Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/tKpvyVGtLdt32Yj64K4i7WQfmCY.roa
File:                     tKpvyVGtLdt32Yj64K4i7WQfmCY.roa (raw, json)
Hash identifier:          QrxibuZHlRkz5p66fEJ3uMg4Mku7k3eg3hyTANHSMZk=
Subject key identifier:   B4:AA:6F:C9:51:AD:2D:DB:77:D9:88:FA:E0:AE:22:ED:64:1F:98:26
Certificate issuer:       /CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Certificate serial:       01430820
Authority key identifier: D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/tKpvyVGtLdt32Yj64K4i7WQfmCY.roa
Signing time:             Tue 18 Jan 2022 16:29:55 +0000
ROA not before:           Tue 18 Jan 2022 16:29:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50126
IP address blocks:        77.232.145.0/24 maxlen: 24
                          77.232.144.0/24 maxlen: 24
                          77.232.147.0/24 maxlen: 24
                          77.232.146.0/24 maxlen: 24
                          77.232.152.0/24 maxlen: 24
                          77.232.148.0/22 maxlen: 22
                          77.232.154.0/24 maxlen: 24
                          77.232.153.0/24 maxlen: 24
                          77.232.155.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21170208 (0x1430820)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d504e641e55a48aee0141e2c0d26227102caa6d4
        Validity
            Not Before: Jan 18 16:29:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b4aa6fc951ad2ddb77d988fae0ae22ed641f9826
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bc:e8:20:01:61:53:c0:39:c0:c3:fb:be:4e:
                    22:72:18:3b:54:28:05:b4:44:cc:01:d7:a3:4e:c7:
                    c8:96:62:64:16:31:a8:81:41:30:29:20:7f:ef:f0:
                    2e:4d:02:62:18:ad:79:d6:34:0d:db:1e:18:a5:1a:
                    24:68:4c:53:cb:a1:4a:dd:86:b6:bc:73:73:6e:41:
                    ec:4b:e3:55:83:7e:d6:44:a3:f7:ef:0e:18:98:a4:
                    84:ee:38:6d:a7:7b:d0:0d:ad:ff:c3:fa:d6:72:01:
                    e9:4d:d7:30:93:d1:42:7e:62:e0:d2:9d:f4:ee:6b:
                    45:20:22:77:61:1c:20:6e:30:db:94:7d:64:92:27:
                    5c:fa:50:9e:d9:be:9b:da:60:c5:92:c3:f0:3c:87:
                    c5:08:3d:9b:8b:67:0d:43:3e:c6:eb:4c:68:80:02:
                    af:73:69:b7:9e:18:6a:d8:48:7d:b7:1c:47:ff:71:
                    46:24:28:f6:5e:98:2b:57:3d:a0:43:ba:1f:da:ba:
                    7a:49:48:86:7c:f7:2a:30:aa:8a:df:7f:2f:34:46:
                    e5:0b:66:0f:3b:d2:d0:04:6b:52:3d:3d:4f:03:a3:
                    23:aa:b3:64:c2:35:2f:3b:81:65:fb:5c:3c:12:b3:
                    25:a9:4c:72:b9:2f:92:5b:35:a9:98:59:96:3c:c6:
                    1d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:AA:6F:C9:51:AD:2D:DB:77:D9:88:FA:E0:AE:22:ED:64:1F:98:26
            X509v3 Authority Key Identifier:
