Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/6wdBD0nRW7KZzK2K8VUYZrToJ_Q.roa
File:                     6wdBD0nRW7KZzK2K8VUYZrToJ_Q.roa (raw, json)
Hash identifier:          Cbhw73fyJ1F5agTjlCVDz42bhhn4FH+gM3U/lG1cZB8=
Subject key identifier:   EB:07:41:0F:49:D1:5B:B2:99:CC:AD:8A:F1:55:18:66:B4:E8:27:F4
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       0184C2D88B8EA3A6E6F31158C32CF985F4EB
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/6wdBD0nRW7KZzK2K8VUYZrToJ_Q.roa
Signing time:             Tue 29 Nov 2022 10:04:42 +0000
ROA not before:           Tue 29 Nov 2022 10:04:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48944
IP address blocks:        77.104.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c2:d8:8b:8e:a3:a6:e6:f3:11:58:c3:2c:f9:85:f4:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Nov 29 10:04:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eb07410f49d15bb299ccad8af1551866b4e827f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:2f:1e:5c:64:4c:29:37:eb:3b:cb:f5:3d:72:
                    3f:14:86:b0:7b:92:a1:c5:88:27:2b:30:6d:07:0e:
                    f6:3f:a3:79:1f:80:6a:43:31:14:f5:33:d7:e6:4b:
                    01:67:d2:be:ab:ce:c4:6e:37:91:39:13:06:53:02:
                    46:98:be:85:a0:ca:f1:5a:83:63:2f:9c:e0:dd:bb:
                    89:bf:f3:6d:23:2d:ee:f6:76:fa:f7:c3:08:bb:9d:
                    0d:a5:1d:f2:24:8e:dd:b4:57:60:09:aa:a6:d7:ee:
                    8c:2f:b5:d6:f1:dd:d6:92:a6:a3:d5:c2:52:b8:47:
                    ad:51:99:fc:f9:40:6d:d8:99:08:ca:1a:cd:f6:61:
                    9d:e1:3f:15:59:4c:a5:3c:43:73:a1:2e:d8:6a:67:
                    46:1d:5b:b3:09:a5:61:e2:bc:d5:ad:50:4a:b4:53:
                    26:87:d5:17:c8:93:ff:da:1e:6c:ed:42:5b:82:40:
                    6e:bb:49:70:1b:0e:18:6b:0b:7e:e7:42:8d:21:54:
                    83:8a:31:84:7d:28:b6:f0:83:9e:c5:78:7a:a2:23:
                    ae:76:15:52:f7:9f:cc:42:ba:13:6b:fb:5f:f5:a0:
                    26:da:3c:43:86:40:b4:0c:16:60:fd:3f:4f:0e:52:
                    0b:1d:8e:2f:da:db:76:c3:a5:29:6e:38:0f:b0:9a:
                    7b:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:07:41:0F:49:D1:5B:B2:99:CC:AD:8A:F1:55:18:66:B4:E8:27:F4
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/6wdBD0nRW7KZzK2K8VUYZrToJ_Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.104.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:c4:23:11:5a:20:6b:f5:1e:2f:79:4d:1b:2d:e0:65:02:a5:
         83:11:a6:82:19:38:ac:7f:62:35:16:bf:d9:1c:3c:b3:73:54:
         5c:db:f8:00:ee:fc:21:67:c0:34:45:e7:2b:84:cf:48:34:bd:
         32:68:95:19:87:dc:c6:44:38:d2:d9:b6:0e:70:8b:5a:09:4e:
         90:de:ad:0e:d1:98:61:e6:40:ad:4c:98:4f:df:54:c7:00:c0:
         c9:f2:d1:08:b3:cc:90:4b:59:8f:a0:cb:48:0a:20:95:1f:0d:
         fd:a5:ba:9d:12:f4:ca:9c:61:19:df:cc:bb:c8:38:89:d8:b9:
         f3:81:4c:ce:33:70:65:ac:7b:08:4c:ff:e4:84:66:45:b0:a8:
         cf:8c:4c:5f:d3:cf:29:d2:a8:d2:67:bb:27:9b:8b:f1:4b:92:
         52:b6:3a:e2:8d:e3:dc:c2:19:f5:07:e9:fc:e9:f4:7a:2a:c7:
         1d:fd:60:10:e3:e4:a4:3b:2a:df:c4:4d:5f:71:19:5c:28:8e:
         12:db:77:ba:07:6e:76:dc:ef:ed:06:ab:aa:db:c6:0c:e1:79:
         b3:0c:51:6f:a3:c6:1d:2f:98:64:97:9f:40:47:76:ae:3c:55:
         af:fd:45:89:8c:5c:7d:8e:00:7c:19:fb:14:18:ea:90:b9:b3:
         d0:da:e0:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTC2IuOo6bm8xFYwyz5hfTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjIxMTI5MTAwNDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjA3NDEwZjQ5ZDE1YmIyOTljY2FkOGFmMTU1MTg2NmI0ZTgyN2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS8eXGRMKTfrO8v1PXI/FIawe5Kh
xYgnKzBtBw72P6N5H4BqQzEU9TPX5ksBZ9K+q87EbjeRORMGUwJGmL6FoMrxWoNj
L5zg3buJv/NtIy3u9nb698MIu50NpR3yJI7dtFdgCaqm1+6ML7XW8d3Wkqaj1cJS
uEetUZn8+UBt2JkIyhrN9mGd4T8VWUylPENzoS7YamdGHVuzCaVh4rzVrVBKtFMm
h9UXyJP/2h5s7UJbgkBuu0lwGw4Yawt+50KNIVSDijGEfSi28IOexXh6oiOudhVS
95/MQroTa/tf9aAm2jxDhkC0DBZg/T9PDlILHY4v2tt2w6UpbjgPsJp7VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOsHQQ9J0VuymcytivFVGGa06Cf0MB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvNndkQkQwblJXN0taeksySzhWVVlaclRvSl9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATWhsMA0G
CSqGSIb3DQEBCwUAA4IBAQBLxCMRWiBr9R4veU0bLeBlAqWDEaaCGTisf2I1Fr/Z
HDyzc1Rc2/gA7vwhZ8A0RecrhM9INL0yaJUZh9zGRDjS2bYOcItaCU6Q3q0O0Zhh
5kCtTJhP31THAMDJ8tEIs8yQS1mPoMtICiCVHw39pbqdEvTKnGEZ38y7yDiJ2Lnz
gUzOM3BlrHsITP/khGZFsKjPjExf088p0qjSZ7snm4vxS5JStjrijePcwhn1B+n8
6fR6Kscd/WAQ4+SkOyrfxE1fcRlcKI4S23e6B2523O/tBquq28YM4XmzDFFvo8Yd
L5hkl59AR3auPFWv/UWJjFx9jgB8GfsUGOqQubPQ2uDl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:20 2024 by rpki-client on console-ams.rpki-client.org