Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/9IS0f5jhX-t0WZNaNItJ729PPqY.roa
File:                     9IS0f5jhX-t0WZNaNItJ729PPqY.roa (raw, json)
Hash identifier:          oy268itjffrYsuIFdI5oh+i17foXS5+xMEN01y+aN0A=
Subject key identifier:   F4:84:B4:7F:98:E1:5F:EB:74:59:93:5A:34:8B:49:EF:6F:4F:3E:A6
Certificate issuer:       /CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Certificate serial:       0B870029
Authority key identifier: 52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/9IS0f5jhX-t0WZNaNItJ729PPqY.roa
Signing time:             Wed 09 Feb 2022 23:26:37 +0000
ROA not before:           Wed 09 Feb 2022 23:26:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15404
IP address blocks:        80.73.104.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 193396777 (0xb870029)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
        Validity
            Not Before: Feb  9 23:26:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f484b47f98e15feb7459935a348b49ef6f4f3ea6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d4:eb:8f:f6:81:7c:f3:75:de:2c:50:db:f2:
                    85:ff:9f:3d:68:72:10:1d:21:5f:dd:a8:43:e5:0b:
                    9a:cb:48:8f:d0:d2:7b:ad:6e:eb:5b:76:37:92:27:
                    33:69:20:e6:1e:6d:a1:92:7b:d8:12:02:87:b6:97:
                    da:48:32:c1:a6:f1:56:fc:9d:be:97:48:52:dd:b3:
                    13:c8:06:67:eb:3a:f6:87:ec:f3:f5:a2:db:24:c0:
                    ed:af:dc:7c:0d:45:2c:3f:3b:8d:76:7b:13:68:60:
                    47:0b:81:69:3b:08:48:a6:a2:4b:87:5f:ab:6b:08:
                    40:8a:b5:0e:f4:91:8e:56:5b:64:1d:22:96:80:86:
                    8a:bf:3c:49:2e:0b:e2:29:d3:a5:aa:5d:cf:bd:4f:
                    45:3c:6f:c1:ca:9a:80:29:cc:f0:79:96:78:62:11:
                    3a:2f:cd:fe:ee:03:9d:c9:86:06:ca:e8:fc:73:e7:
                    96:b4:f4:7d:87:95:3f:b8:07:bb:b9:04:55:7d:73:
                    ce:21:be:ef:b8:e4:f5:2c:49:73:b0:96:17:bb:43:
                    0b:15:aa:81:7f:e2:17:5a:35:f3:be:8c:dd:fe:30:
                    48:00:ad:50:c4:ec:83:9d:f5:4f:5a:ad:4f:8c:5b:
                    22:7e:f4:33:fd:a5:4b:18:33:63:f2:d4:a3:bb:10:
                    a3:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:84:B4:7F:98:E1:5F:EB:74:59:93:5A:34:8B:49:EF:6F:4F:3E:A6
            X509v3 Authority Key Identifier:
                keyid:52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/9IS0f5jhX-t0WZNaNItJ729PPqY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/UqXJDKkoMTvHDSaDuw9k1jKyc6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.73.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:48:75:2b:c1:52:6c:fc:3d:fc:73:13:9f:e9:ad:fd:97:d9:
         00:06:b6:c2:23:4c:25:e5:f4:c4:16:b3:2a:fd:6c:95:29:7c:
         54:be:35:d8:0a:60:99:ca:40:98:99:c0:a5:f6:76:91:9e:10:
         39:7b:e0:d6:f5:f6:66:7b:97:be:8c:5b:63:eb:10:ea:5e:2e:
         cf:ea:d5:f7:2b:4d:f1:7d:b8:40:73:ff:a5:c0:8a:7a:26:c5:
         7c:f2:9e:6f:11:cb:bf:70:a8:6c:93:b8:91:df:b6:65:75:fa:
         08:c4:f4:9d:e5:1b:22:b3:68:5f:f4:37:92:fb:f1:62:c2:a1:
         61:7f:db:eb:36:22:c3:9c:a5:3b:f1:fe:6c:55:15:de:52:00:
         1a:98:69:3d:fd:22:92:b5:c7:6c:ea:df:54:d0:e0:3d:31:9f:
         3d:10:3f:a9:e0:66:4d:32:88:8c:54:fd:57:46:9a:9e:9f:f3:
         54:2d:a4:9f:0b:b1:7d:75:15:26:81:7b:d1:96:31:95:24:01:
         4d:81:0f:06:b5:ec:bf:c1:fc:43:b8:51:fa:e8:de:f5:61:9a:
         b0:6f:a0:4f:c0:27:93:6d:ca:15:e7:1f:e4:46:19:f7:59:ec:
         63:c8:6b:9d:da:47:43:80:d3:7e:7b:24:a4:c7:0e:bb:bf:69:
         c1:59:16:ca
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC4cAKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmE1YzkwY2E5MjgzMTNiYzcwZDI2ODNiYjBmNjRkNjMyYjI3M2ExMB4XDTIyMDIw
OTIzMjYzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ4NGI0N2Y5OGUx
NWZlYjc0NTk5MzVhMzQ4YjQ5ZWY2ZjRmM2VhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDU64/2gXzzdd4sUNvyhf+fPWhyEB0hX92oQ+ULmstIj9DS
e61u61t2N5InM2kg5h5toZJ72BICh7aX2kgywabxVvydvpdIUt2zE8gGZ+s69ofs
8/Wi2yTA7a/cfA1FLD87jXZ7E2hgRwuBaTsISKaiS4dfq2sIQIq1DvSRjlZbZB0i
loCGir88SS4L4inTpapdz71PRTxvwcqagCnM8HmWeGIROi/N/u4DncmGBsro/HPn
lrT0fYeVP7gHu7kEVX1zziG+77jk9SxJc7CWF7tDCxWqgX/iF1o1876M3f4wSACt
UMTsg531T1qtT4xbIn70M/2lSxgzY/LUo7sQo78CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0hLR/mOFf63RZk1o0i0nvb08+pjAfBgNVHSMEGDAWgBRSpckMqSgxO8cN
JoO7D2TWMrJzoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VxWEpES2tvTVR2SERTYUR1dzlrMWpLeWM2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvYzRiN2EwLTFlNTAtNDAzYy1iMjRlLTEzZWQ2MzNmOTIyYS8x
LzlJUzBmNWpoWC10MFdaTmFOSXRKNzI5UFBxWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
YzRiN2EwLTFlNTAtNDAzYy1iMjRlLTEzZWQ2MzNmOTIyYS8xL1VxWEpES2tvTVR2
SERTYUR1dzlrMWpLeWM2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlBJaDANBgkqhkiG9w0BAQsFAAOC
AQEAJUh1K8FSbPw9/HMTn+mt/ZfZAAa2wiNMJeX0xBazKv1slSl8VL412ApgmcpA
mJnApfZ2kZ4QOXvg1vX2ZnuXvoxbY+sQ6l4uz+rV9ytN8X24QHP/pcCKeibFfPKe
bxHLv3CobJO4kd+2ZXX6CMT0neUbIrNoX/Q3kvvxYsKhYX/b6zYiw5ylO/H+bFUV
3lIAGphpPf0ikrXHbOrfVNDgPTGfPRA/qeBmTTKIjFT9V0aanp/zVC2knwuxfXUV
JoF70ZYxlSQBTYEPBrXsv8H8Q7hR+uje9WGasG+gT8Ank23KFecf5EYZ91nsY8hr
ndpHQ4DTfnskpMcOu79pwVkWyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:59 2024 by rpki-client on console-ams.rpki-client.org