Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/9zn51BoSDe1eAdf1Rnfa4FeMzds.roa
File:                     9zn51BoSDe1eAdf1Rnfa4FeMzds.roa (raw, json)
Hash identifier:          DHS8qMk5B19MlxgRK+Rk4nvAQ7kP8X6og+ddUVsKxb0=
Subject key identifier:   F7:39:F9:D4:1A:12:0D:ED:5E:01:D7:F5:46:77:DA:E0:57:8C:CD:DB
Certificate issuer:       /CN=d90d2681514aefee9d3c86e1eae35736c84d1c09
Certificate serial:       08326165
Authority key identifier: D9:0D:26:81:51:4A:EF:EE:9D:3C:86:E1:EA:E3:57:36:C8:4D:1C:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/9zn51BoSDe1eAdf1Rnfa4FeMzds.roa
Signing time:             Tue 12 Apr 2022 08:03:35 +0000
ROA not before:           Tue 12 Apr 2022 08:03:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13101
IP address blocks:        193.143.2.0/23 maxlen: 23
                          193.143.6.0/23 maxlen: 23
                          199.175.220.0/22 maxlen: 22
                          103.204.204.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137519461 (0x8326165)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90d2681514aefee9d3c86e1eae35736c84d1c09
        Validity
            Not Before: Apr 12 08:03:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f739f9d41a120ded5e01d7f54677dae0578ccddb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f1:8a:b9:60:de:95:cd:c2:ff:99:92:1f:de:
                    27:c4:1c:a3:61:56:8a:33:fe:fd:16:a9:1d:75:66:
                    31:3f:13:70:f5:43:3c:13:1f:b2:5d:07:d9:df:d9:
                    fd:a7:fa:4f:94:1d:12:2c:a2:b6:4c:41:dd:d8:68:
                    69:6b:06:8d:c9:d8:c9:97:17:db:21:67:ec:97:4a:
                    74:6b:19:2d:6c:7f:17:c1:c3:46:93:bf:bc:8f:ae:
                    fe:6a:5b:09:7c:f6:07:59:94:b7:2b:a5:37:31:df:
                    8f:04:4a:16:b6:2b:7c:15:21:e1:d9:d1:71:54:aa:
                    b5:10:92:4e:f4:30:f1:b5:87:26:06:73:35:bc:f2:
                    7d:5d:1a:0a:96:d1:44:ee:7b:ed:e0:58:9f:90:e0:
                    4c:32:5b:ed:7d:a6:0f:d0:30:93:7a:1e:f2:1a:67:
                    42:f2:2a:70:99:90:dc:11:02:00:9f:3c:1e:fa:74:
                    02:95:f9:77:75:4c:72:14:33:80:ed:9c:83:32:1d:
                    a3:95:bd:9e:dd:5e:0e:51:0e:6a:46:91:3b:db:8f:
                    28:43:2d:2d:cb:43:dc:9e:3f:16:79:b5:9d:76:68:
                    0a:d0:f4:6e:7e:86:dc:71:61:c4:9a:6e:63:94:c6:
                    5b:6b:9f:a6:b7:70:e2:e4:6e:12:4f:44:26:25:e1:
                    76:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:39:F9:D4:1A:12:0D:ED:5E:01:D7:F5:46:77:DA:E0:57:8C:CD:DB
            X509v3 Authority Key Identifier:
                keyid:D9:0D:26:81:51:4A:EF:EE:9D:3C:86:E1:EA:E3:57:36:C8:4D:1C:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/9zn51BoSDe1eAdf1Rnfa4FeMzds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.204.204.0/22
