Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/k-qF4zZFfBiprGYLuHCc5p6ZFDQ.roa
File:                     k-qF4zZFfBiprGYLuHCc5p6ZFDQ.roa (raw, json)
Hash identifier:          lfveofelOvZCM445S5B/iv798piloyIT9jGtdTpQuRM=
Subject key identifier:   93:EA:85:E3:36:45:7C:18:A9:AC:66:0B:B8:70:9C:E6:9E:99:14:34
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       0255EB5B
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/k-qF4zZFfBiprGYLuHCc5p6ZFDQ.roa
Signing time:             Sat 09 Apr 2022 15:51:45 +0000
ROA not before:           Sat 09 Apr 2022 15:51:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        77.74.231.0/24 maxlen: 24
                          109.105.193.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 39185243 (0x255eb5b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Apr  9 15:51:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=93ea85e336457c18a9ac660bb8709ce69e991434
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:f7:c6:03:3e:61:e7:0d:50:f8:11:8a:04:a5:
                    28:c5:06:a4:2c:55:64:68:92:3a:ef:f6:78:ab:fb:
                    88:dc:24:bb:79:b4:c8:20:7e:c9:f6:50:d2:6d:04:
                    69:05:92:0a:e9:2d:84:4c:86:12:23:f7:b0:8f:80:
                    5e:03:72:e0:90:79:cb:a2:51:f8:31:d9:9e:f6:d8:
                    ce:63:99:66:08:5a:7d:93:0c:83:ae:50:23:16:bf:
                    e9:4f:7d:6f:46:ac:c1:17:e3:f1:a8:c7:25:3b:27:
                    39:0b:3a:1c:70:51:e0:30:eb:46:e4:a1:fc:b4:3a:
                    30:b1:83:d7:58:5d:e9:2b:cd:90:31:95:35:7e:39:
                    3b:5e:89:98:a5:4b:f0:a7:ca:15:e4:38:cb:2c:10:
                    31:58:93:4c:b0:f6:a6:7a:dc:79:c5:6e:1d:00:8f:
                    3a:ac:4a:04:88:dc:10:82:a1:9f:df:8d:dd:31:8b:
                    85:57:6b:b8:d0:58:27:bb:fa:b8:6d:a2:cf:4f:d6:
                    50:c4:4a:83:18:0c:a7:83:59:74:fb:0a:a7:2a:01:
                    55:25:34:d7:c6:a0:b7:7d:48:e0:2e:2d:ff:b2:4e:
                    96:42:84:b7:58:2e:33:eb:24:f6:26:3f:32:52:50:
                    1d:b3:6a:f9:b1:18:bc:e1:e8:43:e2:6b:3e:82:b3:
                    c9:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:EA:85:E3:36:45:7C:18:A9:AC:66:0B:B8:70:9C:E6:9E:99:14:34
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/k-qF4zZFfBiprGYLuHCc5p6ZFDQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.74.231.0/24
                  109.105.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:20:0d:3b:90:ae:d7:68:1c:b2:04:38:79:bf:f6:a9:54:d7:
         80:b7:ba:d6:1d:b3:bf:90:78:b4:70:97:5b:b2:34:0c:18:0c:
         d8:85:df:d2:6f:19:9e:84:bb:22:50:69:78:d9:de:2e:96:29:
         e5:15:08:e6:e3:b9:3b:11:df:31:a8:29:53:48:28:40:c1:ca:
         c1:93:1f:a1:24:83:19:70:2d:de:58:91:60:66:b9:2a:c4:46:
         f2:cb:d2:3e:21:87:96:bb:5e:5a:a0:23:fc:76:84:4d:03:42:
         c7:34:2d:67:71:29:66:63:18:2c:8c:e8:38:eb:f4:f5:5f:43:
         04:4c:b4:85:c1:f7:57:61:9b:14:d7:40:18:8f:9b:19:4d:f7:
         83:3d:e8:42:c2:2a:85:77:fc:9b:59:91:2d:71:80:de:7c:f9:
         63:87:35:5f:e7:00:16:4c:1a:d7:a9:77:e6:4f:b4:bf:af:0a:
         7f:11:a9:c8:a2:d6:25:2f:a6:ef:54:00:03:6d:a3:24:a8:00:
         ec:33:e1:78:79:75:33:8e:db:c7:cc:ec:4f:ef:04:08:e3:9d:
         ed:1e:dd:ee:18:2e:d5:dd:b9:a1:35:29:49:79:39:8e:72:d4:
         f2:ec:ad:a2:4b:78:9c:9b:00:5a:4c:49:a4:d2:38:5e:c5:d9:
         c1:6f:52:62
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAlXrWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGM2MGEwZDJkNzBhOTMzN2QwYmRhNTZkMWFkNTk2YWMxZjY5Y2RhMB4XDTIyMDQw
OTE1NTE0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTNlYTg1ZTMzNjQ1
N2MxOGE5YWM2NjBiYjg3MDljZTY5ZTk5MTQzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIv3xgM+YecNUPgRigSlKMUGpCxVZGiSOu/2eKv7iNwku3m0
yCB+yfZQ0m0EaQWSCukthEyGEiP3sI+AXgNy4JB5y6JR+DHZnvbYzmOZZghafZMM
g65QIxa/6U99b0aswRfj8ajHJTsnOQs6HHBR4DDrRuSh/LQ6MLGD11hd6SvNkDGV
NX45O16JmKVL8KfKFeQ4yywQMViTTLD2pnrcecVuHQCPOqxKBIjcEIKhn9+N3TGL
hVdruNBYJ7v6uG2iz0/WUMRKgxgMp4NZdPsKpyoBVSU018agt31I4C4t/7JOlkKE
t1guM+sk9iY/MlJQHbNq+bEYvOHoQ+JrPoKzyccCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBST6oXjNkV8GKmsZgu4cJzmnpkUNDAfBgNVHSMEGDAWgBTYxgoNLXCpM30L
2lbRrVlqwfac2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJNWUtEUzF3cVROOUM5cFcwYTFaYXNIMm5Oby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvYjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8x
L2stcUY0elpGZkJpcHJHWUx1SENjNXA2WkZEUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
YjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8xLzJNWUtEUzF3cVRO
OUM5cFcwYTFaYXNIMm5Oby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAE1K5wMEAG1pwTANBgkqhkiG9w0B
AQsFAAOCAQEAByANO5Cu12gcsgQ4eb/2qVTXgLe61h2zv5B4tHCXW7I0DBgM2IXf
0m8ZnoS7IlBpeNneLpYp5RUI5uO5OxHfMagpU0goQMHKwZMfoSSDGXAt3liRYGa5
KsRG8svSPiGHlrteWqAj/HaETQNCxzQtZ3EpZmMYLIzoOOv09V9DBEy0hcH3V2Gb
FNdAGI+bGU33gz3oQsIqhXf8m1mRLXGA3nz5Y4c1X+cAFkwa16l35k+0v68KfxGp
yKLWJS+m71QAA22jJKgA7DPheHl1M47bx8zsT+8ECOOd7R7d7hgu1d25oTUpSXk5
jnLU8uytokt4nJsAWkxJpNI4XsXZwW9SYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org