Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Q8XXmdObhBpEIwI_uPuScXebRx8.roa
File:                     Q8XXmdObhBpEIwI_uPuScXebRx8.roa (raw, json)
Hash identifier:          +1ibKDDqZkh1Jj9PJJhzZU/eNMQe0HNhaZe3wQr5xu0=
Subject key identifier:   43:C5:D7:99:D3:9B:84:1A:44:23:02:3F:B8:FB:92:71:77:9B:47:1F
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       018264FC90BA575F925392ED6C4D4E7CB3AB
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Q8XXmdObhBpEIwI_uPuScXebRx8.roa
Signing time:             Wed 03 Aug 2022 18:34:09 +0000
ROA not before:           Wed 03 Aug 2022 18:34:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211306
IP address blocks:        77.36.2.0/23 maxlen: 23
                          77.36.4.0/24 maxlen: 24
                          77.36.5.0/24 maxlen: 24
                          77.36.56.0/24 maxlen: 24
                          77.232.216.0/23 maxlen: 23
                          77.36.54.0/23 maxlen: 23
                          77.232.218.0/24 maxlen: 24
                          77.36.88.0/24 maxlen: 24
                          91.237.49.0/24 maxlen: 24
                          93.120.44.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:64:fc:90:ba:57:5f:92:53:92:ed:6c:4d:4e:7c:b3:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: Aug  3 18:34:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=43c5d799d39b841a4423023fb8fb9271779b471f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:3e:eb:37:5f:1f:43:bb:f8:57:7b:94:d2:05:
                    e3:14:48:d0:19:61:f2:08:81:44:57:68:1a:6a:02:
                    a9:fc:9f:02:7b:d3:fe:f9:84:c2:d5:a4:61:35:2f:
                    b7:f9:a0:da:96:47:f5:20:e0:0a:4e:74:fc:1b:89:
                    9b:0b:fb:07:47:2e:22:d1:32:70:15:88:92:ce:23:
                    1e:34:e5:d0:76:b5:c3:91:34:90:1d:03:d5:4f:d4:
                    42:ef:ee:ff:23:c7:50:b0:50:73:fd:d3:03:bd:39:
                    c8:2b:2e:3a:5e:6c:45:f4:08:d3:eb:99:ca:5b:45:
                    87:34:b1:72:6b:d3:e4:aa:c4:50:12:c7:57:12:07:
                    cc:3c:21:2e:3c:31:c7:c0:85:57:bb:75:30:44:ed:
                    2d:9b:53:9f:ed:f3:dd:a3:2a:1e:85:bb:91:65:8b:
                    65:d1:71:d9:55:3a:c9:75:5c:02:7c:e1:3f:52:dc:
                    33:83:23:72:70:72:26:81:58:3c:48:8e:46:a5:6c:
                    29:70:5e:a4:0d:b0:5b:54:31:22:8e:b2:29:c4:5e:
                    b8:d7:ba:61:00:1c:63:b9:58:fc:ba:35:69:11:f4:
                    51:f5:7a:a2:ae:38:48:b4:a8:03:f2:e0:ed:c2:d8:
                    4e:26:35:e9:4a:6c:93:39:62:04:a4:dc:42:bb:ac:
                    8c:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:C5:D7:99:D3:9B:84:1A:44:23:02:3F:B8:FB:92:71:77:9B:47:1F
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Q8XXmdObhBpEIwI_uPuScXebRx8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.36.2.0-77.36.5.255
                  77.36.54.0-77.36.56.255
                  77.36.88.0/24
                  77.232.216.0-77.232.218.255
                  91.237.49.0/24
                  93.120.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1b:49:d6:16:b0:33:f8:a8:7b:a8:4a:30:54:41:bf:7c:e1:19:
         e8:30:fc:e8:fe:02:33:da:4e:f7:68:36:89:57:4c:3a:ea:0a:
         a5:23:bf:2a:03:51:a2:3a:54:64:4b:bc:53:bb:94:89:f4:c9:
         d4:9b:fe:e7:6a:08:94:6c:e0:c4:d6:d3:5e:ac:be:8d:93:a8:
         21:d0:71:c3:0c:1a:3b:97:5e:50:7f:e4:2a:2b:4f:76:ab:8a:
         b5:de:b4:fa:b9:9a:58:58:fc:a2:c6:b1:e5:92:9d:82:03:31:
         f7:ef:95:ae:cc:ee:04:74:e3:c6:19:ef:2a:5a:ae:25:8c:45:
         1c:55:15:3f:ac:89:bf:d5:a3:fb:0a:29:16:25:a2:39:b8:d6:
         68:ef:6f:94:e1:2c:7c:11:4d:94:e8:60:af:4b:0c:7d:c9:04:
         ee:c7:3c:fc:a0:3a:29:47:5e:5d:ba:34:29:f1:f0:68:ed:7b:
         4a:ac:2a:a5:4f:0c:7f:f4:db:56:99:7e:2f:38:72:42:bf:dc:
         35:98:cb:88:c4:12:2e:82:eb:92:cc:3f:e5:d2:93:0c:71:78:
         b5:c0:ae:f2:4f:59:48:64:f3:e4:60:9a:99:9a:9d:b0:54:e7:
         c4:bf:81:20:2d:6c:87:85:2b:99:f1:84:9c:85:b4:bf:54:9e:
         b7:0c:2a:b3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYJk/JC6V1+SU5LtbE1OfLOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwODAzMTgzNDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2M1ZDc5OWQzOWI4NDFhNDQyMzAyM2ZiOGZiOTI3MTc3OWI0NzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhj7rN18fQ7v4V3uU0gXjFEjQGWHy
CIFEV2gaagKp/J8Ce9P++YTC1aRhNS+3+aDalkf1IOAKTnT8G4mbC/sHRy4i0TJw
FYiSziMeNOXQdrXDkTSQHQPVT9RC7+7/I8dQsFBz/dMDvTnIKy46XmxF9AjT65nK
W0WHNLFya9PkqsRQEsdXEgfMPCEuPDHHwIVXu3UwRO0tm1Of7fPdoyoehbuRZYtl
0XHZVTrJdVwCfOE/UtwzgyNycHImgVg8SI5GpWwpcF6kDbBbVDEijrIpxF6417ph
ABxjuVj8ujVpEfRR9XqirjhItKgD8uDtwthOJjXpSmyTOWIEpNxCu6yMFwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEPF15nTm4QaRCMCP7j7knF3m0cfMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUThYWG1kT2JoQnBFSXdJX3VQdVNjWGViUng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAFNJAID
BAFNJAQwDAMEAU0kNgMEAE0kOAMEAE0kWDAMAwQDTejYAwQATejaAwQAW+0xAwQB
XXgsMA0GCSqGSIb3DQEBCwUAA4IBAQAbSdYWsDP4qHuoSjBUQb984RnoMPzo/gIz
2k73aDaJV0w66gqlI78qA1GiOlRkS7xTu5SJ9MnUm/7nagiUbODE1tNerL6Nk6gh
0HHDDBo7l15Qf+QqK092q4q13rT6uZpYWPyixrHlkp2CAzH375WuzO4EdOPGGe8q
Wq4ljEUcVRU/rIm/1aP7CikWJaI5uNZo72+U4Sx8EU2U6GCvSwx9yQTuxzz8oDop
R15dujQp8fBo7XtKrCqlTwx/9NtWmX4vOHJCv9w1mMuIxBIuguuSzD/l0pMMcXi1
wK7yT1lIZPPkYJqZmp2wVOfEv4EgLWyHhSuZ8YSchbS/VJ63DCqz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org