                keyid:D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/tKpvyVGtLdt32Yj64K4i7WQfmCY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.232.144.0-77.232.155.255

    Signature Algorithm: sha256WithRSAEncryption
         99:0d:d0:95:c4:db:f7:3b:f3:73:f9:cf:aa:cf:07:49:81:66:
         59:4f:e7:d3:4d:c7:06:0e:6d:d0:f5:b1:6c:45:e0:d5:3d:68:
         18:fe:d3:c7:0b:48:fa:39:3a:17:4d:8d:cd:e9:de:48:b9:1f:
         e9:0e:c9:98:02:db:ce:f0:c1:ea:01:d9:f7:6c:8a:c7:d4:10:
         83:66:62:2f:c8:23:18:ad:ca:83:66:e3:4c:07:f3:5f:20:6d:
         b7:af:1c:d6:75:45:ec:35:18:92:79:c8:df:d6:77:d3:30:28:
         82:b4:5f:76:72:f1:77:73:5a:d2:99:b9:8d:fd:c3:e6:d4:eb:
         5d:15:c8:5f:26:da:87:62:cc:32:0d:89:01:4a:60:fa:83:38:
         fb:41:43:3a:69:6d:4b:d3:f5:49:ae:ac:19:36:6e:fd:08:3f:
         fa:44:1b:9e:ff:4e:7a:53:35:0f:88:65:7f:b8:67:72:cf:d3:
         6e:62:c5:19:99:1c:de:f7:37:79:58:91:f2:06:7c:c2:95:27:
         63:b6:05:84:f7:08:8e:60:63:b2:7d:98:12:0b:14:77:2b:d8:
         c3:28:54:cf:06:a8:2c:12:fd:6c:2d:36:2c:6e:df:3d:9c:0b:
         7a:48:28:65:30:80:84:30:5e:57:5a:e3:36:ac:c0:29:be:79:
         8e:6c:6b:63
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAUMIIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTA0ZTY0MWU1NWE0OGFlZTAxNDFlMmMwZDI2MjI3MTAyY2FhNmQ0MB4XDTIyMDEx
ODE2Mjk1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRhYTZmYzk1MWFk
MmRkYjc3ZDk4OGZhZTBhZTIyZWQ2NDFmOTgyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALK86CABYVPAOcDD+75OInIYO1QoBbREzAHXo07HyJZiZBYx
qIFBMCkgf+/wLk0CYhitedY0DdseGKUaJGhMU8uhSt2Gtrxzc25B7EvjVYN+1kSj
9+8OGJikhO44bad70A2t/8P61nIB6U3XMJPRQn5i4NKd9O5rRSAid2EcIG4w25R9
ZJInXPpQntm+m9pgxZLD8DyHxQg9m4tnDUM+xutMaIACr3Npt54YathIfbccR/9x
RiQo9l6YK1c9oEO6H9q6eklIhnz3KjCqit9/LzRG5QtmDzvS0ARrUj09TwOjI6qz
ZMI1LzuBZftcPBKzJalMcrkvkls1qZhZljzGHa0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBS0qm/JUa0t23fZiPrgriLtZB+YJjAfBgNVHSMEGDAWgBTVBOZB5VpIruAU
HiwNJiJxAsqm1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFRVG1RZVZhU0s3Z0ZCNHNEU1lpY1FMS3B0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvZjAxZjM1LTJjY2EtNGU1YS04MjhhLTZiZmZjYjdjMGYwYS8x
L3RLcHZ5Vkd0TGR0MzJZajY0SzRpN1dRZm1DWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
ZjAxZjM1LTJjY2EtNGU1YS04MjhhLTZiZmZjYjdjMGYwYS8xLzFRVG1RZVZhU0s3
Z0ZCNHNEU1lpY1FMS3B0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQETeiQAwQCTeiYMA0GCSqGSIb3
DQEBCwUAA4IBAQCZDdCVxNv3O/Nz+c+qzwdJgWZZT+fTTccGDm3Q9bFsReDVPWgY
/tPHC0j6OToXTY3N6d5IuR/pDsmYAtvO8MHqAdn3bIrH1BCDZmIvyCMYrcqDZuNM
B/NfIG23rxzWdUXsNRiSecjf1nfTMCiCtF92cvF3c1rSmbmN/cPm1OtdFchfJtqH
YswyDYkBSmD6gzj7QUM6aW1L0/VJrqwZNm79CD/6RBue/056UzUPiGV/uGdyz9Nu
YsUZmRze9zd5WJHyBnzClSdjtgWE9wiOYGOyfZgSCxR3K9jDKFTPBqgsEv1sLTYs
bt89nAt6SChlMICEMF5XWuM2rMApvnmObGtj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:24 2024 by rpki-client on console-ams.rpki-client.org