Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/8XdqOvUi2TzRSmKNsbXNoZ8xrhk.roa
File:                     8XdqOvUi2TzRSmKNsbXNoZ8xrhk.roa (raw, json)
Hash identifier:          1mB2zqi42E1BNHpEWMLIOWB6rKEtVUreBQ747hAzqLE=
Subject key identifier:   F1:77:6A:3A:F5:22:D9:3C:D1:4A:62:8D:B1:B5:CD:A1:9F:31:AE:19
Certificate issuer:       /CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
Certificate serial:       018475FC5DEBD9B0561538712C1E5B5D38B3
Authority key identifier: 77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/8XdqOvUi2TzRSmKNsbXNoZ8xrhk.roa
Signing time:             Mon 14 Nov 2022 11:53:04 +0000
ROA not before:           Mon 14 Nov 2022 11:53:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41750
IP address blocks:        185.138.100.0/22 maxlen: 22
                          92.245.96.0/20 maxlen: 20
                          92.245.96.0/19 maxlen: 19
                          109.201.160.0/19 maxlen: 19
                          92.245.112.0/20 maxlen: 20
                          158.181.16.0/20 maxlen: 20
                          158.181.240.0/20 maxlen: 20
                          77.235.0.0/20 maxlen: 20
                          77.235.0.0/19 maxlen: 19
                          77.235.7.0/24 maxlen: 24
                          176.123.224.0/19 maxlen: 19
                          77.235.16.0/20 maxlen: 20
                          77.235.22.0/24 maxlen: 24
                          158.181.176.0/20 maxlen: 20
                          158.181.192.0/20 maxlen: 20
                          158.181.208.0/20 maxlen: 20
                          158.181.0.0/20 maxlen: 20
                          158.181.0.0/19 maxlen: 19
                          158.181.224.0/20 maxlen: 20
                          158.181.128.0/20 maxlen: 20
                          158.181.128.0/17 maxlen: 17
                          158.181.144.0/20 maxlen: 20
                          158.181.160.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:75:fc:5d:eb:d9:b0:56:15:38:71:2c:1e:5b:5d:38:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
        Validity
            Not Before: Nov 14 11:53:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f1776a3af522d93cd14a628db1b5cda19f31ae19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:81:02:ad:05:9b:3c:18:ab:86:47:b4:e9:bb:
                    48:ac:eb:d6:08:65:ed:c6:0f:74:16:42:b8:8f:e3:
                    1a:8c:39:d3:17:60:70:da:f7:6e:01:a8:ba:e1:47:
                    48:cb:3e:6f:83:83:59:28:a1:75:2e:08:29:97:25:
                    a4:bb:fe:ff:bf:e6:c4:96:19:86:d0:5f:c3:94:ae:
                    90:7f:25:f5:40:34:a3:a6:5e:5f:45:7c:51:9b:cd:
                    99:07:e2:09:be:e8:e8:40:94:a7:b7:c9:ca:1b:0f:
                    d1:05:70:77:0c:b1:b0:ea:f9:be:dc:b0:82:f3:f7:
                    9e:f3:de:28:f6:c4:c8:1d:4a:7c:0e:77:73:d5:0a:
                    0e:75:7d:d0:12:0c:ac:e8:e9:83:ad:d8:6a:70:dc:
                    d2:07:4c:36:92:b7:05:cf:6c:1b:eb:27:56:37:ff:
                    eb:8b:01:6e:cd:21:18:eb:a4:b0:38:2a:03:a2:8d:
                    3c:02:09:e5:30:bb:ad:cf:94:cc:3a:39:6d:26:ba:
                    0f:b2:f2:fb:21:86:6d:1d:ad:69:5a:30:1a:84:4f:
                    4b:08:a1:f2:63:58:3e:38:7d:ba:26:cc:41:cc:c4:
                    fe:da:ec:09:c5:28:ec:9e:a7:a4:cb:fb:28:2c:dc:
                    8c:4b:c6:2b:a1:0f:49:25:7c:8b:48:2e:0a:f6:98:
