Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/48eeUK90ONtv-yXtAGvXEq3WTkc.roa
File:                     48eeUK90ONtv-yXtAGvXEq3WTkc.roa (raw, json)
Hash identifier:          0Pnxc1gLI95h1P7kHWg1y2iCh2SPhw620ntXRupyAEM=
Subject key identifier:   E3:C7:9E:50:AF:74:38:DB:6F:FB:25:ED:00:6B:D7:12:AD:D6:4E:47
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       04EB99AB
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/48eeUK90ONtv-yXtAGvXEq3WTkc.roa
Signing time:             Sat 01 Jan 2022 07:56:33 +0000
ROA not before:           Sat 01 Jan 2022 07:56:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     32181
IP address blocks:        185.77.220.0/22 maxlen: 24
                          83.171.225.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82549163 (0x4eb99ab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jan  1 07:56:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e3c79e50af7438db6ffb25ed006bd712add64e47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:16:ae:e0:50:2d:4e:26:56:e9:42:85:c2:85:
                    65:e8:a2:b2:f6:c6:af:bd:40:ef:d4:5e:55:f8:a6:
                    cb:b3:18:37:86:b5:8b:fc:ec:2d:d4:12:cd:f5:12:
                    8f:52:c0:a2:7b:d8:31:bf:d0:50:ae:1a:69:31:a7:
                    e5:a5:e9:25:11:93:f3:08:45:09:e9:2e:7e:9f:06:
                    5f:31:e4:9a:2c:87:37:0f:a4:77:fc:8f:c8:80:f5:
                    f3:e1:9a:51:41:87:c5:d5:fc:02:93:eb:15:33:2b:
                    e5:10:94:a3:0f:22:b8:9e:aa:71:7f:64:64:56:ed:
                    09:13:f2:1a:ac:d5:87:b0:61:92:f5:e1:49:e3:85:
                    1c:4e:c1:e3:47:e1:1d:9f:60:52:91:07:6c:10:0b:
                    10:4b:b8:c3:1e:53:d4:be:8b:82:23:16:bc:35:62:
                    0a:e8:26:6a:f6:60:2b:16:b1:c1:fb:a2:97:79:16:
                    ed:a9:eb:e7:be:38:5c:59:ad:26:08:19:c0:08:75:
                    9b:8d:7f:19:37:4b:c1:6f:8a:98:cd:ff:73:f2:38:
                    bf:47:c6:3d:b4:12:2f:19:07:60:08:c7:6e:4c:f4:
                    92:b0:0b:3a:f7:6a:fa:85:6a:ac:2f:1e:58:dc:c9:
                    a0:32:69:0d:7c:be:70:46:30:7d:b4:17:06:a6:c9:
                    ba:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:C7:9E:50:AF:74:38:DB:6F:FB:25:ED:00:6B:D7:12:AD:D6:4E:47
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/48eeUK90ONtv-yXtAGvXEq3WTkc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.171.225.0/24
                  185.77.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:dd:9f:80:49:84:99:26:62:d7:5e:92:df:e9:3a:d0:d9:8f:
         40:dd:ff:15:24:7a:64:f9:d8:10:64:9f:01:e4:76:be:35:b9:
         25:16:02:db:2b:a3:18:91:69:60:ce:ce:17:08:1c:90:ad:66:
         6f:f5:7c:a1:d1:b1:6d:a1:f2:6e:a7:18:88:df:1c:49:18:07:
         73:74:ba:60:d6:48:62:f5:76:59:80:76:b8:1c:22:d8:ab:96:
         d9:d8:d5:8e:a1:25:4e:ff:92:ec:95:c9:52:80:6d:6e:0c:9a:
         63:10:61:0d:c1:da:0a:cf:39:33:94:2d:b1:5b:ae:77:89:fe:
         4b:b0:7e:7a:36:21:15:e0:95:99:28:f0:f4:2b:2a:65:18:28:
         50:44:5a:39:fe:d8:f2:d6:6d:a1:44:d7:10:00:bd:40:38:9b:
         15:1c:25:f1:2b:5c:77:4f:77:cc:bd:d5:69:df:6d:72:b2:21:
         b4:b0:e1:ec:f8:e6:b9:c7:8e:e6:8d:74:17:1e:96:10:6a:c0:
         20:bf:46:93:62:cf:2c:81:dc:0c:75:57:95:3d:85:93:4e:81:
         17:15:45:d0:ec:16:10:83:53:11:b2:45:30:a8:c8:9b:d6:b2:
         43:2c:8a:07:25:f2:cd:88:e6:34:60:3d:88:a0:36:16:4f:59:
         30:23:2d:57
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBOuZqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YWVlMTVjMzNkZTM1ODkzOGQ2OTAwYTFiM2MxNDQ4MGEzODllODViMB4XDTIyMDEw
MTA3NTYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTNjNzllNTBhZjc0
MzhkYjZmZmIyNWVkMDA2YmQ3MTJhZGQ2NGU0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPYWruBQLU4mVulChcKFZeiisvbGr71A79ReVfimy7MYN4a1
i/zsLdQSzfUSj1LAonvYMb/QUK4aaTGn5aXpJRGT8whFCekufp8GXzHkmiyHNw+k
d/yPyID18+GaUUGHxdX8ApPrFTMr5RCUow8iuJ6qcX9kZFbtCRPyGqzVh7BhkvXh
SeOFHE7B40fhHZ9gUpEHbBALEEu4wx5T1L6LgiMWvDViCugmavZgKxaxwfuil3kW
7anr5744XFmtJggZwAh1m41/GTdLwW+KmM3/c/I4v0fGPbQSLxkHYAjHbkz0krAL
Ovdq+oVqrC8eWNzJoDJpDXy+cEYwfbQXBqbJutkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTjx55Qr3Q422/7Je0Aa9cSrdZORzAfBgNVHSMEGDAWgBSa7hXDPeNYk41p
AKGzwUSAo4noWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L211NFZ3ejNqV0pPTmFRQ2hzOEZFZ0tPSjZGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8x
LzQ4ZWVVSzkwT050di15WHRBR3ZYRXEzV1RrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8xL211NFZ3ejNqV0pP
TmFRQ2hzOEZFZ0tPSjZGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFOr4QMEArlN3DANBgkqhkiG9w0B
AQsFAAOCAQEAHd2fgEmEmSZi116S3+k60NmPQN3/FSR6ZPnYEGSfAeR2vjW5JRYC
2yujGJFpYM7OFwgckK1mb/V8odGxbaHybqcYiN8cSRgHc3S6YNZIYvV2WYB2uBwi
2KuW2djVjqElTv+S7JXJUoBtbgyaYxBhDcHaCs85M5QtsVuud4n+S7B+ejYhFeCV
mSjw9CsqZRgoUERaOf7Y8tZtoUTXEAC9QDibFRwl8Stcd093zL3Vad9tcrIhtLDh
7PjmuceO5o10Fx6WEGrAIL9Gk2LPLIHcDHVXlT2Fk06BFxVF0OwWEINTEbJFMKjI
m9ayQyyKByXyzYjmNGA9iKA2Fk9ZMCMtVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org