Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/4b83db-f4ff-4f0c-a3f6-154574fbb389/1/mazj90-809C-SXvYtJwLDxrlZto.roa
File:                     mazj90-809C-SXvYtJwLDxrlZto.roa (raw, json)
Hash identifier:          UDkIC26js1HJGVCDPxokjg0W4afcxBKkaefFO/5+GUI=
Subject key identifier:   99:AC:E3:F7:4F:BC:D3:D0:BE:49:7B:D8:B4:9C:0B:0F:1A:E5:66:DA
Certificate issuer:       /CN=7339870e10262c6709b7b61637134b5f9a6c78ca
Certificate serial:       091E56A4
Authority key identifier: 73:39:87:0E:10:26:2C:67:09:B7:B6:16:37:13:4B:5F:9A:6C:78:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/czmHDhAmLGcJt7YWNxNLX5pseMo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/4b83db-f4ff-4f0c-a3f6-154574fbb389/1/mazj90-809C-SXvYtJwLDxrlZto.roa
Signing time:             Sat 01 Jan 2022 14:01:31 +0000
ROA not before:           Sat 01 Jan 2022 14:01:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25091
IP address blocks:        213.139.244.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152983204 (0x91e56a4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7339870e10262c6709b7b61637134b5f9a6c78ca
        Validity
            Not Before: Jan  1 14:01:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=99ace3f74fbcd3d0be497bd8b49c0b0f1ae566da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:35:0b:a0:8c:45:ac:b6:11:78:81:af:35:90:
                    2b:d8:9c:4b:13:2f:fb:47:3b:21:84:ec:4c:bb:d9:
                    31:2a:fb:f5:6f:06:94:b6:fc:4a:e3:27:e0:25:78:
                    3f:c9:64:6b:35:3f:45:ea:2b:2f:82:9a:ee:f2:c5:
                    b7:d9:0e:a5:04:fe:c8:26:b4:1b:ee:9e:2d:71:93:
                    5f:19:40:38:b9:89:e0:39:cd:4f:d7:7c:f9:29:49:
                    19:61:63:95:9d:27:ac:da:71:37:f1:ee:73:13:98:
                    da:47:ca:2f:dd:fc:19:22:67:f4:93:d9:0b:94:86:
                    eb:ba:66:d4:be:0b:18:a7:a6:19:23:0f:b4:84:9d:
                    e4:ec:73:d6:62:06:3d:50:4c:c5:21:53:cb:51:02:
                    4b:49:c8:fe:a4:d8:d9:45:39:18:6e:7d:65:d4:51:
                    26:38:87:93:77:3b:58:f6:74:bf:a5:78:c3:e6:22:
                    f0:9a:a3:b8:4a:12:b9:bb:0e:42:21:52:9f:b4:be:
                    dd:d7:b0:64:62:fc:9c:2f:61:0e:6d:71:75:84:6b:
                    bb:c3:b0:35:ac:cf:3e:7c:28:07:b1:59:c6:58:08:
                    3d:af:4a:d9:a2:68:2f:ed:f9:53:b2:68:25:9f:b8:
                    ff:23:48:03:eb:16:f1:66:4c:7f:3a:cb:d9:3d:d2:
                    6e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:AC:E3:F7:4F:BC:D3:D0:BE:49:7B:D8:B4:9C:0B:0F:1A:E5:66:DA
            X509v3 Authority Key Identifier:
