Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/X-4uH8DON3RZWWIVu0bZqxTru_E.roa
File:                     X-4uH8DON3RZWWIVu0bZqxTru_E.roa (raw, json)
Hash identifier:          9JVta5BaGp5e0eCd8NQFet5i1A5m9so0ViCdBdfCfOk=
Subject key identifier:   5F:EE:2E:1F:C0:CE:37:74:59:59:62:15:BB:46:D9:AB:14:EB:BB:F1
Certificate issuer:       /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial:       018487E2951603B2AC1E8E8EFF0F55E714A2
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/X-4uH8DON3RZWWIVu0bZqxTru_E.roa
Signing time:             Thu 17 Nov 2022 23:18:04 +0000
ROA not before:           Thu 17 Nov 2022 23:18:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3320
IP address blocks:        83.147.40.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:87:e2:95:16:03:b2:ac:1e:8e:8e:ff:0f:55:e7:14:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
        Validity
            Not Before: Nov 17 23:18:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5fee2e1fc0ce377459596215bb46d9ab14ebbbf1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ac:d3:3d:86:dc:4e:26:db:df:fd:9e:2d:7d:
                    01:5d:56:5b:e3:c6:39:86:84:0f:7c:39:be:51:17:
                    c2:15:bc:db:0c:48:2c:2b:ce:9a:35:b2:cf:00:eb:
                    18:a2:14:ac:da:44:fc:9e:c8:66:ea:cd:b9:c3:49:
                    61:10:c0:f6:c3:f0:9d:5e:e7:19:f8:70:51:8e:d1:
                    d1:8d:e5:3b:3e:72:28:9b:da:72:46:2d:c1:e1:cb:
                    71:89:2e:8f:4e:e7:2d:af:f7:81:08:de:62:ea:4e:
                    1d:0b:20:fd:03:d1:bb:50:52:f5:b1:d6:04:b3:c0:
                    c1:77:f5:b7:e9:df:90:ab:e6:ad:15:6f:9f:22:71:
                    2d:b1:18:e8:be:22:3b:e5:89:a2:8d:24:51:c0:98:
                    36:d9:25:4e:c0:1b:5e:3f:f0:21:d4:34:81:4f:2f:
                    41:c2:3a:8c:df:80:22:7c:69:68:8f:1c:06:aa:11:
                    77:31:19:a5:79:09:07:7e:b9:36:4f:a3:6b:d0:54:
                    48:40:40:b4:0f:81:55:2a:93:14:88:0d:7c:d5:e3:
                    a8:9e:ad:35:57:f0:a0:71:6b:29:36:0d:05:7d:af:
                    76:c4:6f:00:6d:08:9a:12:3b:69:24:af:8f:e6:58:
                    51:72:e7:a3:ea:15:10:a2:e9:8b:17:7c:7f:8f:27:
                    55:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:EE:2E:1F:C0:CE:37:74:59:59:62:15:BB:46:D9:AB:14:EB:BB:F1
            X509v3 Authority Key Identifier:
                keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/X-4uH8DON3RZWWIVu0bZqxTru_E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:b7:75:e3:05:fd:5b:75:0b:4c:14:b8:8a:57:78:a8:80:b1:
         4a:e6:2b:be:08:9a:13:26:75:54:53:c7:ea:d2:e0:b3:61:a6:
         d7:89:09:ca:0f:a1:26:db:a3:04:e7:c0:40:12:39:fa:f9:9d:
         54:4e:00:88:5a:c5:e0:ed:de:b8:7d:7f:13:d0:fa:e0:ae:11:
         06:65:95:7b:7d:71:b2:af:95:51:98:c6:12:1d:7a:d6:f8:29:
         5d:d5:ec:ed:ba:77:2e:fa:36:1c:03:cd:c5:e9:01:d9:1f:8d:
         4a:0b:ac:6c:7b:a5:31:93:c3:9c:99:99:8d:aa:90:ab:52:61:
         03:88:da:8a:f7:cb:9e:d6:9d:13:23:e3:28:97:ed:93:f2:ac:
         20:48:1e:0f:1f:9a:7b:44:d5:51:83:bb:e6:94:ce:c0:8d:43:
         ad:2f:57:e3:02:5d:cd:2e:9d:52:89:71:21:8c:d3:ce:b7:3a:
         d7:87:2b:39:7b:a3:9e:ee:e8:4a:ba:65:06:3a:e7:a4:bb:00:
         dc:91:8a:39:b0:f0:eb:d0:25:5d:df:e1:21:00:24:b4:fb:a0:
         89:a6:5a:82:46:3d:2b:37:c9:cd:04:a6:cd:39:e0:93:34:d7:
         9b:3d:f5:83:31:0f:99:38:ae:c2:42:bf:45:14:ca:70:f1:80:
         4b:61:cc:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSH4pUWA7KsHo6O/w9V5xSiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjIxMTE3MjMxODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmVlMmUxZmMwY2UzNzc0NTk1OTYyMTViYjQ2ZDlhYjE0ZWJiYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6zTPYbcTibb3/2eLX0BXVZb48Y5
hoQPfDm+URfCFbzbDEgsK86aNbLPAOsYohSs2kT8nshm6s25w0lhEMD2w/CdXucZ
+HBRjtHRjeU7PnIom9pyRi3B4ctxiS6PTuctr/eBCN5i6k4dCyD9A9G7UFL1sdYE
s8DBd/W36d+Qq+atFW+fInEtsRjoviI75YmijSRRwJg22SVOwBteP/Ah1DSBTy9B
wjqM34AifGlojxwGqhF3MRmleQkHfrk2T6Nr0FRIQEC0D4FVKpMUiA181eOonq01
V/CgcWspNg0Ffa92xG8AbQiaEjtpJK+P5lhRcuej6hUQoumLF3x/jydVLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/uLh/Azjd0WVliFbtG2asU67vxMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvWC00dUg4RE9OM1JaV1dJVnUwYlpxeFRydV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU5MoMA0G
CSqGSIb3DQEBCwUAA4IBAQCKt3XjBf1bdQtMFLiKV3iogLFK5iu+CJoTJnVUU8fq
0uCzYabXiQnKD6Em26ME58BAEjn6+Z1UTgCIWsXg7d64fX8T0PrgrhEGZZV7fXGy
r5VRmMYSHXrW+Cld1eztuncu+jYcA83F6QHZH41KC6xse6Uxk8OcmZmNqpCrUmED
iNqK98ue1p0TI+Mol+2T8qwgSB4PH5p7RNVRg7vmlM7AjUOtL1fjAl3NLp1SiXEh
jNPOtzrXhys5e6Oe7uhKumUGOuekuwDckYo5sPDr0CVd3+EhACS0+6CJplqCRj0r
N8nNBKbNOeCTNNebPfWDMQ+ZOK7CQr9FFMpw8YBLYcyw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org