                    7a:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:77:6A:3A:F5:22:D9:3C:D1:4A:62:8D:B1:B5:CD:A1:9F:31:AE:19
            X509v3 Authority Key Identifier:
                keyid:77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/8XdqOvUi2TzRSmKNsbXNoZ8xrhk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/d-PCkAtZl1QoPyfztOjX9sRRCXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.235.0.0/19
                  92.245.96.0/19
                  109.201.160.0/19
                  158.181.0.0/19
                  158.181.128.0/17
                  176.123.224.0/19
                  185.138.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         11:87:2c:18:14:ce:42:6c:34:d3:b9:7d:37:ae:b8:a8:40:1f:
         0e:c9:fe:90:b9:b8:23:6f:39:e0:15:ea:ad:10:6f:ea:eb:44:
         a9:ef:60:ef:b3:ef:7a:19:6e:c1:8d:81:d4:d6:59:7e:66:7d:
         2e:2b:8f:19:58:26:8d:3b:24:95:18:a8:a8:4d:0b:7d:40:5a:
         2b:32:a8:94:9a:9d:75:fb:71:21:a3:00:b7:10:98:0d:0f:15:
         01:a5:20:58:d0:b3:51:2d:f4:e4:22:a7:43:21:c3:c6:3b:ca:
         7a:51:81:0c:ab:c4:4a:fd:58:17:de:5d:a8:f4:76:af:88:9d:
         7f:8f:55:9e:19:10:c8:d6:b6:0e:c2:cc:b3:7b:2e:81:b1:5e:
         a6:94:7d:39:98:a3:2c:75:19:61:cd:f0:e8:07:e8:ed:5f:38:
         1e:72:07:d7:5e:4f:5f:f9:2f:8e:26:2c:f4:fb:01:83:19:cc:
         94:4c:5e:ed:47:39:da:ec:2c:b2:a2:96:14:9e:9e:1c:79:9d:
         28:a2:8e:95:fe:cc:ee:2f:cf:f4:de:a5:f0:22:18:ac:77:c1:
         03:d6:f0:45:b0:4c:34:cf:73:6c:88:90:5a:6e:c2:35:7c:37:
         81:8e:9d:b1:9b:f2:82:8d:1e:44:32:99:ea:69:3e:73:23:2b:
         4e:86:98:fe
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYR1/F3r2bBWFThxLB5bXTizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZTNjMjkwMGI1OTk3NTQyODNmMjdmM2I0ZThkN2Y2YzQ1
MTA5NzIwHhcNMjIxMTE0MTE1MzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTc3NmEzYWY1MjJkOTNjZDE0YTYyOGRiMWI1Y2RhMTlmMzFhZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIECrQWbPBirhke06btIrOvWCGXt
xg90FkK4j+MajDnTF2Bw2vduAai64UdIyz5vg4NZKKF1LggplyWku/7/v+bElhmG
0F/DlK6QfyX1QDSjpl5fRXxRm82ZB+IJvujoQJSnt8nKGw/RBXB3DLGw6vm+3LCC
8/ee894o9sTIHUp8Dndz1QoOdX3QEgys6OmDrdhqcNzSB0w2krcFz2wb6ydWN//r
iwFuzSEY66SwOCoDoo08AgnlMLutz5TMOjltJroPsvL7IYZtHa1pWjAahE9LCKHy
Y1g+OH26JsxBzMT+2uwJxSjsnqeky/soLNyMS8YroQ9JJXyLSC4K9ph6EwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPF3ajr1Itk80UpijbG1zaGfMa4ZMB8GA1UdIwQY
MBaAFHfjwpALWZdUKD8n87To1/bEUQlyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC1QQ2tBdFpsMVFvUHlmenRPalg5c1JSQ1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9lZjJiNDktMDM1Zi00MGE0LWFlNTEt
ZDNjNTVkNGZkYTlkLzEvOFhkcU92VWkyVHpSU21LTnNiWE5vWjh4cmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9lZjJiNDktMDM1Zi00MGE0LWFlNTEtZDNjNTVkNGZkYTlk
LzEvZC1QQ2tBdFpsMVFvUHlmenRPalg5c1JSQ1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFTesAAwQF
XPVgAwQFbcmgAwQFnrUAAwQHnrWAAwQFsHvgAwQCuYpkMA0GCSqGSIb3DQEBCwUA
A4IBAQARhywYFM5CbDTTuX03rrioQB8Oyf6QubgjbzngFeqtEG/q60Sp72Dvs+96
GW7BjYHU1ll+Zn0uK48ZWCaNOySVGKioTQt9QForMqiUmp11+3EhowC3EJgNDxUB
pSBY0LNRLfTkIqdDIcPGO8p6UYEMq8RK/VgX3l2o9HaviJ1/j1WeGRDI1rYOwsyz
ey6BsV6mlH05mKMsdRlhzfDoB+jtXzgecgfXXk9f+S+OJiz0+wGDGcyUTF7tRzna
7CyyopYUnp4ceZ0ooo6V/szuL8/03qXwIhisd8ED1vBFsEw0z3NsiJBabsI1fDeB
jp2xm/KCjR5EMpnqaT5zIytOhpj+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:26 2024 by rpki-client on console-fra.rpki-client.org