Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/2ZDdEZr4b5NAQt9cr6xG5wJC0tY.roa
File:                     2ZDdEZr4b5NAQt9cr6xG5wJC0tY.roa (raw, json)
Hash identifier:          Rl1VnVWHGRwtX4olOWJSAboVXCKj8bUR4fBc2oGHAfc=
Subject key identifier:   D9:90:DD:11:9A:F8:6F:93:40:42:DF:5C:AF:AC:46:E7:02:42:D2:D6
Certificate issuer:       /CN=612c1c53f6c1d996236cbb37ba3247670399a62d
Certificate serial:       023DE0
Authority key identifier: 61:2C:1C:53:F6:C1:D9:96:23:6C:BB:37:BA:32:47:67:03:99:A6:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/2ZDdEZr4b5NAQt9cr6xG5wJC0tY.roa
Signing time:             Tue 05 Apr 2022 08:09:02 +0000
ROA not before:           Tue 05 Apr 2022 08:09:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31238
IP address blocks:        83.220.9.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 146912 (0x23de0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=612c1c53f6c1d996236cbb37ba3247670399a62d
        Validity
            Not Before: Apr  5 08:09:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d990dd119af86f934042df5cafac46e70242d2d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:a2:1f:f2:d1:92:03:ae:36:41:da:f8:02:6b:
                    96:68:f4:6e:1c:d4:1b:b7:ce:8d:62:c6:ab:b4:1f:
                    fb:8e:75:cf:20:4e:cc:3c:82:f9:10:ad:b4:cf:9b:
                    ea:33:84:2c:e0:e8:ae:b0:c7:44:47:6d:7c:2d:f8:
                    98:a3:2a:9a:67:79:54:83:cf:12:51:6c:16:a9:54:
                    0d:2c:3d:07:74:e5:d8:c2:1d:94:ed:89:ee:88:0d:
                    6a:9b:71:23:5a:fb:a1:f3:50:fd:5a:20:d3:55:a2:
                    10:74:b6:20:35:5c:c7:68:8d:cc:89:18:9f:73:aa:
                    e7:32:05:2e:b5:70:c6:43:57:f4:19:0c:e2:09:ad:
                    e1:98:5d:4c:aa:74:27:0c:c0:a4:e6:6b:73:40:26:
                    8f:56:a9:79:9c:07:fa:ca:72:a7:10:18:8d:84:68:
                    11:f8:ad:c6:25:74:fe:13:1b:6e:42:40:00:ee:b2:
                    9a:01:e6:a1:bb:07:82:aa:15:b4:e2:c8:4c:5e:32:
                    02:49:3d:ea:db:fa:13:cb:84:8b:c2:31:17:33:1b:
                    cc:01:69:5d:f9:a0:c5:bb:68:5a:b4:53:1e:87:43:
                    fb:71:4a:5c:bf:67:6d:23:1f:f5:8e:f6:88:b3:a1:
                    43:03:4c:79:3e:8d:c5:ec:5b:9f:44:e8:2e:c7:68:
                    ad:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:90:DD:11:9A:F8:6F:93:40:42:DF:5C:AF:AC:46:E7:02:42:D2:D6
            X509v3 Authority Key Identifier:
                keyid:61:2C:1C:53:F6:C1:D9:96:23:6C:BB:37:BA:32:47:67:03:99:A6:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/2ZDdEZr4b5NAQt9cr6xG5wJC0tY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.220.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:9d:0d:22:a2:2b:93:4d:24:40:22:3f:a5:ec:84:1f:fa:80:
