Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/q9KaIoLmIAen-A8XBZgZjxSqcyE.roa
File:                     q9KaIoLmIAen-A8XBZgZjxSqcyE.roa (raw, json)
Hash identifier:          2o6jDNmProfb9RvmLSUvSnk+gHVY5CfQIVE7ucrq1vs=
Subject key identifier:   AB:D2:9A:22:82:E6:20:07:A7:F8:0F:17:05:98:19:8F:14:AA:73:21
Certificate issuer:       /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial:       0475F083
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/q9KaIoLmIAen-A8XBZgZjxSqcyE.roa
Signing time:             Tue 22 Mar 2022 21:35:29 +0000
ROA not before:           Tue 22 Mar 2022 21:35:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50495
IP address blocks:        91.223.99.0/24 maxlen: 24
                          91.223.102.0/24 maxlen: 24
                          195.234.99.0/24 maxlen: 24
                          91.223.126.0/24 maxlen: 24
                          194.39.32.0/22 maxlen: 22
                          83.136.221.0/24 maxlen: 24
                          91.223.163.0/24 maxlen: 24
                          91.239.64.0/24 maxlen: 24
                          77.83.232.0/22 maxlen: 22
                          2a06:ef40::/32 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74838147 (0x475f083)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
        Validity
            Not Before: Mar 22 21:35:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=abd29a2282e62007a7f80f170598198f14aa7321
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:52:db:8c:a2:93:d8:47:27:b3:52:ab:a4:1a:
                    42:00:13:73:2d:c4:64:4a:01:c7:3d:b7:14:ec:ce:
                    78:2b:01:62:da:cc:bc:c2:29:26:85:ba:92:1a:bc:
                    ca:7d:ae:30:78:52:3d:b3:ce:2e:94:62:44:6a:2d:
                    ec:1e:6e:4d:de:30:dc:05:4a:74:0e:6c:90:c7:66:
                    09:b1:72:53:6c:0b:b3:e4:ab:29:e0:e7:37:7f:47:
                    a7:94:30:38:6b:46:63:d8:10:11:ef:b4:44:06:c8:
                    1e:42:81:20:60:be:e1:15:2e:ac:d5:25:4a:96:8a:
                    bf:7d:6f:1e:e9:ba:a0:fd:2d:6b:67:c8:2f:82:41:
                    e4:d9:70:43:47:56:e1:c5:72:8f:0d:f2:de:8c:23:
                    c9:66:f3:03:99:48:cd:54:be:fe:73:6e:65:87:d9:
                    f2:18:08:a2:5e:79:85:fc:c6:8b:18:3f:a4:8e:8d:
                    1b:6a:1c:98:41:61:d4:d5:7c:59:05:f4:45:0b:d1:
                    fc:df:7f:42:e7:c4:8c:18:2e:50:b7:14:9b:d4:46:
                    79:51:6c:97:2a:c0:d3:5a:4d:70:91:0e:de:e6:9e:
                    56:87:2b:5e:91:c7:ca:55:9e:b0:31:3f:27:aa:bc:
                    db:f8:2e:96:8b:87:d9:d2:e1:b9:8f:1f:c1:48:eb:
                    e1:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:D2:9A:22:82:E6:20:07:A7:F8:0F:17:05:98:19:8F:14:AA:73:21
            X509v3 Authority Key Identifier:
                keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/q9KaIoLmIAen-A8XBZgZjxSqcyE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.232.0/22
                  83.136.221.0/24
                  91.223.99.0/24
