheahoQP3LNRMZJJH4OSWb4Fi4rLVGw6QN3V5YoewhqJ1W5
cmx11j5uFABfaO2dSPCSpxmoYWnzKk3Pw7ystfO+a27T6TtMllcT7NNZb3lxXXgD
R83USh/Nhwf1iO9V/Rk79erxD+sfupmMPHs0ftRLgG4kzc8NrKonw/nscksNG/vm
MbyUlWdYGv6ZDWisgaCALJ4DXfIfMktrJut7L23S7VYzmt3R7G9gglui9v/+e4cR
bs3T8z60k8J+9QQk8k9jMHpM8qXzdPlpoxJogQ2OGT6L58o7YktXMKknvuz5ch3W
UX+1A2QZmNTNI3ZqIpxSRYHg2w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:54 2023 by rpki-client on console-ams.rpki-client.org