Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/j_Fu4-ICsZTbmqmRrxBQslbKBKs.roa
File:                     j_Fu4-ICsZTbmqmRrxBQslbKBKs.roa (raw, json)
Hash identifier:          4BqiVkAGJL0I1RDyoCV7vqls9x7vYS0mnbI0PKlT6II=
Subject key identifier:   8F:F1:6E:E3:E2:02:B1:94:DB:9A:A9:91:AF:10:50:B2:56:CA:04:AB
Certificate issuer:       /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial:       0745B1
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/j_Fu4-ICsZTbmqmRrxBQslbKBKs.roa
Signing time:             Wed 09 Feb 2022 16:36:43 +0000
ROA not before:           Wed 09 Feb 2022 16:36:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20765
IP address blocks:        185.84.216.0/22 maxlen: 24
                          193.96.96.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 476593 (0x745b1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
        Validity
            Not Before: Feb  9 16:36:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8ff16ee3e202b194db9aa991af1050b256ca04ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:da:c8:8e:40:d4:70:8f:c4:6e:58:af:25:d7:
                    e9:10:74:e2:50:52:60:22:5b:c0:83:7c:6c:89:97:
                    96:62:4b:98:21:18:89:fb:7a:00:a2:97:dc:a0:23:
                    22:7a:8c:0a:9c:a3:87:fa:81:05:5d:4c:fc:15:9e:
                    8f:6a:46:8f:3b:77:04:01:1e:8e:aa:98:67:f3:49:
                    a0:1d:3e:4c:8e:3b:62:7d:03:ec:8f:08:c9:84:d7:
                    27:8e:11:85:06:05:bc:12:ad:69:94:c9:4c:56:e0:
                    56:13:64:5f:2e:a1:89:72:34:1b:c0:27:01:1a:c5:
                    2e:8a:e7:48:f2:3e:e5:24:63:5c:9a:f2:8d:6b:77:
                    cb:93:56:60:98:ec:20:15:77:d8:9a:e4:88:f3:1b:
                    a9:65:cf:08:a6:b7:5c:97:26:03:fe:1d:95:48:91:
                    8e:96:ea:dc:6b:da:5e:9a:06:08:80:ba:47:d9:ca:
                    9e:ed:62:2c:02:22:90:c8:5e:6d:31:1d:8a:5e:d9:
                    5a:7c:28:35:c9:b5:4f:b2:00:3f:71:77:a5:87:83:
                    61:89:8c:5a:25:24:28:8a:9d:db:b8:70:af:ce:0e:
                    32:52:d2:f8:e6:4e:3a:16:df:6a:26:1e:c3:10:c9:
                    da:12:e0:f2:b4:10:47:7e:1f:09:7f:44:65:50:08:
                    bf:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:F1:6E:E3:E2:02:B1:94:DB:9A:A9:91:AF:10:50:B2:56:CA:04:AB
            X509v3 Authority Key Identifier:
                keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/j_Fu4-ICsZTbmqmRrxBQslbKBKs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.216.0/22
                  193.96.96.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1e:0b:23:4c:92:9f:16:92:e0:09:a8:bf:3b:d2:39:84:74:40:
         a4:04:94:85:58:96:4d:11:ec:6c:d6:65:17:5e:9a:9b:e3:86:
         22:4e:c3:dc:ee:c4:8f:22:a9:a2:a2:7e:e2:b8:ef:81:d2:12:
         51:d3:6c:19:3f:52:30:3c:3d:54:06:9d:ff:6a:aa:99:db:ee:
         10:9e:98:b2:4d:3c:31:ca:84:93:7f:d8:58:f5:89:ef:ad:56:
         7d:e6:58:23:d2:ac:6c:cf:fe:cb:c0:28:2f:e7:25:61:75:26:
         c6:ec:89:a2:bd:04:07:8e:a6:11:35:21:55:e8:8a:38:a9:29:
         2c:7c:e7:82:c2:79:fc:2f:9e:b7:ec:83:e2:14:a5:7c:f8:aa:
         57:06:c1:b9:18:c9:8a:71:20:62:63:e9:ec:a5:e6:4c:60:4a:
         16:f2:85:00:51:1b:56:36:21:99:4a:2a:f8:71:94:07:f1:09:
         3a:f6:92:43:96:70:ee:d0:03:99:fd:46:15:14:27:1c:c8:d0:
         fd:9c:47:2d:25:01:94:5f:46:a2:ec:a4:5b:62:61:1f:28:36:
         a8:1b:72:e9:88:01:42:f9:ce:35:6c:33:23:74:2c:57:5e:35:
         a4:04:d9:ae:80:8d:24:71:dd:ce:72:94:45:04:67:27:5e:d1:
         5a:ee:09:da
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDB0WxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc3
ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhjMmE5NmIwHhcNMjIwMjA5
MTYzNjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4ZmYxNmVlM2UyMDJi
MTk0ZGI5YWE5OTFhZjEwNTBiMjU2Y2EwNGFiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArNrIjkDUcI/EblivJdfpEHTiUFJgIlvAg3xsiZeWYkuYIRiJ
+3oAopfcoCMieowKnKOH+oEFXUz8FZ6PakaPO3cEAR6Oqphn80mgHT5MjjtifQPs
jwjJhNcnjhGFBgW8Eq1plMlMVuBWE2RfLqGJcjQbwCcBGsUuiudI8j7lJGNcmvKN
a3fLk1ZgmOwgFXfYmuSI8xupZc8IprdclyYD/h2VSJGOlurca9pemgYIgLpH2cqe
7WIsAiKQyF5tMR2KXtlafCg1ybVPsgA/cXelh4NhiYxaJSQoip3buHCvzg4yUtL4
5k46Ft9qJh7DEMnaEuDytBBHfh8Jf0RlUAi/SQIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFI/xbuPiArGU25qpka8QULJWygSrMB8GA1UdIwQYMBaAFHftqPcmpptQTemU
lDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0LzEv
al9GdTQtSUNzWlRibXFtUnJ4QlFzbGJLQktzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83
Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0LzEvZC0ybzl5YW1tMUJO
NlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVTYAwQDwWBgMA0GCSqGSIb3DQEB
CwUAA4IBAQAeCyNMkp8WkuAJqL870jmEdECkBJSFWJZNEexs1mUXXpqb44YiTsPc
7sSPIqmion7iuO+B0hJR02wZP1IwPD1UBp3/aqqZ2+4QnpiyTTwxyoSTf9hY9Ynv
rVZ95lgj0qxsz/7LwCgv5yVhdSbG7ImivQQHjqYRNSFV6Io4qSksfOeCwnn8L563
7IPiFKV8+KpXBsG5GMmKcSBiY+nspeZMYEoW8oUAURtWNiGZSir4cZQH8Qk69pJD
lnDu0AOZ/UYVFCccyND9nEctJQGUX0ai7KRbYmEfKDaoG3LpiAFC+c41bDMjdCxX
XjWkBNmugI0kcd3OcpRFBGcnXtFa7gna
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:42 2024 by rpki-client on console-fra.rpki-client.org