Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Qll07j9WsIy0mAFgy7TIwMTnBCI.roa
File:                     Qll07j9WsIy0mAFgy7TIwMTnBCI.roa (raw, json)
Hash identifier:          4JjXeBlpTyICRSx0ooqXUWCe2BDMSphHBSdWSGaef40=
Subject key identifier:   42:59:74:EE:3F:56:B0:8C:B4:98:01:60:CB:B4:C8:C0:C4:E7:04:22
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       0185634147C69E212EFFE8DC7B7E9691A276
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Qll07j9WsIy0mAFgy7TIwMTnBCI.roa
Signing time:             Fri 30 Dec 2022 13:38:20 +0000
ROA not before:           Fri 30 Dec 2022 13:38:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203790
IP address blocks:        77.74.228.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:63:41:47:c6:9e:21:2e:ff:e8:dc:7b:7e:96:91:a2:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Dec 30 13:38:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=425974ee3f56b08cb4980160cbb4c8c0c4e70422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:c6:cc:26:44:ec:1c:db:f9:37:fb:b5:e6:e9:
                    6d:58:64:ec:81:78:48:1d:59:b4:dd:46:da:a9:ef:
                    fa:b2:7f:7d:0e:8c:fd:78:9d:e9:46:7d:4a:6d:6b:
                    9d:71:b0:12:03:f9:2e:94:6a:a1:ce:6e:20:a6:b3:
                    d3:08:99:a9:ce:34:16:e5:84:b2:ec:eb:fb:bc:9e:
                    f2:8f:e4:a6:1f:fe:9c:79:5b:e6:d6:48:33:04:e9:
                    40:d4:de:68:92:92:03:5a:cf:04:ae:36:d7:92:f4:
                    99:27:ea:f6:81:bc:d0:4e:17:05:a2:21:68:00:e2:
                    ea:dc:d2:f5:14:2e:f1:43:c5:c3:88:69:50:8a:a6:
                    a8:37:6a:e6:00:df:30:29:e5:7e:be:fc:96:b5:b2:
                    ab:6b:f8:e8:bb:b4:38:39:2d:5b:f2:8b:a7:c9:6c:
                    4e:5a:ee:0a:bf:f7:12:37:ca:d2:8f:22:a7:cc:cd:
                    93:cf:37:95:b6:71:bd:f2:47:4d:9d:77:c2:3a:8b:
                    49:8c:67:b9:68:ba:48:43:05:b8:69:3d:c9:3a:e2:
                    d6:f6:59:f9:86:0e:22:3e:5b:cb:ce:36:79:b9:f7:
                    ac:b9:4a:01:fd:f7:8a:be:f8:d8:c6:2e:98:56:bf:
                    ab:d7:44:45:45:e4:2d:93:99:a7:32:d8:7d:96:0c:
                    b5:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:59:74:EE:3F:56:B0:8C:B4:98:01:60:CB:B4:C8:C0:C4:E7:04:22
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Qll07j9WsIy0mAFgy7TIwMTnBCI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.74.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:b4:a3:32:bd:43:a5:98:fd:3b:51:99:90:bc:38:1f:6a:c1:
         08:fd:cb:a1:09:88:49:81:25:e2:89:f0:ea:be:46:f1:36:5d:
         a2:6d:80:8e:58:4e:dc:73:68:7b:77:7a:3f:97:92:a7:87:d0:
         7d:8e:ab:7c:36:33:d1:78:2b:8c:db:20:ed:7f:b4:51:ec:fe:
         6b:fd:61:74:a0:a9:e3:6c:6e:96:d6:17:3e:16:bd:dc:d3:a8:
         b2:6f:57:b2:75:fd:c8:04:dc:b0:bd:19:8d:e0:58:b8:1e:3b:
         0f:57:8d:d2:f5:31:87:63:9f:7f:7d:4c:69:b0:21:b9:27:37:
         25:8e:57:1d:df:80:a6:12:5c:b1:5c:ee:a0:49:24:b4:f6:a7:
         5b:76:61:a0:35:64:6c:69:99:85:0e:64:0e:e4:bb:30:8e:00:
         bc:bb:47:5d:95:b9:14:bd:41:14:8c:ff:d8:5f:ab:43:f8:23:
         8b:66:a3:79:88:9a:9c:5d:c0:b9:8d:e7:ec:de:ac:87:86:39:
         cb:6f:f1:d2:67:65:02:c9:4b:bd:66:07:5d:4e:ba:4c:d3:14:
         20:a0:7f:7b:c8:74:61:e8:85:a1:bf:3a:84:6c:ea:80:63:04:
         a2:a6:51:7f:1d:ec:66:8a:17:f9:d0:3c:ff:cd:14:9e:ce:89:
         b9:4a:84:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVjQUfGniEu/+jce36WkaJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjIxMjMwMTMzODIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjU5NzRlZTNmNTZiMDhjYjQ5ODAxNjBjYmI0YzhjMGM0ZTcwNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMbMJkTsHNv5N/u15ultWGTsgXhI
HVm03Ubaqe/6sn99Doz9eJ3pRn1KbWudcbASA/kulGqhzm4gprPTCJmpzjQW5YSy
7Ov7vJ7yj+SmH/6ceVvm1kgzBOlA1N5okpIDWs8ErjbXkvSZJ+r2gbzQThcFoiFo
AOLq3NL1FC7xQ8XDiGlQiqaoN2rmAN8wKeV+vvyWtbKra/jou7Q4OS1b8ounyWxO
Wu4Kv/cSN8rSjyKnzM2TzzeVtnG98kdNnXfCOotJjGe5aLpIQwW4aT3JOuLW9ln5
hg4iPlvLzjZ5ufesuUoB/feKvvjYxi6YVr+r10RFReQtk5mnMth9lgy1uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJZdO4/VrCMtJgBYMu0yMDE5wQiMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvUWxsMDdqOVdzSXkwbUFGZ3k3VEl3TVRuQkNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUrkMA0G
CSqGSIb3DQEBCwUAA4IBAQAUtKMyvUOlmP07UZmQvDgfasEI/cuhCYhJgSXiifDq
vkbxNl2ibYCOWE7cc2h7d3o/l5Knh9B9jqt8NjPReCuM2yDtf7RR7P5r/WF0oKnj
bG6W1hc+Fr3c06iyb1eydf3IBNywvRmN4Fi4HjsPV43S9TGHY59/fUxpsCG5Jzcl
jlcd34CmElyxXO6gSSS09qdbdmGgNWRsaZmFDmQO5LswjgC8u0ddlbkUvUEUjP/Y
X6tD+COLZqN5iJqcXcC5jefs3qyHhjnLb/HSZ2UCyUu9ZgddTrpM0xQgoH97yHRh
6IWhvzqEbOqAYwSiplF/Hexmihf50Dz/zRSezom5SoQC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org