Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ZH00iDHWeK3nTcFOrnvYHw1R0Ok.roa
File:                     ZH00iDHWeK3nTcFOrnvYHw1R0Ok.roa (raw, json)
Hash identifier:          qFDxf4DffmNpoApGwWzu10lrELihL0t/i44Ce3zKap0=
Subject key identifier:   64:7D:34:88:31:D6:78:AD:E7:4D:C1:4E:AE:7B:D8:1F:0D:51:D0:E9
Certificate issuer:       /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial:       119D8060
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ZH00iDHWeK3nTcFOrnvYHw1R0Ok.roa
Signing time:             Wed 27 Apr 2022 11:54:21 +0000
ROA not before:           Wed 27 Apr 2022 11:54:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213274
IP address blocks:        89.252.157.0/24 maxlen: 24
                          94.102.12.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 295534688 (0x119d8060)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
        Validity
            Not Before: Apr 27 11:54:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=647d348831d678ade74dc14eae7bd81f0d51d0e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:64:0c:ae:3c:38:3f:d5:97:62:ab:b8:66:9e:
                    63:58:59:98:75:9a:93:2d:1b:b0:61:f6:02:5a:80:
                    c7:1e:6b:86:f8:d6:43:15:a5:30:e3:8e:37:f1:8a:
                    20:87:72:8f:91:31:85:6d:3f:9e:49:a4:ba:c6:2e:
                    38:0f:98:35:cf:65:82:04:65:0b:d6:20:0c:1b:13:
                    8b:58:0c:9f:14:b8:c2:a7:ce:bd:99:14:68:7a:1a:
                    13:e5:e9:b9:5b:1a:6f:d3:5e:28:b0:45:01:19:08:
                    5f:2e:d3:03:cc:c6:1c:d8:1e:3a:6a:5a:f7:ae:37:
                    00:83:1d:a6:e7:9c:a5:1a:7e:4c:d9:d2:39:ac:a9:
                    7c:20:a0:53:9e:70:9c:4b:6a:28:28:b0:6b:ca:10:
                    7b:81:8d:01:a8:d6:cc:24:32:57:b6:41:0b:4e:47:
                    fe:66:31:9e:38:cb:5f:2d:15:47:b8:42:d2:92:6e:
                    c4:24:ab:76:08:4b:cc:a9:24:c8:dd:ef:77:c5:96:
                    0a:cd:72:64:a3:7c:c5:1d:a5:78:a6:7a:f8:76:30:
                    fa:8f:2c:27:0a:84:98:b4:9f:03:5a:1d:15:02:7e:
                    b3:c3:41:13:57:33:22:19:4f:60:f7:ac:2b:21:91:
                    9a:5e:90:51:2b:8f:dc:a6:03:8c:d6:48:4b:c7:81:
                    0b:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:7D:34:88:31:D6:78:AD:E7:4D:C1:4E:AE:7B:D8:1F:0D:51:D0:E9
            X509v3 Authority Key Identifier:
                keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ZH00iDHWeK3nTcFOrnvYHw1R0Ok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.252.157.0/24
                  94.102.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:d6:34:da:be:0a:ce:16:ed:87:77:c2:71:79:69:bf:d3:38:
         b2:ab:eb:ae:d6:10:18:ba:74:bf:44:4d:10:20:c9:52:5a:6c:
         98:54:8d:92:8d:6e:5a:0d:35:c9:90:cc:1c:eb:da:2d:d6:6b:
         72:cb:67:23:8b:82:e4:06:80:13:9b:c2:2d:f5:6e:07:3f:e1:
         60:18:65:5a:18:41:9a:f8:ad:4c:59:3d:52:f5:81:b4:b0:03:
         70:a6:40:2d:d9:56:97:5c:bd:dc:1e:83:12:88:86:66:4d:0f:
         06:fb:b0:fc:e4:15:bf:c3:66:15:1f:df:5b:dc:1e:3e:33:9f:
         5b:1f:a9:08:c2:01:f6:e1:c0:f4:59:9d:56:74:df:86:3b:15:
         7c:1b:6c:52:72:38:c4:17:71:e0:23:df:1f:e7:b5:83:ab:ff:
         ff:94:98:48:5d:2f:f0:d9:a1:4d:39:46:15:fb:4b:b8:ee:cb:
         0e:eb:5c:ab:e7:e8:4c:dc:43:3b:55:da:e4:e0:de:fb:32:5a:
         98:79:18:1e:15:5f:5d:04:68:ae:27:4d:37:61:6f:97:a3:05:
         21:5e:49:64:f5:ba:ea:25:09:7d:97:7d:73:0b:68:6c:ff:d1:
         37:17:bc:b6:10:b9:29:84:c0:c7:32:1d:90:f8:0a:f0:71:a7:
         da:b6:04:42
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEZ2AYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NWU0YWVkM2VmNzJiZWUzMTQxNjYwZDExNDllMTZkMDc5MjA1ZjNjMB4XDTIyMDQy
NzExNTQyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQ3ZDM0ODgzMWQ2
NzhhZGU3NGRjMTRlYWU3YmQ4MWYwZDUxZDBlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9kDK48OD/Vl2KruGaeY1hZmHWaky0bsGH2AlqAxx5rhvjW
QxWlMOOON/GKIIdyj5ExhW0/nkmkusYuOA+YNc9lggRlC9YgDBsTi1gMnxS4wqfO
vZkUaHoaE+XpuVsab9NeKLBFARkIXy7TA8zGHNgeOmpa9643AIMdpuecpRp+TNnS
OaypfCCgU55wnEtqKCiwa8oQe4GNAajWzCQyV7ZBC05H/mYxnjjLXy0VR7hC0pJu
xCSrdghLzKkkyN3vd8WWCs1yZKN8xR2leKZ6+HYw+o8sJwqEmLSfA1odFQJ+s8NB
E1czIhlPYPesKyGRml6QUSuP3KYDjNZIS8eBCxcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRkfTSIMdZ4redNwU6ue9gfDVHQ6TAfBgNVHSMEGDAWgBQl5K7T73K+4xQW
YNEUnhbQeSBfPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0plU3UwLTl5dnVNVUZtRFJGSjRXMEhrZ1h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjMzNmQwLTk0OTQtNDZkMy05ODYxLWVkM2UzOGY5NTc3Zi8x
L1pIMDBpREhXZUszblRjRk9ybnZZSHcxUjBPay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjMzNmQwLTk0OTQtNDZkMy05ODYxLWVkM2UzOGY5NTc3Zi8xL0plU3UwLTl5dnVN
VUZtRFJGSjRXMEhrZ1h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFn8nQMEAF5mDDANBgkqhkiG9w0B
AQsFAAOCAQEActY02r4Kzhbth3fCcXlpv9M4sqvrrtYQGLp0v0RNECDJUlpsmFSN
ko1uWg01yZDMHOvaLdZrcstnI4uC5AaAE5vCLfVuBz/hYBhlWhhBmvitTFk9UvWB
tLADcKZALdlWl1y93B6DEoiGZk0PBvuw/OQVv8NmFR/fW9wePjOfWx+pCMIB9uHA
9FmdVnTfhjsVfBtsUnI4xBdx4CPfH+e1g6v//5SYSF0v8NmhTTlGFftLuO7LDutc
q+foTNxDO1Xa5ODe+zJamHkYHhVfXQRoridNN2Fvl6MFIV5JZPW66iUJfZd9cwto
bP/RNxe8thC5KYTAxzIdkPgK8HGn2rYEQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org