Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/fvHlO_sFYKyUn-Y7tZIUFhkJdmI.roa
File:                     fvHlO_sFYKyUn-Y7tZIUFhkJdmI.roa (raw, json)
Hash identifier:          41MdUuN3ha7ZuoIIkSQJOXNLcrz7nP1/pNfgy/QDbpo=
Subject key identifier:   7E:F1:E5:3B:FB:05:60:AC:94:9F:E6:3B:B5:92:14:16:19:09:76:62
Certificate issuer:       /CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
Certificate serial:       0A32DF76
Authority key identifier: 75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/fvHlO_sFYKyUn-Y7tZIUFhkJdmI.roa
Signing time:             Sat 01 Jan 2022 15:02:37 +0000
ROA not before:           Sat 01 Jan 2022 15:02:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        185.177.229.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 171106166 (0xa32df76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
        Validity
            Not Before: Jan  1 15:02:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7ef1e53bfb0560ac949fe63bb592141619097662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:51:14:d4:f1:e6:71:2a:ee:a6:48:11:cb:5e:
                    e4:34:9e:b6:a6:f7:55:93:e8:94:99:a0:76:a3:a2:
                    5b:b6:0b:ab:7d:46:2f:89:e4:86:81:e3:9f:5f:15:
                    73:23:c1:f2:d1:4c:5b:3c:e1:77:39:7d:b5:23:48:
                    f5:ce:3b:b9:8c:67:4c:8c:eb:fa:f8:87:46:f8:02:
                    66:53:69:81:d0:48:12:d2:ae:50:03:b7:68:cf:44:
                    e5:f0:35:68:1f:b2:b1:19:c9:c6:ee:b6:df:4a:bf:
                    08:43:d0:8e:06:ec:73:07:79:6d:59:a5:58:53:cd:
                    d1:3b:95:45:22:c7:00:86:2d:b8:af:d3:47:77:c6:
                    3a:42:af:ea:9e:79:77:f4:39:a0:37:ab:fd:11:25:
                    3d:72:05:00:79:53:10:a4:f9:3f:bb:dc:b8:dd:6a:
                    09:ab:ee:a0:aa:0a:be:92:15:a0:67:79:8a:52:4a:
                    66:ed:52:de:00:89:97:3f:7b:44:9f:d4:43:94:67:
                    c2:70:9d:e9:a6:d8:b1:89:f2:a1:b5:b4:af:17:55:
                    58:8c:ed:14:13:28:59:3f:12:2b:53:cc:6e:7c:4d:
                    0f:82:62:c3:59:56:09:ec:a0:bd:9f:4a:4e:2b:3b:
                    cc:5c:00:5d:f6:aa:a9:33:e9:d4:5b:ae:00:bc:44:
                    de:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:F1:E5:3B:FB:05:60:AC:94:9F:E6:3B:B5:92:14:16:19:09:76:62
            X509v3 Authority Key Identifier:
                keyid:75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/fvHlO_sFYKyUn-Y7tZIUFhkJdmI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:96:ec:24:44:e4:42:67:a9:a4:5e:18:9a:19:5b:27:19:32:
         1c:64:1b:97:dd:77:33:b6:72:a6:86:14:ee:8e:06:62:8e:c3:
         38:c1:33:ca:7a:c6:4d:dd:09:7c:bf:5f:52:1e:73:37:57:2f:
         8b:ea:9b:bf:61:c9:c3:d8:8e:bc:1d:b1:22:b6:05:f8:3c:68:
         f7:f7:d6:db:87:8a:90:53:87:d8:cc:94:9f:e5:1e:7c:95:5d:
         6b:56:d8:ad:c0:f2:a2:cb:da:77:1d:c6:12:36:f2:3b:3a:ae:
         39:9b:a5:bb:0a:1c:62:c5:57:5c:8a:4e:e9:7f:ff:e8:55:84:
         b4:42:89:f6:81:7c:12:ec:ba:6d:f9:af:8b:3b:98:65:ac:ed:
         bf:93:96:e7:7c:43:b2:c4:18:74:95:eb:9b:ae:b5:70:34:59:
         38:86:56:47:ea:5a:c2:22:8a:b1:2c:3c:41:d2:75:ec:0f:0d:
         3d:a5:59:78:90:e4:4f:78:6b:90:1c:7e:f6:a2:df:36:70:ce:
         a6:07:2e:d9:1c:84:b2:85:73:7c:44:4f:17:ad:8f:ce:bc:bf:
         86:15:6e:74:be:b3:55:c9:8b:6a:89:64:76:04:96:ed:24:01:
         28:aa:81:f5:3b:cc:f3:c4:94:90:bb:ad:b3:9b:ba:ba:ec:a8:
         1c:01:41:6c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECjLfdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTU0YWM0YzdmNDUxYzViYjkzODJmYmNkNDZkNzBjNGMwZjlkZTU2MB4XDTIyMDEw
MTE1MDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2VmMWU1M2JmYjA1
NjBhYzk0OWZlNjNiYjU5MjE0MTYxOTA5NzY2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZRFNTx5nEq7qZIEcte5DSetqb3VZPolJmgdqOiW7YLq31G
L4nkhoHjn18VcyPB8tFMWzzhdzl9tSNI9c47uYxnTIzr+viHRvgCZlNpgdBIEtKu
UAO3aM9E5fA1aB+ysRnJxu6230q/CEPQjgbscwd5bVmlWFPN0TuVRSLHAIYtuK/T
R3fGOkKv6p55d/Q5oDer/RElPXIFAHlTEKT5P7vcuN1qCavuoKoKvpIVoGd5ilJK
Zu1S3gCJlz97RJ/UQ5RnwnCd6abYsYnyobW0rxdVWIztFBMoWT8SK1PMbnxND4Ji
w1lWCeygvZ9KTis7zFwAXfaqqTPp1FuuALxE3ucCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR+8eU7+wVgrJSf5ju1khQWGQl2YjAfBgNVHSMEGDAWgBR1VKxMf0UcW7k4
L7zUbXDEwPneVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RWU3NUSDlGSEZ1NU9DLTgxRzF3eE1ENTNsWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvODdhMDBhLWI2ZjYtNDcyMS1hODI4LWQ5MzM3ZGIzOWQxZi8x
L2Z2SGxPX3NGWUt5VW4tWTd0WklVRmhrSmRtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
ODdhMDBhLWI2ZjYtNDcyMS1hODI4LWQ5MzM3ZGIzOWQxZi8xL2RWU3NUSDlGSEZ1
NU9DLTgxRzF3eE1ENTNsWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmx5TANBgkqhkiG9w0BAQsFAAOC
AQEAIZbsJETkQmeppF4YmhlbJxkyHGQbl913M7ZypoYU7o4GYo7DOMEzynrGTd0J
fL9fUh5zN1cvi+qbv2HJw9iOvB2xIrYF+Dxo9/fW24eKkFOH2MyUn+UefJVda1bY
rcDyosvadx3GEjbyOzquOZuluwocYsVXXIpO6X//6FWEtEKJ9oF8Euy6bfmvizuY
Zaztv5OW53xDssQYdJXrm661cDRZOIZWR+pawiKKsSw8QdJ17A8NPaVZeJDkT3hr
kBx+9qLfNnDOpgcu2RyEsoVzfERPF62Pzry/hhVudL6zVcmLaolkdgSW7SQBKKqB
9TvM88SUkLuts5u6uuyoHAFBbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:37 2024 by rpki-client on console-fra.rpki-client.org