                keyid:73:39:87:0E:10:26:2C:67:09:B7:B6:16:37:13:4B:5F:9A:6C:78:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czmHDhAmLGcJt7YWNxNLX5pseMo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4b83db-f4ff-4f0c-a3f6-154574fbb389/1/mazj90-809C-SXvYtJwLDxrlZto.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4b83db-f4ff-4f0c-a3f6-154574fbb389/1/czmHDhAmLGcJt7YWNxNLX5pseMo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.139.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:17:c5:a5:34:89:77:93:d5:88:8c:17:f1:4d:d1:36:aa:7c:
         5d:38:9a:67:ea:f1:04:43:44:29:17:59:c8:f2:87:3e:0e:12:
         0f:11:6a:be:00:d7:a5:0d:a9:96:65:81:41:71:36:24:9c:8e:
         59:4b:1f:c5:88:b7:b8:3e:ff:ac:7b:83:8c:fd:00:8b:2a:23:
         af:67:03:24:ff:eb:51:74:cb:85:5d:82:2a:fc:93:ba:48:ec:
         9f:d7:a4:42:97:7e:8c:1c:68:c4:d4:0f:ec:2a:04:c0:b5:59:
         2f:92:f7:3d:ff:aa:37:51:2e:ec:b7:3d:c0:27:69:c1:d9:7d:
         35:1f:26:89:85:09:45:91:85:3d:1c:78:18:9a:a0:41:0c:89:
         e2:4c:5b:b4:f6:b0:7a:a5:fb:c1:4e:47:95:7e:e1:c1:c5:a6:
         ab:b7:0c:37:9e:7b:f2:9a:5c:d1:55:8f:07:df:b5:a2:a6:d1:
         6d:21:9d:4c:86:da:89:43:c0:d4:1b:c5:bc:eb:a9:56:04:0b:
         4e:36:a2:de:74:22:97:43:2d:e1:09:a5:82:ba:57:c8:72:11:
         95:46:04:85:fe:b2:01:f3:4f:49:ee:22:61:1d:58:31:75:85:
         59:b9:13:bc:21:d5:47:77:23:d4:97:b5:68:59:e6:37:c7:49:
         c2:68:41:1f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECR5WpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzM5ODcwZTEwMjYyYzY3MDliN2I2MTYzNzEzNGI1ZjlhNmM3OGNhMB4XDTIyMDEw
MTE0MDEzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTlhY2UzZjc0ZmJj
ZDNkMGJlNDk3YmQ4YjQ5YzBiMGYxYWU1NjZkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL01C6CMRay2EXiBrzWQK9icSxMv+0c7IYTsTLvZMSr79W8G
lLb8SuMn4CV4P8lkazU/ReorL4Ka7vLFt9kOpQT+yCa0G+6eLXGTXxlAOLmJ4DnN
T9d8+SlJGWFjlZ0nrNpxN/HucxOY2kfKL938GSJn9JPZC5SG67pm1L4LGKemGSMP
tISd5Oxz1mIGPVBMxSFTy1ECS0nI/qTY2UU5GG59ZdRRJjiHk3c7WPZ0v6V4w+Yi
8JqjuEoSubsOQiFSn7S+3dewZGL8nC9hDm1xdYRru8OwNazPPnwoB7FZxlgIPa9K
2aJoL+35U7JoJZ+4/yNIA+sW8WZMfzrL2T3Sbv0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSZrOP3T7zT0L5Je9i0nAsPGuVm2jAfBgNVHSMEGDAWgBRzOYcOECYsZwm3
thY3E0tfmmx4yjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2N6bUhEaEFtTEdjSnQ3WVdOeE5MWDVwc2VNby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvNGI4M2RiLWY0ZmYtNGYwYy1hM2Y2LTE1NDU3NGZiYjM4OS8x
L21hemo5MC04MDlDLVNYdll0SndMRHhybFp0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
NGI4M2RiLWY0ZmYtNGYwYy1hM2Y2LTE1NDU3NGZiYjM4OS8xL2N6bUhEaEFtTEdj
SnQ3WVdOeE5MWDVwc2VNby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtWL9DANBgkqhkiG9w0BAQsFAAOC
AQEADhfFpTSJd5PViIwX8U3RNqp8XTiaZ+rxBENEKRdZyPKHPg4SDxFqvgDXpQ2p
lmWBQXE2JJyOWUsfxYi3uD7/rHuDjP0Aiyojr2cDJP/rUXTLhV2CKvyTukjsn9ek
Qpd+jBxoxNQP7CoEwLVZL5L3Pf+qN1Eu7Lc9wCdpwdl9NR8miYUJRZGFPRx4GJqg
QQyJ4kxbtPaweqX7wU5HlX7hwcWmq7cMN5578ppc0VWPB9+1oqbRbSGdTIbaiUPA
1BvFvOupVgQLTjai3nQil0Mt4QmlgrpXyHIRlUYEhf6yAfNPSe4iYR1YMXWFWbkT
vCHVR3cj1Je1aFnmN8dJwmhBHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:40 2024 by rpki-client on console-ams.rpki-client.org