Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/4mJRdbi_vVkf5HeFbGutYK78Dxk.roa
File:                     4mJRdbi_vVkf5HeFbGutYK78Dxk.roa (raw, json)
Hash identifier:          VhGeDXDN4HrIOa7oO6S8Cb/KzI5H6R2bKi4SKR1ppCA=
Subject key identifier:   E2:62:51:75:B8:BF:BD:59:1F:E4:77:85:6C:6B:AD:60:AE:FC:0F:19
Certificate issuer:       /CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Certificate serial:       16F6C44C
Authority key identifier: B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/4mJRdbi_vVkf5HeFbGutYK78Dxk.roa
Signing time:             Sat 01 Jan 2022 14:55:46 +0000
ROA not before:           Sat 01 Jan 2022 14:55:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201364
IP address blocks:        185.77.1.0/24 maxlen: 24
                          185.77.2.0/24 maxlen: 24
                          2a05:5ec0:1::/48 maxlen: 48
                          2a05:5ec0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 385270860 (0x16f6c44c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
        Validity
            Not Before: Jan  1 14:55:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e2625175b8bfbd591fe477856c6bad60aefc0f19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a6:ed:ed:ea:7f:bc:75:d2:44:f2:21:f0:87:
                    b8:41:21:de:96:66:24:68:0b:2a:3a:69:1d:fb:95:
                    1b:30:92:42:da:7d:f0:93:f9:d9:17:8d:93:f0:a8:
                    94:4d:8b:0b:e1:0a:db:3a:62:9d:86:9a:52:90:37:
                    4e:7e:4d:9c:0e:88:7d:d8:5e:04:89:66:9f:1b:22:
                    bb:f7:05:17:90:39:b1:37:67:85:44:47:74:93:00:
                    f0:8b:ed:ee:32:0a:08:93:99:d5:5f:b5:db:03:7f:
                    74:92:6b:0c:2c:cb:36:f4:90:cc:ae:66:57:90:a4:
                    e0:b7:46:54:9d:4c:53:43:4f:27:f6:8d:8b:6c:1a:
                    be:83:28:1b:21:36:ac:0d:ef:04:3d:f4:f1:10:db:
                    4f:4a:99:eb:fc:0f:e8:b9:ca:32:e9:eb:32:a0:c6:
                    eb:4b:90:b5:00:d7:bc:d1:50:af:78:4e:9a:37:25:
                    df:35:7d:61:6f:f1:f4:e4:cc:ff:8f:aa:36:81:1a:
                    6c:07:08:cf:c1:b0:c5:47:7b:52:16:a4:72:dc:42:
                    8b:07:90:63:15:72:9b:29:32:61:d5:2d:fa:a7:53:
                    d6:0b:90:af:2c:d9:79:a1:55:fb:ba:98:46:b1:5b:
                    63:3d:ec:5c:cd:c5:3f:80:0c:7c:7f:78:1a:0e:c2:
                    4b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:62:51:75:B8:BF:BD:59:1F:E4:77:85:6C:6B:AD:60:AE:FC:0F:19
            X509v3 Authority Key Identifier:
                keyid:B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/4mJRdbi_vVkf5HeFbGutYK78Dxk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/tOxsCl6-xYF9kbkeeaa8YTLrnSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.77.1.0-185.77.2.255
