Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/yRZDIxIw_w3Bwp07KnCXeJ44JUU.roa
File:                     yRZDIxIw_w3Bwp07KnCXeJ44JUU.roa (raw, json)
Hash identifier:          ktyX9OH669PkF51B5wm0nboNVasQSwdySl2BxnyNBTw=
Subject key identifier:   C9:16:43:23:12:30:FF:0D:C1:C2:9D:3B:2A:70:97:78:9E:38:25:45
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       03459AC5
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/yRZDIxIw_w3Bwp07KnCXeJ44JUU.roa
Signing time:             Sat 01 Jan 2022 16:04:39 +0000
ROA not before:           Sat 01 Jan 2022 16:04:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209821
IP address blocks:        82.115.222.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54893253 (0x3459ac5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  1 16:04:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c91643231230ff0dc1c29d3b2a7097789e382545
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:13:04:fd:1f:cf:45:f9:69:bd:df:bb:8e:88:
                    04:9f:79:f9:c6:18:f7:aa:ef:77:ce:b5:22:62:24:
                    6b:99:f3:b5:7b:9e:10:bf:5a:20:95:44:ad:e0:ef:
                    91:28:45:f4:2b:c7:d3:ce:36:f4:3e:9b:66:ba:19:
                    37:5f:67:fd:3d:73:9c:1c:8f:36:d4:af:fa:55:bf:
                    3c:8d:b7:27:6b:87:ca:91:c4:e0:ce:4a:d5:02:19:
                    32:24:bb:aa:14:ca:c8:7b:5e:7b:05:f7:f3:d6:17:
                    c7:5f:45:5c:92:0d:12:0b:bc:3b:61:2e:80:48:63:
                    d8:d0:9f:8e:1c:98:ee:dc:6c:f6:b4:bf:4a:2f:8b:
                    2c:da:56:c9:7d:41:e6:76:78:57:4c:97:be:6a:9d:
                    6d:fc:1f:c3:f5:46:0d:bb:1b:34:e0:2b:5d:de:a8:
                    36:08:bb:57:3e:ac:68:1d:d1:d6:f0:6c:5d:6c:6c:
                    4b:4b:14:b8:13:de:be:75:9f:68:53:c9:63:fc:99:
                    cf:1b:85:e8:85:7e:2a:36:a0:9e:08:84:87:55:ae:
                    4f:5e:f5:65:d4:d6:d0:cc:80:16:54:69:b9:fc:bc:
                    3e:af:24:4d:66:1a:15:9c:62:a0:db:ae:51:44:b9:
                    08:23:12:ee:65:a3:5d:31:af:84:f2:13:56:73:3b:
                    95:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:16:43:23:12:30:FF:0D:C1:C2:9D:3B:2A:70:97:78:9E:38:25:45
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/yRZDIxIw_w3Bwp07KnCXeJ44JUU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.222.0/23

    Signature Algorithm: sha256WithRSAEncryption
         18:3c:8f:f3:0f:36:32:d9:19:02:22:aa:08:52:62:ef:6e:56:
         88:4a:39:e9:ee:cf:63:78:e9:6d:81:ec:e2:08:ba:e3:55:1b:
         a8:47:15:0a:4d:a4:e8:85:59:97:ed:b1:5e:48:25:61:0d:68:
         53:b3:a3:c0:51:31:c9:8e:1d:7f:0c:e1:34:f4:68:5a:76:3a:
         ed:dd:74:cc:79:89:a5:58:01:ed:b0:ed:16:3e:87:a6:8e:3b:
         c7:c5:33:32:61:09:d8:95:28:2e:da:14:11:c0:ff:1b:12:c0:
         81:c5:bf:d2:80:d4:8d:15:be:08:cc:a7:98:5a:67:99:b6:3f:
         a1:69:1d:70:15:25:e5:42:ba:9a:32:1c:77:6c:51:c2:78:13:
         a8:0d:93:ca:a6:38:96:2e:01:39:4a:c9:7c:d9:9d:0b:33:3a:
         ee:a0:06:99:ca:d8:f3:53:b5:f4:ba:1c:ef:cd:c2:3a:e5:91:
         f3:07:a7:bb:42:bd:bc:f4:c2:8f:38:8d:44:2f:4c:53:5b:fb:
         12:30:f0:ad:b0:46:6b:48:78:ce:72:de:33:64:19:0b:cf:38:
         63:ba:0b:ce:de:99:01:65:36:9c:2b:d6:d7:cd:5d:38:91:35:
         13:11:5f:c3:39:da:44:a4:17:c2:60:3a:80:31:27:97:18:77:
         bc:52:0f:77
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA0WaxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDEw
MTE2MDQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzkxNjQzMjMxMjMw
ZmYwZGMxYzI5ZDNiMmE3MDk3Nzg5ZTM4MjU0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANcTBP0fz0X5ab3fu46IBJ95+cYY96rvd861ImIka5nztXue
EL9aIJVEreDvkShF9CvH08429D6bZroZN19n/T1znByPNtSv+lW/PI23J2uHypHE
4M5K1QIZMiS7qhTKyHteewX389YXx19FXJINEgu8O2EugEhj2NCfjhyY7txs9rS/
Si+LLNpWyX1B5nZ4V0yXvmqdbfwfw/VGDbsbNOArXd6oNgi7Vz6saB3R1vBsXWxs
S0sUuBPevnWfaFPJY/yZzxuF6IV+KjagngiEh1WuT171ZdTW0MyAFlRpufy8Pq8k
TWYaFZxioNuuUUS5CCMS7mWjXTGvhPITVnM7lTkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTJFkMjEjD/DcHCnTsqcJd4njglRTAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L3lSWkRJeEl3X3czQndwMDdLbkNYZUo0NEpVVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVJz3jANBgkqhkiG9w0BAQsFAAOC
AQEAGDyP8w82MtkZAiKqCFJi725WiEo56e7PY3jpbYHs4gi641UbqEcVCk2k6IVZ
l+2xXkglYQ1oU7OjwFExyY4dfwzhNPRoWnY67d10zHmJpVgB7bDtFj6Hpo47x8Uz
MmEJ2JUoLtoUEcD/GxLAgcW/0oDUjRW+CMynmFpnmbY/oWkdcBUl5UK6mjIcd2xR
wngTqA2TyqY4li4BOUrJfNmdCzM67qAGmcrY81O19Loc783COuWR8wenu0K9vPTC
jziNRC9MU1v7EjDwrbBGa0h4znLeM2QZC884Y7oLzt6ZAWU2nCvW181dOJE1ExFf
wznaRKQXwmA6gDEnlxh3vFIPdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org