Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b97849-2af5-4c3e-8f0e-4dd3853a2241/1/SL3RKcE_6eRXMzyU-I63saL_AhU.roa
File:                     SL3RKcE_6eRXMzyU-I63saL_AhU.roa (raw, json)
Hash identifier:          cH0MaLv2iflo7mbnDQagEJjyghymbCA63O3Bw7Fm5cY=
Subject key identifier:   48:BD:D1:29:C1:3F:E9:E4:57:33:3C:94:F8:8E:B7:B1:A2:FF:02:15
Certificate issuer:       /CN=77480527d0b35caf95b37502c4c6f9e3e81fd8a3
Certificate serial:       306D6BE1
Authority key identifier: 77:48:05:27:D0:B3:5C:AF:95:B3:75:02:C4:C6:F9:E3:E8:1F:D8:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d0gFJ9CzXK-Vs3UCxMb54-gf2KM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/b97849-2af5-4c3e-8f0e-4dd3853a2241/1/SL3RKcE_6eRXMzyU-I63saL_AhU.roa
Signing time:             Sat 01 Jan 2022 12:59:37 +0000
ROA not before:           Sat 01 Jan 2022 12:59:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39135
IP address blocks:        77.238.64.0/19 maxlen: 19
                          185.73.56.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 812477409 (0x306d6be1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77480527d0b35caf95b37502c4c6f9e3e81fd8a3
        Validity
            Not Before: Jan  1 12:59:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48bdd129c13fe9e457333c94f88eb7b1a2ff0215
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7c:75:9f:34:ff:b7:a4:c5:44:82:20:76:5c:
                    4d:0a:88:69:f6:83:d9:86:81:d3:c8:d3:fc:eb:9d:
                    a8:47:57:b9:f0:74:0f:a4:96:3b:12:84:8a:b3:09:
                    9a:ed:69:18:b8:97:f5:54:7d:79:5f:60:27:98:c9:
                    47:87:fe:29:0c:ac:f6:63:8e:e3:4c:07:b3:69:ef:
                    cf:6b:a1:dc:89:f1:14:be:82:15:af:47:63:d5:d5:
                    89:d3:c0:23:cd:0e:0c:36:1d:95:ed:80:52:b8:9d:
                    9b:22:97:b8:0e:68:72:8c:d1:97:1e:90:8c:39:a8:
                    cd:87:59:fa:6a:06:4e:91:da:a3:9b:1f:42:a7:5b:
                    c2:b4:bc:a6:00:f3:18:b8:b6:2e:8d:9b:2f:56:97:
                    03:38:eb:bb:d5:ec:fa:de:00:6e:07:1b:dc:4f:b0:
                    5f:6c:d0:eb:90:99:68:d9:f3:ae:be:30:44:08:f3:
                    70:da:a1:94:f8:e7:2a:da:71:ab:1f:4a:8f:74:26:
                    6a:68:f7:2f:78:65:fc:01:00:d9:60:b2:74:37:72:
                    d7:96:4e:6a:e9:f5:c9:e9:ee:58:26:c1:2d:56:d9:
                    13:71:9a:9e:ab:e4:1b:8c:58:84:f6:c2:58:43:b9:
                    0a:2c:8c:a5:af:1e:ea:5d:8e:6c:c5:42:3a:af:f7:
                    5e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:BD:D1:29:C1:3F:E9:E4:57:33:3C:94:F8:8E:B7:B1:A2:FF:02:15
            X509v3 Authority Key Identifier:
                keyid:77:48:05:27:D0:B3:5C:AF:95:B3:75:02:C4:C6:F9:E3:E8:1F:D8:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0gFJ9CzXK-Vs3UCxMb54-gf2KM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b97849-2af5-4c3e-8f0e-4dd3853a2241/1/SL3RKcE_6eRXMzyU-I63saL_AhU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b97849-2af5-4c3e-8f0e-4dd3853a2241/1/d0gFJ9CzXK-Vs3UCxMb54-gf2KM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.238.64.0/19
