Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/9HhsUKU8OvrxVaABU8qFtlh2Nkg.roa
File:                     9HhsUKU8OvrxVaABU8qFtlh2Nkg.roa (raw, json)
Hash identifier:          j69eJyTxvcizHT8FoPyCn7AuIty4aD768MjbGDzj6R0=
Subject key identifier:   F4:78:6C:50:A5:3C:3A:FA:F1:55:A0:01:53:CA:85:B6:58:76:36:48
Certificate issuer:       /CN=09a4f7f4e4e9e72c3a3393fb5d6ea742bc1b4c28
Certificate serial:       01302957
Authority key identifier: 09:A4:F7:F4:E4:E9:E7:2C:3A:33:93:FB:5D:6E:A7:42:BC:1B:4C:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CaT39OTp5yw6M5P7XW6nQrwbTCg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/9HhsUKU8OvrxVaABU8qFtlh2Nkg.roa
Signing time:             Sat 01 Jan 2022 05:04:44 +0000
ROA not before:           Sat 01 Jan 2022 05:04:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50673
IP address blocks:        87.236.164.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19933527 (0x1302957)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09a4f7f4e4e9e72c3a3393fb5d6ea742bc1b4c28
        Validity
            Not Before: Jan  1 05:04:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f4786c50a53c3afaf155a00153ca85b658763648
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:c9:2f:35:7d:4c:86:21:05:6c:86:3a:f6:df:
                    35:b5:67:66:e7:5f:51:50:be:8a:e2:73:fa:98:1c:
                    0a:f9:be:ef:57:bb:c8:e4:45:91:9c:f2:9d:ad:25:
                    1b:9e:0e:23:cc:34:59:7c:5c:7f:45:52:03:b6:b0:
                    54:6d:83:8f:85:84:84:04:42:37:34:0d:5b:2b:dd:
                    61:73:03:b0:8e:6a:0e:dc:4e:d7:d0:c3:ce:5c:62:
                    6b:5e:e5:0b:9e:37:c7:29:24:11:36:9c:eb:e1:60:
                    19:67:9f:be:a3:9f:b6:f9:d7:72:11:f1:60:0f:29:
                    26:66:df:1b:3d:c3:07:ec:38:33:87:23:05:41:cd:
                    5f:ad:0d:5a:79:02:d5:87:e0:ec:7f:3f:d0:87:3f:
                    d7:ac:b4:03:ee:58:75:34:31:e5:09:77:89:6a:8d:
                    29:56:f3:0b:22:15:d6:84:f7:f4:3f:f9:42:37:c2:
                    a1:66:da:a8:48:fd:f3:21:dc:a0:fd:10:3c:8e:0a:
                    75:83:8b:3b:41:1c:eb:82:a7:40:7d:de:50:5e:2b:
                    de:c5:fb:5d:69:5b:f7:59:49:8f:60:1d:9c:13:02:
                    eb:06:07:02:87:0d:33:42:66:80:27:5e:b3:af:05:
                    c6:08:e9:9b:2e:e0:0d:55:a5:7f:08:cf:05:0c:dc:
                    17:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:78:6C:50:A5:3C:3A:FA:F1:55:A0:01:53:CA:85:B6:58:76:36:48
            X509v3 Authority Key Identifier:
                keyid:09:A4:F7:F4:E4:E9:E7:2C:3A:33:93:FB:5D:6E:A7:42:BC:1B:4C:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CaT39OTp5yw6M5P7XW6nQrwbTCg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/9HhsUKU8OvrxVaABU8qFtlh2Nkg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:9a:d8:9f:39:57:f4:10:0b:3e:fd:d2:b2:c1:79:8a:80:fe:
         b2:f8:0a:b5:01:ea:c9:66:89:e8:53:6e:b8:9a:46:f0:db:bb:
         70:15:0d:17:03:b7:3c:f1:92:c5:47:53:f3:f3:a9:c7:75:d0:
         09:ce:15:fb:60:3f:84:dd:12:b7:23:90:ff:63:34:a8:e8:9e:
         68:26:65:1e:80:ad:53:d0:35:4d:ee:64:5e:79:bd:c5:fb:86:
         c8:16:69:3f:70:2e:21:da:36:c2:c8:b5:73:ba:5e:97:1b:99:
         99:62:f8:a3:86:7b:af:2f:00:5a:ed:b4:54:e2:7e:9c:80:66:
         c0:08:5a:7f:3a:42:79:7a:1d:8f:d0:ea:70:0b:4c:72:b0:93:
         73:eb:11:f6:a2:dc:1f:aa:cc:07:95:e4:5a:ef:45:74:e5:1f:
         97:0b:d0:1f:49:78:46:24:17:ef:32:2a:fa:39:f9:8b:7c:25:
         c8:a0:4b:c3:fb:53:13:ad:16:82:96:a7:d9:07:e7:fe:b7:2f:
         6a:9c:6f:f7:7a:23:88:c1:32:cc:8f:68:fe:73:40:7c:8c:b5:
         15:ab:97:31:75:34:5e:be:05:4f:64:4b:62:24:ad:91:3d:69:
         25:3c:d6:95:6f:57:bb:cf:a5:98:cb:bd:92:b3:f7:da:47:b6:
         09:ff:b7:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATApVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OWE0ZjdmNGU0ZTllNzJjM2EzMzkzZmI1ZDZlYTc0MmJjMWI0YzI4MB4XDTIyMDEw
MTA1MDQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ3ODZjNTBhNTNj
M2FmYWYxNTVhMDAxNTNjYTg1YjY1ODc2MzY0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7JLzV9TIYhBWyGOvbfNbVnZudfUVC+iuJz+pgcCvm+71e7
yORFkZzyna0lG54OI8w0WXxcf0VSA7awVG2Dj4WEhARCNzQNWyvdYXMDsI5qDtxO
19DDzlxia17lC543xykkETac6+FgGWefvqOftvnXchHxYA8pJmbfGz3DB+w4M4cj
BUHNX60NWnkC1Yfg7H8/0Ic/16y0A+5YdTQx5Ql3iWqNKVbzCyIV1oT39D/5QjfC
oWbaqEj98yHcoP0QPI4KdYOLO0Ec64KnQH3eUF4r3sX7XWlb91lJj2AdnBMC6wYH
AocNM0JmgCdes68Fxgjpmy7gDVWlfwjPBQzcF2sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0eGxQpTw6+vFVoAFTyoW2WHY2SDAfBgNVHSMEGDAWgBQJpPf05OnnLDoz
k/tdbqdCvBtMKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NhVDM5T1RwNXl3Nk01UDdYVzZuUXJ3YlRDZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvM2I0OGQ1LTI4ZGEtNDM4NS05Mzk1LTI4NGM4MmRlYzdjNi8x
LzlIaHNVS1U4T3ZyeFZhQUJVOHFGdGxoMk5rZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
M2I0OGQ1LTI4ZGEtNDM4NS05Mzk1LTI4NGM4MmRlYzdjNi8xL0NhVDM5T1RwNXl3
Nk01UDdYVzZuUXJ3YlRDZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFfspDANBgkqhkiG9w0BAQsFAAOC
AQEAAJrYnzlX9BALPv3SssF5ioD+svgKtQHqyWaJ6FNuuJpG8Nu7cBUNFwO3PPGS
xUdT8/Opx3XQCc4V+2A/hN0StyOQ/2M0qOieaCZlHoCtU9A1Te5kXnm9xfuGyBZp
P3AuIdo2wsi1c7pelxuZmWL4o4Z7ry8AWu20VOJ+nIBmwAhafzpCeXodj9DqcAtM
crCTc+sR9qLcH6rMB5XkWu9FdOUflwvQH0l4RiQX7zIq+jn5i3wlyKBLw/tTE60W
gpan2Qfn/rcvapxv93ojiMEyzI9o/nNAfIy1FauXMXU0Xr4FT2RLYiStkT1pJTzW
lW9Xu8+lmMu9krP32ke2Cf+3hg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:17 2023 by rpki-client on console-ams.rpki-client.org