                IPv6:
                  2a05:5ec0::/29

    Signature Algorithm: sha256WithRSAEncryption
         6c:b8:18:be:25:94:0b:e2:93:7b:24:38:fc:e8:f9:0c:fd:75:
         bf:a3:82:80:fc:fa:ec:cd:89:20:6d:84:a8:5d:f4:64:e9:cf:
         0c:54:65:7a:e0:b3:2a:05:cf:af:fd:62:23:6e:91:f3:e3:34:
         72:94:d8:dc:03:c0:7e:3c:c4:2c:7c:84:98:a0:07:d8:ee:0d:
         1b:ba:7a:c2:ee:91:ac:ae:c8:6a:11:38:89:8c:8d:21:1f:af:
         9f:82:80:a8:49:71:65:b7:fe:72:d7:34:00:cb:ca:7f:63:4f:
         7d:e7:a1:79:e8:58:12:d7:b5:f8:12:09:c3:da:ad:3e:2e:23:
         b7:1b:eb:93:47:f5:e8:15:4e:c4:c6:83:19:58:3f:d2:45:21:
         87:b9:04:9e:d4:8c:82:70:dc:28:51:05:19:d6:21:53:ee:17:
         d6:1b:e0:cb:e6:e0:ad:5e:ec:21:79:3c:08:50:98:d3:0f:44:
         b3:34:f7:0a:91:e9:3a:44:0b:c0:b8:e8:d7:d4:ec:1f:eb:02:
         8d:9a:f4:2d:5b:ff:4b:fa:d8:b7:31:03:fb:0a:da:e3:dd:46:
         39:e4:6c:86:6f:c4:41:37:3b:0c:a7:4d:3b:98:5b:c7:7b:f2:
         37:6b:24:74:4f:0c:36:70:b9:3b:f1:aa:0f:d3:44:8f:07:f7:
         ef:74:25:68
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEFvbETDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGVjNmMwYTVlYmVjNTgxN2Q5MWI5MWU3OWE2YmM2MTMyZWI5ZDJjMB4XDTIyMDEw
MTE0NTU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI2MjUxNzViOGJm
YmQ1OTFmZTQ3Nzg1NmM2YmFkNjBhZWZjMGYxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6m7e3qf7x10kTyIfCHuEEh3pZmJGgLKjppHfuVGzCSQtp9
8JP52ReNk/ColE2LC+EK2zpinYaaUpA3Tn5NnA6IfdheBIlmnxsiu/cFF5A5sTdn
hURHdJMA8Ivt7jIKCJOZ1V+12wN/dJJrDCzLNvSQzK5mV5Ck4LdGVJ1MU0NPJ/aN
i2wavoMoGyE2rA3vBD308RDbT0qZ6/wP6LnKMunrMqDG60uQtQDXvNFQr3hOmjcl
3zV9YW/x9OTM/4+qNoEabAcIz8GwxUd7UhakctxCiweQYxVymykyYdUt+qdT1guQ
ryzZeaFV+7qYRrFbYz3sXM3FP4AMfH94Gg7CS88CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTiYlF1uL+9WR/kd4Vsa61grvwPGTAfBgNVHSMEGDAWgBS07GwKXr7FgX2R
uR55prxhMuudLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RPeHNDbDYteFlGOWtia2VlYWE4WVRMcm5Tdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvMjA5NzRkLTY0MDMtNDEwNy1hNzViLTEzZmI3YTUxMzBjYS8x
LzRtSlJkYmlfdlZrZjVIZUZiR3V0WUs3OER4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
MjA5NzRkLTY0MDMtNDEwNy1hNzViLTEzZmI3YTUxMzBjYS8xL3RPeHNDbDYteFlG
OWtia2VlYWE4WVRMcm5Tdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQAuU0BAwQAuU0CMA0EAgACMAcD
BQMqBV7AMA0GCSqGSIb3DQEBCwUAA4IBAQBsuBi+JZQL4pN7JDj86PkM/XW/o4KA
/PrszYkgbYSoXfRk6c8MVGV64LMqBc+v/WIjbpHz4zRylNjcA8B+PMQsfISYoAfY
7g0bunrC7pGsrshqETiJjI0hH6+fgoCoSXFlt/5y1zQAy8p/Y09956F56FgS17X4
EgnD2q0+LiO3G+uTR/XoFU7ExoMZWD/SRSGHuQSe1IyCcNwoUQUZ1iFT7hfWG+DL
5uCtXuwheTwIUJjTD0SzNPcKkek6RAvAuOjX1Owf6wKNmvQtW/9L+ti3MQP7Ctrj
3UY55GyGb8RBNzsMp007mFvHe/I3ayR0Tww2cLk78aoP00SPB/fvdCVo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:17 2024 by rpki-client on console-fra.rpki-client.org