         92:ea:c0:5f:58:72:23:76:dd:71:31:69:61:60:ac:9f:28:26:
         be:3c:bd:74:7f:d3:85:4e:13:c2:55:20:53:f6:23:69:3f:f7:
         87:67:ac:ec:a8:48:b0:6e:97:46:a8:fd:08:bb:2a:6f:78:f1:
         23:e5:8c:59:3d:b4:51:36:a7:73:dc:d1:80:8a:01:d3:1d:7b:
         18:7c:18:22:93:d2:53:f1:81:b1:17:c4:91:47:a6:b8:d0:4d:
         08:2a:34:52:ce:a0:58:e2:26:2b:76:1c:77:3e:b1:46:8b:46:
         8c:e6:7b:20:96:98:93:05:49:eb:6d:c7:f3:1f:37:ff:82:cc:
         a0:86:58:0c:40:de:39:24:07:f5:b1:4e:5d:c5:35:30:3d:c7:
         01:13:7d:de:59:62:da:07:7e:90:87:99:4e:5e:a4:a1:ea:fb:
         3c:58:e5:98:4c:69:f5:b2:0d:54:f9:36:e8:a1:4c:a6:a9:e4:
         79:d8:41:1d:ff:62:9d:bc:64:70:b2:aa:3e:4b:ff:9f:70:6a:
         a8:7d:53:d8:de:81:92:38:95:6b:b8:98:bf:41:dc:6c:5e:10:
         a7:77:fc:2c:46:d1:47:a6:d3:28:2f:d2:25:2e:cf:9d:7c:e8:
         58:09:6a:f2
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAj3gMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYx
MmMxYzUzZjZjMWQ5OTYyMzZjYmIzN2JhMzI0NzY3MDM5OWE2MmQwHhcNMjIwNDA1
MDgwOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkOTkwZGQxMTlhZjg2
ZjkzNDA0MmRmNWNhZmFjNDZlNzAyNDJkMmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4aIf8tGSA642Qdr4AmuWaPRuHNQbt86NYsartB/7jnXPIE7M
PIL5EK20z5vqM4Qs4OiusMdER218LfiYoyqaZ3lUg88SUWwWqVQNLD0HdOXYwh2U
7YnuiA1qm3EjWvuh81D9WiDTVaIQdLYgNVzHaI3MiRifc6rnMgUutXDGQ1f0GQzi
Ca3hmF1MqnQnDMCk5mtzQCaPVql5nAf6ynKnEBiNhGgR+K3GJXT+ExtuQkAA7rKa
AeahuweCqhW04shMXjICST3q2/oTy4SLwjEXMxvMAWld+aDFu2hatFMeh0P7cUpc
v2dtIx/1jvaIs6FDA0x5Po3F7FufROgux2itTQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFNmQ3RGa+G+TQELfXK+sRucCQtLWMB8GA1UdIwQYMBaAFGEsHFP2wdmWI2y7
N7oyR2cDmaYtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WVN3Y1VfYkIyWllqYkxzM3VqSkhad09acGkwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hZi9mMDA3OGUtZDBjNy00MjhlLTk1MjQtZWNhZjU3OGEzNGUzLzEv
MlpEZEVacjRiNU5BUXQ5Y3I2eEc1d0pDMHRZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9m
MDA3OGUtZDBjNy00MjhlLTk1MjQtZWNhZjU3OGEzNGUzLzEvWVN3Y1VfYkIyWllq
YkxzM3VqSkhad09acGkwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU9wJMA0GCSqGSIb3DQEBCwUAA4IB
AQCgnQ0ioiuTTSRAIj+l7IQf+oCS6sBfWHIjdt1xMWlhYKyfKCa+PL10f9OFThPC
VSBT9iNpP/eHZ6zsqEiwbpdGqP0IuypvePEj5YxZPbRRNqdz3NGAigHTHXsYfBgi
k9JT8YGxF8SRR6a40E0IKjRSzqBY4iYrdhx3PrFGi0aM5nsglpiTBUnrbcfzHzf/
gsyghlgMQN45JAf1sU5dxTUwPccBE33eWWLaB36Qh5lOXqSh6vs8WOWYTGn1sg1U
+TbooUymqeR52EEd/2KdvGRwsqo+S/+fcGqofVPY3oGSOJVruJi/QdxsXhCnd/ws
RtFHptMoL9IlLs+dfOhYCWry
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:35 2024 by rpki-client on console-ams.rpki-client.org