                  193.143.2.0/23
                  193.143.6.0/23
                  199.175.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:ad:8b:cd:85:50:b2:8a:83:a7:bb:49:3b:8a:3b:61:15:65:
         53:cc:da:25:c9:dc:b7:e7:b4:44:ba:53:c3:df:ef:fb:85:43:
         43:58:73:0b:df:c2:fb:39:59:76:4d:7c:3c:a4:25:e8:69:78:
         0d:bc:45:f2:75:28:2c:8b:85:9a:83:12:ee:af:e4:6b:bd:5c:
         03:43:7e:5f:4d:a0:af:87:4c:60:98:a3:fe:22:c6:4d:fb:0b:
         f8:f8:17:c2:54:89:11:d4:34:8b:1a:61:df:d7:7e:73:43:1f:
         a3:8f:da:e7:b4:2b:29:64:83:aa:61:d9:6d:ae:37:d6:ac:3a:
         ad:40:1b:35:11:fe:e0:66:a9:41:45:be:60:b2:13:cc:a4:f0:
         16:89:ed:84:49:fe:e7:cc:37:89:4a:f6:28:74:5a:9e:8e:dd:
         8b:d8:5d:12:2e:7a:2c:a6:f6:06:ed:7d:ba:08:52:ef:95:91:
         38:0c:58:b5:1f:17:43:d4:a4:e5:25:b1:13:97:cf:d3:6b:50:
         73:31:17:4b:58:c2:9c:dd:2f:5c:3e:88:ac:62:02:2f:95:07:
         eb:35:be:49:e2:ff:36:20:0f:a6:38:8c:42:f2:95:b2:01:5e:
         f6:88:43:a1:83:c1:83:d3:a5:98:9c:8b:a9:27:66:3d:ba:86:
         0a:ab:a4:b1
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECDJhZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTBkMjY4MTUxNGFlZmVlOWQzYzg2ZTFlYWUzNTczNmM4NGQxYzA5MB4XDTIyMDQx
MjA4MDMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjczOWY5ZDQxYTEy
MGRlZDVlMDFkN2Y1NDY3N2RhZTA1NzhjY2RkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbxirlg3pXNwv+Zkh/eJ8Qco2FWijP+/RapHXVmMT8TcPVD
PBMfsl0H2d/Z/af6T5QdEiyitkxB3dhoaWsGjcnYyZcX2yFn7JdKdGsZLWx/F8HD
RpO/vI+u/mpbCXz2B1mUtyulNzHfjwRKFrYrfBUh4dnRcVSqtRCSTvQw8bWHJgZz
NbzyfV0aCpbRRO577eBYn5DgTDJb7X2mD9Awk3oe8hpnQvIqcJmQ3BECAJ88Hvp0
ApX5d3VMchQzgO2cgzIdo5W9nt1eDlEOakaRO9uPKEMtLctD3J4/Fnm1nXZoCtD0
bn6G3HFhxJpuY5TGW2ufprdw4uRuEk9EJiXhdt0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBT3OfnUGhIN7V4B1/VGd9rgV4zN2zAfBgNVHSMEGDAWgBTZDSaBUUrv7p08
huHq41c2yE0cCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJRMG1nVkZLNy02ZFBJYmg2dU5YTnNoTkhBay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvZTBkOTU2LTdiODctNGVkZC1iOTQ0LTFkMGYyOWI0Yjk3Zi8x
Lzl6bjUxQm9TRGUxZUFkZjFSbmZhNEZlTXpkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
ZTBkOTU2LTdiODctNGVkZC1iOTQ0LTFkMGYyOWI0Yjk3Zi8xLzJRMG1nVkZLNy02
ZFBJYmg2dU5YTnNoTkhBay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAmfMzAMEAcGPAgMEAcGPBgMEAsev
3DANBgkqhkiG9w0BAQsFAAOCAQEAn62LzYVQsoqDp7tJO4o7YRVlU8zaJcnct+e0
RLpTw9/v+4VDQ1hzC9/C+zlZdk18PKQl6Gl4DbxF8nUoLIuFmoMS7q/ka71cA0N+
X02gr4dMYJij/iLGTfsL+PgXwlSJEdQ0ixph39d+c0Mfo4/a57QrKWSDqmHZba43
1qw6rUAbNRH+4GapQUW+YLITzKTwFonthEn+58w3iUr2KHRano7di9hdEi56LKb2
Bu19ughS75WROAxYtR8XQ9Sk5SWxE5fP02tQczEXS1jCnN0vXD6IrGICL5UH6zW+
SeL/NiAPpjiMQvKVsgFe9ohDoYPBg9OlmJyLqSdmPbqGCquksQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:53 2024 by rpki-client on console-ams.rpki-client.org