Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Np4IRFQ-2X0p2PkYnrUb1fOIY_U.roa
File:                     Np4IRFQ-2X0p2PkYnrUb1fOIY_U.roa (raw, json)
Hash identifier:          Mgbmt+FFzsOVi9Z5KxQX1R7390NCm1PMxXU+8WesVPM=
Subject key identifier:   36:9E:08:44:54:3E:D9:7D:29:D8:F9:18:9E:B5:1B:D5:F3:88:63:F5
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0184A4AAF1FD1189257D32ECAC0FB03B1841
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Np4IRFQ-2X0p2PkYnrUb1fOIY_U.roa
Signing time:             Wed 23 Nov 2022 13:26:17 +0000
ROA not before:           Wed 23 Nov 2022 13:26:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207459
IP address blocks:        79.175.96.0/24 maxlen: 24
                          77.105.22.0/24 maxlen: 24
                          188.255.141.0/24 maxlen: 24
                          212.69.13.0/24 maxlen: 24
                          178.219.14.0/24 maxlen: 24
                          79.175.67.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a4:aa:f1:fd:11:89:25:7d:32:ec:ac:0f:b0:3b:18:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Nov 23 13:26:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=369e0844543ed97d29d8f9189eb51bd5f38863f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d3:ca:13:e9:d4:25:95:2e:64:6d:dc:76:d3:
                    ad:6c:68:29:a6:ba:78:22:ad:eb:0e:82:9a:99:69:
                    8b:a3:c1:5b:2e:67:66:cd:a4:b8:31:d1:be:3f:0d:
                    3e:f1:52:1c:48:82:ad:7d:10:5f:fa:44:57:7e:d3:
                    be:20:9d:27:f7:13:bc:a8:3d:78:b9:01:f7:49:e8:
                    d6:03:2c:ea:29:c8:75:45:db:94:1d:e3:38:44:b0:
                    64:28:45:2f:d0:41:56:73:44:b2:2a:57:71:6e:ac:
                    49:94:fa:ba:55:fd:32:16:1f:b4:a6:a6:76:90:c0:
                    c5:69:14:d4:55:8f:4b:e3:f1:94:1f:79:53:cc:50:
                    2f:14:ed:78:9a:bd:c8:12:74:62:73:9a:f3:23:b2:
                    27:8f:9a:a7:ce:ad:e1:3c:08:6a:4c:a4:09:db:54:
                    2e:cb:80:37:2b:e2:9a:be:5a:2c:ee:d7:ee:7f:33:
                    e2:29:72:45:40:ee:4a:5b:04:be:df:41:86:0b:e1:
                    55:5d:84:2b:99:a6:ac:15:bd:12:1e:fd:e7:6e:38:
                    d0:4e:fc:05:be:13:7d:3e:6e:75:26:e7:3b:57:03:
                    a2:b4:d0:27:cf:83:5e:af:49:41:43:b0:d6:3a:e8:
                    96:f6:b9:1a:a4:75:c9:f4:11:73:b9:d3:20:c0:26:
                    35:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:9E:08:44:54:3E:D9:7D:29:D8:F9:18:9E:B5:1B:D5:F3:88:63:F5
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Np4IRFQ-2X0p2PkYnrUb1fOIY_U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.105.22.0/24
                  79.175.67.0/24
                  79.175.96.0/24
                  178.219.14.0/24
                  188.255.141.0/24
                  212.69.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:35:72:42:07:67:29:3d:b3:81:a9:88:a4:9d:3b:2a:a9:0d:
         7a:81:7c:a4:2a:f9:b4:d7:d6:6e:aa:eb:16:ce:95:31:42:5f:
         6c:2c:2e:23:8c:c9:03:af:75:91:6a:f5:3e:4d:91:54:f2:fe:
         6f:a1:80:ec:50:47:8d:dd:fe:da:64:e7:d4:99:c3:ff:35:2b:
         6f:29:5d:8b:61:c6:cd:8b:71:80:6e:3d:65:f6:9b:fb:8b:a9:
         e6:44:2f:eb:44:36:f2:e8:05:59:92:ac:d1:0b:9b:9c:24:4f:
         34:a0:9a:da:76:f8:2e:cc:53:91:cc:79:1e:e3:8d:27:2b:bc:
         41:f6:68:1f:a6:90:05:0d:74:ac:6f:af:e6:d4:aa:26:3c:98:
         78:0c:7a:f5:58:94:37:a4:15:17:b7:0c:19:7f:76:b2:4d:a3:
         8b:63:53:f2:47:81:03:2f:41:1f:00:98:c4:ca:bc:28:61:95:
         59:31:08:0f:76:46:54:7d:7c:dd:51:50:26:04:ef:d9:5d:af:
         de:48:16:68:31:03:e3:7d:54:c0:44:66:44:ac:87:ad:0e:56:
         b2:fc:73:42:ed:84:d9:5d:ce:29:31:4f:e3:f3:53:89:25:65:
         1b:a0:4d:f3:9b:49:cf:0a:54:2b:2c:74:72:be:2b:2d:7e:53:
         2d:c0:32:86
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYSkqvH9EYklfTLsrA+wOxhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIxMTIzMTMyNjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjllMDg0NDU0M2VkOTdkMjlkOGY5MTg5ZWI1MWJkNWYzODg2M2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstPKE+nUJZUuZG3cdtOtbGgpprp4
Iq3rDoKamWmLo8FbLmdmzaS4MdG+Pw0+8VIcSIKtfRBf+kRXftO+IJ0n9xO8qD14
uQH3SejWAyzqKch1RduUHeM4RLBkKEUv0EFWc0SyKldxbqxJlPq6Vf0yFh+0pqZ2
kMDFaRTUVY9L4/GUH3lTzFAvFO14mr3IEnRic5rzI7Inj5qnzq3hPAhqTKQJ21Qu
y4A3K+Kavlos7tfufzPiKXJFQO5KWwS+30GGC+FVXYQrmaasFb0SHv3nbjjQTvwF
vhN9Pm51Juc7VwOitNAnz4Ner0lBQ7DWOuiW9rkapHXJ9BFzudMgwCY15QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDaeCERUPtl9Kdj5GJ61G9XziGP1MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvTnA0SVJGUS0yWDBwMlBrWW5yVWIxZk9JWV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATWkWAwQA
T69DAwQAT69gAwQAstsOAwQAvP+NAwQA1EUNMA0GCSqGSIb3DQEBCwUAA4IBAQCi
NXJCB2cpPbOBqYiknTsqqQ16gXykKvm019ZuqusWzpUxQl9sLC4jjMkDr3WRavU+
TZFU8v5voYDsUEeN3f7aZOfUmcP/NStvKV2LYcbNi3GAbj1l9pv7i6nmRC/rRDby
6AVZkqzRC5ucJE80oJradvguzFORzHke440nK7xB9mgfppAFDXSsb6/m1KomPJh4
DHr1WJQ3pBUXtwwZf3ayTaOLY1PyR4EDL0EfAJjEyrwoYZVZMQgPdkZUfXzdUVAm
BO/ZXa/eSBZoMQPjfVTARGZErIetDlay/HNC7YTZXc4pMU/j81OJJWUboE3zm0nP
ClQrLHRyvistflMtwDKG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org