Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/lArjSvyYZGQkmqIct272H4UAJ3E.roa
File:                     lArjSvyYZGQkmqIct272H4UAJ3E.roa (raw, json)
Hash identifier:          Z/BQqkrhGsDJ0lHICDUpWpwxjASgy6TECQLXFgrI6I4=
Subject key identifier:   94:0A:E3:4A:FC:98:64:64:24:9A:A2:1C:B7:6E:F6:1F:85:00:27:71
Certificate issuer:       /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial:       0487F932
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/lArjSvyYZGQkmqIct272H4UAJ3E.roa
Signing time:             Thu 26 May 2022 04:20:14 +0000
ROA not before:           Thu 26 May 2022 04:20:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211585
IP address blocks:        83.147.0.0/22 maxlen: 24
                          83.147.32.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76020018 (0x487f932)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
        Validity
            Not Before: May 26 04:20:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=940ae34afc986464249aa21cb76ef61f85002771
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:1d:ad:88:b8:12:86:21:bc:20:2d:00:fd:3b:
                    4a:19:4f:5d:44:9e:68:b0:06:b3:72:d2:b7:37:c4:
                    3a:43:a5:81:4f:f2:76:a7:bf:ff:ec:96:b3:66:19:
                    d2:e5:75:00:12:69:69:85:53:2f:d0:6d:05:4e:bb:
                    b2:79:c8:fb:9a:47:4a:b4:e4:bb:c0:a7:a7:79:79:
                    36:1a:a6:e6:da:88:0a:44:ec:3e:32:ae:67:b8:a4:
                    4f:11:dd:09:80:66:b0:1b:4a:2d:ce:e9:dc:ba:ca:
                    a4:9d:cf:be:6e:bf:81:81:78:27:cc:8c:60:e1:7d:
                    5c:0a:94:10:dc:01:30:82:5b:c2:39:b0:7e:d5:aa:
                    90:c0:15:27:fc:29:1c:21:96:7a:28:ad:31:7f:51:
                    e2:21:80:f1:d5:b4:88:fd:78:1a:d1:e6:fe:4d:77:
                    21:bf:d0:da:cd:c3:cc:06:62:91:96:9a:de:96:17:
                    00:1c:3c:b8:f3:9a:13:9a:af:09:60:08:e9:3d:5c:
                    8c:c7:7b:83:af:cf:0a:ed:f2:ca:18:df:fe:19:c6:
                    c2:70:ef:53:d8:74:34:23:8c:c8:8a:10:3e:5c:04:
                    20:5d:8e:95:61:bf:9d:ac:3e:1a:95:5f:7e:1b:b6:
                    b7:6f:6d:9b:0f:24:7d:e8:5b:c3:f4:f7:cd:6c:f5:
                    f8:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:0A:E3:4A:FC:98:64:64:24:9A:A2:1C:B7:6E:F6:1F:85:00:27:71
            X509v3 Authority Key Identifier:
                keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/lArjSvyYZGQkmqIct272H4UAJ3E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.0.0/22
                  83.147.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:9a:17:84:58:3e:49:65:24:bb:44:88:ee:b5:c2:6a:2f:71:
         33:1b:9d:43:71:54:92:6e:b8:80:0d:82:4c:8b:fb:e2:c1:c8:
         44:ca:6c:09:1d:4a:65:dd:a5:9e:f4:67:e7:bf:27:7a:2c:fb:
         7d:26:75:bf:35:f8:ea:f4:4b:b9:30:44:2b:2f:f2:d6:bc:f4:
         da:01:12:35:75:4e:f3:bc:a5:91:64:90:7c:78:61:b2:6b:73:
         63:af:bf:61:66:5c:ef:5f:59:58:7c:bf:84:3e:01:03:d7:43:
         77:90:b3:d6:c6:7b:7c:d6:c6:93:49:25:dc:17:1b:26:5c:cc:
         c0:c0:a6:4d:3d:84:d7:51:1a:f7:b1:1a:a8:d4:ef:c8:ed:f9:
         81:f0:0b:45:04:9c:f3:65:1e:ee:00:d0:41:cd:c5:31:cd:8b:
         4b:d5:88:b0:57:3f:94:ad:de:d4:6e:dc:ae:1d:b7:ff:74:d2:
         be:10:4e:f0:4f:d3:f0:45:a1:01:2e:42:89:a6:3e:06:c9:a8:
         dc:1b:05:ee:b5:b6:db:39:fe:e3:ae:fe:8d:ae:fc:42:43:9b:
         79:d4:0c:4b:28:fc:6d:35:e4:af:68:86:e5:06:38:8c:a5:88:
         01:39:02:55:a3:83:e0:05:97:96:37:a9:64:bc:9d:87:97:d4:
         62:46:59:6f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBIf5MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTkzZmZlOWRiMzc2MjZiMTNmODVkN2NjNDU3YWFkNWMxZjMwYzlmMB4XDTIyMDUy
NjA0MjAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQwYWUzNGFmYzk4
NjQ2NDI0OWFhMjFjYjc2ZWY2MWY4NTAwMjc3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8drYi4EoYhvCAtAP07ShlPXUSeaLAGs3LStzfEOkOlgU/y
dqe//+yWs2YZ0uV1ABJpaYVTL9BtBU67snnI+5pHSrTku8Cnp3l5Nhqm5tqICkTs
PjKuZ7ikTxHdCYBmsBtKLc7p3LrKpJ3Pvm6/gYF4J8yMYOF9XAqUENwBMIJbwjmw
ftWqkMAVJ/wpHCGWeiitMX9R4iGA8dW0iP14GtHm/k13Ib/Q2s3DzAZikZaa3pYX
ABw8uPOaE5qvCWAI6T1cjMd7g6/PCu3yyhjf/hnGwnDvU9h0NCOMyIoQPlwEIF2O
lWG/naw+GpVffhu2t29tmw8kfehbw/T3zWz1+EECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSUCuNK/JhkZCSaohy3bvYfhQAncTAfBgNVHSMEGDAWgBSBk//p2zdiaxP4
XXzEV6rVwfMMnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2daUF82ZHMzWW1zVC1GMTh4RmVxMWNIekRKOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvNzZiYzFlLWI2ZjQtNDA4YS1iYjg5LTA4ZDEyNzBjMmU3MS8x
L2xBcmpTdnlZWkdRa21xSWN0MjcySDRVQUozRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
NzZiYzFlLWI2ZjQtNDA4YS1iYjg5LTA4ZDEyNzBjMmU3MS8xL2daUF82ZHMzWW1z
VC1GMTh4RmVxMWNIekRKOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlOTAAMEAlOTIDANBgkqhkiG9w0B
AQsFAAOCAQEAo5oXhFg+SWUku0SI7rXCai9xMxudQ3FUkm64gA2CTIv74sHIRMps
CR1KZd2lnvRn578neiz7fSZ1vzX46vRLuTBEKy/y1rz02gESNXVO87ylkWSQfHhh
smtzY6+/YWZc719ZWHy/hD4BA9dDd5Cz1sZ7fNbGk0kl3BcbJlzMwMCmTT2E11Ea
97EaqNTvyO35gfALRQSc82Ue7gDQQc3FMc2LS9WIsFc/lK3e1G7crh23/3TSvhBO
8E/T8EWhAS5CiaY+Bsmo3BsF7rW22zn+467+ja78QkObedQMSyj8bTXkr2iG5QY4
jKWIATkCVaOD4AWXljepZLydh5fUYkZZbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org