                  185.73.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         aa:1b:e2:aa:66:37:0d:13:5e:74:68:99:50:8f:87:50:57:92:
         fd:f1:b6:5b:e2:20:cb:70:3a:da:09:b0:92:6f:99:e6:66:65:
         97:91:d7:56:9e:fe:34:04:92:6c:ba:07:7c:84:86:a2:77:e4:
         77:9a:c7:f5:46:56:f8:d9:73:d0:7b:4a:d3:26:92:ad:46:99:
         18:28:21:fc:99:65:a8:b5:a6:44:e1:d8:ac:49:5d:a7:14:02:
         1d:4f:bb:64:76:d5:f6:15:46:c6:b7:82:d7:32:21:97:b8:c9:
         8d:70:fc:b1:b5:c2:bf:8b:bd:e9:ab:ac:47:25:28:27:7a:a5:
         9b:b5:9f:1d:b0:6a:ec:c4:f7:4d:8a:cc:ee:2a:e0:24:29:bd:
         d3:62:5d:0d:5f:5f:e8:6d:63:4d:c2:dc:86:8d:f5:48:63:22:
         0c:17:81:43:94:aa:b9:4f:53:33:ca:d6:5c:38:81:bf:4d:4c:
         e4:9f:c9:3d:93:b7:64:c2:76:e0:22:7f:8f:90:da:66:77:7c:
         02:2a:1c:62:3a:e9:e7:0f:74:d1:00:c7:7e:8e:a6:42:3c:6b:
         34:c1:fb:5a:ae:59:9a:53:21:5c:8f:eb:26:6e:08:ad:b3:5a:
         95:4c:92:41:09:4a:70:64:1e:d8:6c:db:2e:d2:38:3b:f8:d9:
         20:56:73:64
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEMG1r4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NzQ4MDUyN2QwYjM1Y2FmOTViMzc1MDJjNGM2ZjllM2U4MWZkOGEzMB4XDTIyMDEw
MTEyNTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDhiZGQxMjljMTNm
ZTllNDU3MzMzYzk0Zjg4ZWI3YjFhMmZmMDIxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALx8dZ80/7ekxUSCIHZcTQqIafaD2YaB08jT/OudqEdXufB0
D6SWOxKEirMJmu1pGLiX9VR9eV9gJ5jJR4f+KQys9mOO40wHs2nvz2uh3InxFL6C
Fa9HY9XVidPAI80ODDYdle2AUridmyKXuA5ocozRlx6QjDmozYdZ+moGTpHao5sf
QqdbwrS8pgDzGLi2Lo2bL1aXAzjru9Xs+t4Abgcb3E+wX2zQ65CZaNnzrr4wRAjz
cNqhlPjnKtpxqx9Kj3Qmamj3L3hl/AEA2WCydDdy15ZOaun1yenuWCbBLVbZE3Ga
nqvkG4xYhPbCWEO5CiyMpa8e6l2ObMVCOq/3XgMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRIvdEpwT/p5FczPJT4jrexov8CFTAfBgNVHSMEGDAWgBR3SAUn0LNcr5Wz
dQLExvnj6B/YozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2QwZ0ZKOUN6WEstVnMzVUN4TWI1NC1nZjJLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvYjk3ODQ5LTJhZjUtNGMzZS04ZjBlLTRkZDM4NTNhMjI0MS8x
L1NMM1JLY0VfNmVSWE16eVUtSTYzc2FMX0FoVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
Yjk3ODQ5LTJhZjUtNGMzZS04ZjBlLTRkZDM4NTNhMjI0MS8xL2QwZ0ZKOUN6WEst
VnMzVUN4TWI1NC1nZjJLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBU3uQAMEArlJODANBgkqhkiG9w0B
AQsFAAOCAQEAqhviqmY3DRNedGiZUI+HUFeS/fG2W+Igy3A62gmwkm+Z5mZll5HX
Vp7+NASSbLoHfISGonfkd5rH9UZW+Nlz0HtK0yaSrUaZGCgh/JllqLWmROHYrEld
pxQCHU+7ZHbV9hVGxreC1zIhl7jJjXD8sbXCv4u96ausRyUoJ3qlm7WfHbBq7MT3
TYrM7irgJCm902JdDV9f6G1jTcLcho31SGMiDBeBQ5SquU9TM8rWXDiBv01M5J/J
PZO3ZMJ24CJ/j5DaZnd8AiocYjrp5w900QDHfo6mQjxrNMH7Wq5ZmlMhXI/rJm4I
rbNalUySQQlKcGQe2GzbLtI4O/jZIFZzZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:41 2024 by rpki-client on console-fra.rpki-client.org