Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/8OXhlu5e8MF4JuMwT7jXlpBRzjc.roa
File:                     8OXhlu5e8MF4JuMwT7jXlpBRzjc.roa (raw, json)
Hash identifier:          TWhcwa5tRFrIKrutkJSXQBKRgM1iqjbjYoi29PVW5Qc=
Subject key identifier:   F0:E5:E1:96:EE:5E:F0:C1:78:26:E3:30:4F:B8:D7:96:90:51:CE:37
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A562D05
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/8OXhlu5e8MF4JuMwT7jXlpBRzjc.roa
Signing time:             Sat 01 Jan 2022 14:56:30 +0000
ROA not before:           Sat 01 Jan 2022 14:56:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60627
IP address blocks:        77.237.90.0/24 maxlen: 24
                          46.209.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 978726149 (0x3a562d05)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f0e5e196ee5ef0c17826e3304fb8d7969051ce37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:49:ba:fb:83:23:74:d3:28:e9:f6:21:ec:8b:
                    5e:06:04:b9:6f:af:7b:3d:71:39:ab:bc:5d:65:71:
                    96:7c:07:2c:98:f7:21:8c:77:6a:84:7c:d4:b9:95:
                    12:49:3b:c0:a9:d6:24:6d:cd:74:e0:08:c6:b7:78:
                    1b:e2:3f:31:a3:8f:5e:ec:ed:cf:60:19:dc:f2:28:
                    01:54:0f:2c:ea:06:4d:9c:9a:07:20:04:8f:a3:62:
                    89:f9:65:ad:5c:30:db:b5:58:e2:cc:4d:4a:3c:0f:
                    fd:8b:5d:2c:28:9b:0e:47:be:4e:26:cc:47:14:26:
                    ba:78:2f:24:23:0e:bb:33:ca:af:53:ac:06:0c:3b:
                    2c:78:f0:3a:2d:e7:f6:91:b4:5e:24:93:e5:bb:10:
                    88:b9:3f:67:d3:16:7d:76:a7:88:fe:ac:dc:5e:1e:
                    4d:45:36:98:bc:44:fd:55:bd:cc:30:df:93:52:12:
                    f0:fc:59:62:cc:2c:b7:4e:a1:65:24:76:6d:02:34:
                    2b:1e:2b:d2:96:11:cf:f9:4d:b0:1f:7d:fd:78:64:
                    26:ea:4c:f1:e5:43:42:6f:5f:9a:b2:43:42:1a:65:
                    fc:02:2e:31:a6:63:2b:a2:f7:a6:44:bd:1a:5a:32:
                    7e:ed:fe:f5:8a:74:0e:70:7e:13:c6:f8:c6:1c:21:
                    5d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:E5:E1:96:EE:5E:F0:C1:78:26:E3:30:4F:B8:D7:96:90:51:CE:37
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/8OXhlu5e8MF4JuMwT7jXlpBRzjc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.209.72.0/24
                  77.237.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:16:d5:ec:a4:5b:8b:f0:9c:80:2e:5b:92:89:5f:3d:d6:5b:
         91:17:0e:45:0b:c8:c6:49:9e:87:98:b2:a4:63:11:c9:a9:00:
         ee:a1:55:83:86:d9:26:a7:97:83:7d:ef:30:f6:c8:8d:66:8a:
         07:bd:58:ce:6c:d5:40:fd:23:04:6a:22:33:45:0e:29:99:0f:
         9e:11:22:67:3f:36:28:b2:c3:94:58:37:50:31:ad:92:ae:bf:
         cc:8e:de:b7:bd:c5:e6:7d:5a:6f:ca:2a:e9:08:4e:1b:13:d1:
         c9:f9:2b:1a:5e:77:b2:94:f6:76:d1:49:f9:c3:f2:f9:50:2c:
         26:99:52:f9:6f:7b:57:67:a9:36:5b:ea:af:bb:76:fb:2c:7e:
         a7:35:06:6c:9b:5c:7f:b1:9a:43:38:d9:a5:b9:f2:70:1f:6c:
         37:c3:96:f5:0f:2e:ac:96:92:49:a1:08:44:7f:cd:ab:b7:3a:
         4d:a0:51:fe:c5:80:d3:73:b3:c7:3e:25:ac:5b:f5:8a:6a:de:
         97:16:25:99:4a:60:2c:84:c6:6b:ba:f4:22:cc:e1:3c:5e:60:
         26:9b:c8:09:2f:a5:a8:d0:dd:ae:0c:f2:a9:1f:34:88:80:38:
         da:5e:7e:88:6f:cd:ec:16:19:ed:08:d5:ae:c2:32:4d:ad:d0:
         a6:05:44:db
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOlYtBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBlNWUxOTZlZTVl
ZjBjMTc4MjZlMzMwNGZiOGQ3OTY5MDUxY2UzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZJuvuDI3TTKOn2IeyLXgYEuW+vez1xOau8XWVxlnwHLJj3
IYx3aoR81LmVEkk7wKnWJG3NdOAIxrd4G+I/MaOPXuztz2AZ3PIoAVQPLOoGTZya
ByAEj6NiifllrVww27VY4sxNSjwP/YtdLCibDke+TibMRxQmungvJCMOuzPKr1Os
Bgw7LHjwOi3n9pG0XiST5bsQiLk/Z9MWfXaniP6s3F4eTUU2mLxE/VW9zDDfk1IS
8PxZYswst06hZSR2bQI0Kx4r0pYRz/lNsB99/XhkJupM8eVDQm9fmrJDQhpl/AIu
MaZjK6L3pkS9Gloyfu3+9Yp0DnB+E8b4xhwhXU0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTw5eGW7l7wwXgm4zBPuNeWkFHONzAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
LzhPWGhsdTVlOE1GNEp1TXdUN2pYbHBCUnpqYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC7RSAMEAE3tWjANBgkqhkiG9w0B
AQsFAAOCAQEAcRbV7KRbi/CcgC5bkolfPdZbkRcORQvIxkmeh5iypGMRyakA7qFV
g4bZJqeXg33vMPbIjWaKB71YzmzVQP0jBGoiM0UOKZkPnhEiZz82KLLDlFg3UDGt
kq6/zI7et73F5n1ab8oq6QhOGxPRyfkrGl53spT2dtFJ+cPy+VAsJplS+W97V2ep
Nlvqr7t2+yx+pzUGbJtcf7GaQzjZpbnycB9sN8OW9Q8urJaSSaEIRH/Nq7c6TaBR
/sWA03Ozxz4lrFv1imrelxYlmUpgLITGa7r0IszhPF5gJpvICS+lqNDdrgzyqR80
iIA42l5+iG/N7BYZ7QjVrsIyTa3QpgVE2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org