                  91.223.102.0/24
                  91.223.126.0/24
                  91.223.163.0/24
                  91.239.64.0/24
                  194.39.32.0/22
                  195.234.99.0/24
                IPv6:
                  2a06:ef40::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:f1:c9:31:48:a7:92:46:ff:b2:c4:61:e1:b9:87:b0:e8:8a:
         f6:59:f2:21:dd:85:a7:fa:2f:c2:29:6e:f3:31:a5:93:62:2d:
         ad:fc:e0:2b:10:86:5e:8e:8b:50:33:6d:a8:12:9d:7d:6a:c3:
         8e:b7:30:b4:ba:40:0b:e0:c0:bf:f5:ee:7d:73:85:d9:93:d2:
         a9:6f:ec:36:c4:e0:85:8a:0b:c1:fc:3e:2d:1f:45:b5:5a:da:
         35:03:32:4f:7f:89:54:29:8c:84:f7:d6:12:e1:b6:b0:a4:7b:
         68:e2:75:72:bf:f7:d9:b9:02:6f:38:d9:b5:7c:67:a8:fe:d8:
         a1:66:eb:ab:2e:52:94:f7:ae:1f:75:f5:19:25:8b:d9:31:2a:
         f9:dc:9a:b5:80:bc:67:f7:df:31:ba:9b:88:a5:11:8e:e1:7a:
         35:c7:a3:9e:89:0a:f5:d1:7e:70:13:6b:bc:0d:f3:d7:2a:30:
         56:14:14:96:cd:5f:42:b4:cb:6a:71:d3:b9:31:7a:40:d1:6b:
         e2:da:fb:05:58:e2:2f:5f:ee:27:5f:71:a4:11:8a:5b:48:1a:
         ba:20:c3:16:f4:be:8c:2b:63:4d:f9:48:3c:5f:b3:c3:aa:d3:
         26:7c:92:5b:f1:e6:13:c7:b5:ca:e2:bd:7b:c4:1a:1a:18:92:
         ce:18:fc:c6
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEBHXwgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmQwYzQ5YTBlOTdlMGQ1ZjNjZWQzYjdiNmI5ZjcyY2EwY2I1M2Q2MB4XDTIyMDMy
MjIxMzUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWJkMjlhMjI4MmU2
MjAwN2E3ZjgwZjE3MDU5ODE5OGYxNGFhNzMyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI5S24yik9hHJ7NSq6QaQgATcy3EZEoBxz23FOzOeCsBYtrM
vMIpJoW6khq8yn2uMHhSPbPOLpRiRGot7B5uTd4w3AVKdA5skMdmCbFyU2wLs+Sr
KeDnN39Hp5QwOGtGY9gQEe+0RAbIHkKBIGC+4RUurNUlSpaKv31vHum6oP0ta2fI
L4JB5NlwQ0dW4cVyjw3y3owjyWbzA5lIzVS+/nNuZYfZ8hgIol55hfzGixg/pI6N
G2ocmEFh1NV8WQX0RQvR/N9/QufEjBguULcUm9RGeVFslyrA01pNcJEO3uaeVocr
XpHHylWesDE/J6q82/gulouH2dLhuY8fwUjr4W8CAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSr0poiguYgB6f4DxcFmBmPFKpzITAfBgNVHSMEGDAWgBTi0MSaDpfg1fPO
07e2ufcsoMtT1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR0REVtZzZYNE5Yenp0TzN0cm4zTEtETFU5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvOWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8x
L3E5S2FJb0xtSUFlbi1BOFhCWmdaanhTcWN5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
OWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8xLzR0REVtZzZYNE5Y
enp0TzN0cm4zTEtETFU5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAk1T6AMEAFOI3QMEAFvfYwMEAFvf
ZgMEAFvffgMEAFvfowMEAFvvQAMEAsInIAMEAMPqYzANBAIAAjAHAwUAKgbvQDAN
BgkqhkiG9w0BAQsFAAOCAQEAjPHJMUinkkb/ssRh4bmHsOiK9lnyId2Fp/ovwilu
8zGlk2ItrfzgKxCGXo6LUDNtqBKdfWrDjrcwtLpAC+DAv/XufXOF2ZPSqW/sNsTg
hYoLwfw+LR9FtVraNQMyT3+JVCmMhPfWEuG2sKR7aOJ1cr/32bkCbzjZtXxnqP7Y
oWbrqy5SlPeuH3X1GSWL2TEq+dyatYC8Z/ffMbqbiKURjuF6NcejnokK9dF+cBNr
vA3z1yowVhQUls1fQrTLanHTuTF6QNFr4tr7BVjiL1/uJ19xpBGKW0gauiDDFvS+
jCtjTflIPF+zw6rTJnySW/HmE8e1yuK9e8QaGhiSzhj8xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:36 2024 by rpki-client on console-ams.rpki-client.org