Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/c35CU-UU_R4Ssktge2KyF27LOjY.roa
File:                     c35CU-UU_R4Ssktge2KyF27LOjY.roa (raw, json)
Hash identifier:          kVVfK6K7ophJYCnHqmr1RzR0K6jj5cmdwg/AR6NLnM4=
Subject key identifier:   73:7E:42:53:E5:14:FD:1E:12:B2:4B:60:7B:62:B2:17:6E:CB:3A:36
Certificate issuer:       /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial:       7531BE
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/c35CU-UU_R4Ssktge2KyF27LOjY.roa
Signing time:             Sun 27 Mar 2022 06:18:34 +0000
ROA not before:           Sun 27 Mar 2022 06:18:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51964
IP address blocks:        185.84.217.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7680446 (0x7531be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
        Validity
            Not Before: Mar 27 06:18:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=737e4253e514fd1e12b24b607b62b2176ecb3a36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:73:0b:c7:24:15:f2:b8:5c:46:8a:6c:74:c7:
                    61:cc:3f:fd:7a:72:50:41:f0:0c:c0:b9:3b:a5:4e:
                    9e:33:db:6c:38:0d:3b:7a:e3:2c:ef:dc:d3:eb:27:
                    45:9c:95:9c:69:82:9a:2b:18:a5:c8:0b:ee:c0:a9:
                    b2:af:92:e9:5b:ec:82:a9:00:ab:64:26:dd:8d:89:
                    3e:da:50:c0:74:eb:eb:d6:31:cc:55:89:eb:2d:c0:
                    e4:17:92:19:57:32:22:01:c3:03:27:fe:6c:6a:fa:
                    8f:04:a7:5d:08:04:e4:28:08:aa:6f:5c:78:95:90:
                    76:6c:0d:b7:17:ad:0c:44:95:8e:c7:23:8c:30:06:
                    16:d3:91:68:2f:db:ed:df:6b:34:ef:9a:38:e7:cb:
                    ef:8f:a8:69:ac:8a:69:44:76:5d:a7:88:ba:bc:8c:
                    bc:ae:3f:a1:ae:ee:12:98:7e:ed:d6:eb:73:8e:e9:
                    34:39:8c:d6:ed:17:5b:ea:02:d6:de:73:6b:e1:79:
                    5c:21:1c:0e:79:3f:c4:7e:77:6f:7b:6a:f5:cb:7b:
                    45:9a:04:67:e4:1e:45:f7:08:d5:ce:fb:30:e1:19:
                    a3:48:87:cb:22:3b:89:7e:5f:ea:cc:b5:24:78:fe:
                    4f:1e:b8:00:3f:46:56:65:87:5a:c0:72:70:58:14:
                    b4:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:7E:42:53:E5:14:FD:1E:12:B2:4B:60:7B:62:B2:17:6E:CB:3A:36
            X509v3 Authority Key Identifier:
                keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/c35CU-UU_R4Ssktge2KyF27LOjY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:52:55:13:c6:1c:db:80:8d:17:a9:fb:4b:76:d0:b6:1c:24:
         43:05:96:19:e0:6e:3a:55:02:e2:0b:ce:d2:be:e1:34:d1:b2:
         0f:b5:e6:c0:9c:c2:0e:04:99:82:95:5a:f7:09:ea:bc:56:dc:
         32:bd:46:19:31:2b:1a:af:60:f3:45:6a:f4:5d:c3:02:0f:3a:
         1b:22:dd:58:bc:e6:f0:85:fd:9f:13:4b:8b:6e:62:62:c4:cb:
         ad:31:03:c4:f6:38:6d:24:61:95:0a:fa:06:03:e9:8a:8e:f3:
         5c:87:ee:5d:ad:e3:75:6f:eb:30:d4:6b:03:33:ab:78:78:17:
         f2:ca:96:40:1b:27:37:1e:f6:1f:11:02:83:00:65:71:00:9f:
         83:61:a7:a0:ab:bd:6b:a3:1b:32:bb:58:fe:53:d0:be:00:e1:
         2b:31:a7:0d:22:2e:7c:b2:e1:e8:25:c2:a5:22:e7:d0:d4:d4:
         9b:b2:c8:54:b9:c2:1c:11:0d:cc:2c:4a:49:89:e3:48:8b:bd:
         bd:b9:b3:50:7b:1b:e9:f8:b1:54:89:92:26:8c:02:71:bd:52:
         79:75:84:9d:2d:c6:23:c3:28:a0:33:fd:db:4e:52:47:00:7f:
         35:3e:11:c5:2c:65:cc:c0:c6:fc:c8:53:c2:34:6c:e3:c3:e0:
         74:5c:fd:1c
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDdTG+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc3
ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhjMmE5NmIwHhcNMjIwMzI3
MDYxODM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3MzdlNDI1M2U1MTRm
ZDFlMTJiMjRiNjA3YjYyYjIxNzZlY2IzYTM2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3HMLxyQV8rhcRopsdMdhzD/9enJQQfAMwLk7pU6eM9tsOA07
euMs79zT6ydFnJWcaYKaKxilyAvuwKmyr5LpW+yCqQCrZCbdjYk+2lDAdOvr1jHM
VYnrLcDkF5IZVzIiAcMDJ/5savqPBKddCATkKAiqb1x4lZB2bA23F60MRJWOxyOM
MAYW05FoL9vt32s075o458vvj6hprIppRHZdp4i6vIy8rj+hru4SmH7t1utzjuk0
OYzW7Rdb6gLW3nNr4XlcIRwOeT/Efndve2r1y3tFmgRn5B5F9wjVzvsw4RmjSIfL
IjuJfl/qzLUkeP5PHrgAP0ZWZYdawHJwWBS09wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFHN+QlPlFP0eErJLYHtishduyzo2MB8GA1UdIwQYMBaAFHftqPcmpptQTemU
lDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0LzEv
YzM1Q1UtVVVfUjRTc2t0Z2UyS3lGMjdMT2pZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83
Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0LzEvZC0ybzl5YW1tMUJO
NlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVTZMA0GCSqGSIb3DQEBCwUAA4IB
AQClUlUTxhzbgI0XqftLdtC2HCRDBZYZ4G46VQLiC87SvuE00bIPtebAnMIOBJmC
lVr3Ceq8VtwyvUYZMSsar2DzRWr0XcMCDzobIt1YvObwhf2fE0uLbmJixMutMQPE
9jhtJGGVCvoGA+mKjvNch+5dreN1b+sw1GsDM6t4eBfyypZAGyc3HvYfEQKDAGVx
AJ+DYaegq71roxsyu1j+U9C+AOErMacNIi58suHoJcKlIufQ1NSbsshUucIcEQ3M
LEpJieNIi729ubNQexvp+LFUiZImjAJxvVJ5dYSdLcYjwyigM/3bTlJHAH81PhHF
LGXMwMb8yFPCNGzjw+B0XP0c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:56 2024 by rpki-client on console-ams.rpki-client.org