Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/6uthhCRB5qq1yvB90aIaW-_nzEE.roa
File:                     6uthhCRB5qq1yvB90aIaW-_nzEE.roa (raw, json)
Hash identifier:          RL1HfjgfLNX3pg23FbDmhu/2JYZSv0nUwiu+afjTP4M=
Subject key identifier:   EA:EB:61:84:24:41:E6:AA:B5:CA:F0:7D:D1:A2:1A:5B:EF:E7:CC:41
Certificate issuer:       /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial:       0184C2F075DCFE27FB8F942FCF6884C59953
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/6uthhCRB5qq1yvB90aIaW-_nzEE.roa
Signing time:             Tue 29 Nov 2022 10:30:49 +0000
ROA not before:           Tue 29 Nov 2022 10:30:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212669
IP address blocks:        83.147.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c2:f0:75:dc:fe:27:fb:8f:94:2f:cf:68:84:c5:99:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
        Validity
            Not Before: Nov 29 10:30:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eaeb61842441e6aab5caf07dd1a21a5befe7cc41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:47:bd:26:fe:05:26:7c:57:2d:28:f8:d9:eb:
                    1b:37:a7:ba:b6:c5:5c:73:58:5f:9e:43:50:70:d5:
                    75:ec:28:36:e7:f1:97:09:c8:af:49:5d:0b:c2:b3:
                    82:46:29:2a:3e:95:35:f3:a0:f2:71:ec:92:82:74:
                    10:b8:f0:42:0d:02:0b:75:40:54:40:fe:48:28:15:
                    db:2c:87:da:f8:56:90:a9:07:b6:5f:8e:c1:1f:1c:
                    2e:1e:d1:40:8b:b2:19:3b:d3:48:18:4f:1a:3e:a5:
                    ba:4c:d2:01:3d:31:8f:82:9a:b9:fb:7e:68:61:2a:
                    fd:09:ca:ed:f8:44:df:ec:72:fd:b3:81:8e:d2:9b:
                    8f:91:e7:17:7f:26:ce:20:dd:21:f4:45:f5:df:d7:
                    39:8b:81:02:d6:0b:29:a0:df:d4:4b:e5:06:8d:16:
                    0d:92:22:4e:37:3d:0f:4d:11:e5:bb:34:16:86:a4:
                    56:67:63:d2:67:2a:22:b3:5a:03:36:2a:dd:3f:84:
                    e2:8b:67:6e:0a:b0:c8:c0:b6:1c:13:28:3b:a3:ae:
                    72:c8:ee:f9:61:28:3b:ac:86:6c:74:be:72:3c:6b:
                    01:43:f0:c0:ac:bb:bb:d5:04:97:75:a7:e0:8a:00:
                    4f:a2:06:35:bc:7e:d0:dd:aa:87:56:e2:d3:51:0a:
                    23:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:EB:61:84:24:41:E6:AA:B5:CA:F0:7D:D1:A2:1A:5B:EF:E7:CC:41
            X509v3 Authority Key Identifier:
                keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/6uthhCRB5qq1yvB90aIaW-_nzEE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:82:38:af:61:a0:a4:16:23:fc:99:11:d1:29:13:f0:9b:08:
         c2:4e:66:ca:de:f0:5a:ad:1c:74:32:c9:02:c7:80:98:68:b9:
         6b:83:b6:04:b2:b7:61:71:d1:b4:ef:c2:ac:8c:f4:94:9e:8f:
         f0:08:37:3b:37:23:77:ca:b2:81:f4:0a:30:03:ef:e1:c3:12:
         28:70:a1:23:a6:35:78:a4:ac:1d:a2:a1:cf:9c:a4:65:52:da:
         54:f0:b6:12:a9:f1:36:a6:0a:40:e8:a3:6f:59:80:3a:68:68:
         7e:f9:35:a3:03:9e:aa:88:d5:30:6c:84:20:1a:f4:8b:8c:e2:
         30:26:c6:6f:63:04:3a:ce:07:94:05:30:2c:2d:16:7d:79:05:
         0c:0c:b4:07:d2:2b:eb:da:f4:99:34:8e:20:64:0b:5d:a6:75:
         e5:b9:dd:6f:2a:70:43:39:21:ce:4a:3d:f4:d3:5d:32:63:fb:
         f0:40:c5:4d:22:16:f2:25:61:8c:68:a0:94:6d:99:a7:65:55:
         58:8a:0f:3f:29:f7:d6:e0:fe:56:e4:06:39:e4:b8:0d:82:c7:
         57:e0:42:e9:4e:ef:43:77:cd:1d:c2:51:14:1d:3f:d3:6c:d7:
         2d:3e:d4:ff:c8:bd:ab:fe:f0:46:0a:5d:18:a6:74:7c:51:a6:
         e5:06:31:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTC8HXc/if7j5Qvz2iExZlTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjIxMTI5MTAzMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWViNjE4NDI0NDFlNmFhYjVjYWYwN2RkMWEyMWE1YmVmZTdjYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUe9Jv4FJnxXLSj42esbN6e6tsVc
c1hfnkNQcNV17Cg25/GXCcivSV0LwrOCRikqPpU186DyceySgnQQuPBCDQILdUBU
QP5IKBXbLIfa+FaQqQe2X47BHxwuHtFAi7IZO9NIGE8aPqW6TNIBPTGPgpq5+35o
YSr9Ccrt+ETf7HL9s4GO0puPkecXfybOIN0h9EX139c5i4EC1gspoN/US+UGjRYN
kiJONz0PTRHluzQWhqRWZ2PSZyois1oDNirdP4Tii2duCrDIwLYcEyg7o65yyO75
YSg7rIZsdL5yPGsBQ/DArLu71QSXdafgigBPogY1vH7Q3aqHVuLTUQojXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOrrYYQkQeaqtcrwfdGiGlvv58xBMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvNnV0aGhDUkI1cXExeXZCOTBhSWFXLV9uekVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5MOMA0G
CSqGSIb3DQEBCwUAA4IBAQCKgjivYaCkFiP8mRHRKRPwmwjCTmbK3vBarRx0MskC
x4CYaLlrg7YEsrdhcdG078KsjPSUno/wCDc7NyN3yrKB9AowA+/hwxIocKEjpjV4
pKwdoqHPnKRlUtpU8LYSqfE2pgpA6KNvWYA6aGh++TWjA56qiNUwbIQgGvSLjOIw
JsZvYwQ6zgeUBTAsLRZ9eQUMDLQH0ivr2vSZNI4gZAtdpnXlud1vKnBDOSHOSj30
010yY/vwQMVNIhbyJWGMaKCUbZmnZVVYig8/KffW4P5W5AY55LgNgsdX4ELpTu9D
d80dwlEUHT/TbNctPtT/yL2r/vBGCl0YpnR8UablBjGU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org