Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/17fNnOpYtkYahqt-uRhEJ1IjcC8.roa
File:                     17fNnOpYtkYahqt-uRhEJ1IjcC8.roa (raw, json)
Hash identifier:          ws960pH8zyOP5DeP1pGx5fZ4AU9mOytmzJsnZzN/zmM=
Subject key identifier:   D7:B7:CD:9C:EA:58:B6:46:1A:86:AB:7E:B9:18:44:27:52:23:70:2F
Certificate issuer:       /CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Certificate serial:       120869
Authority key identifier: B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/17fNnOpYtkYahqt-uRhEJ1IjcC8.roa
Signing time:             Tue 07 Jun 2022 08:03:20 +0000
ROA not before:           Tue 07 Jun 2022 08:03:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25454
IP address blocks:        217.12.112.0/20 maxlen: 24
                          185.8.68.0/22 maxlen: 22
                          188.131.0.0/17 maxlen: 24
                          77.89.192.0/18 maxlen: 24
                          193.239.182.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1181801 (0x120869)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
        Validity
            Not Before: Jun  7 08:03:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d7b7cd9cea58b6461a86ab7eb91844275223702f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:25:c5:db:53:9d:bd:c2:04:18:d4:3c:b4:8d:
                    25:98:b0:29:c8:31:51:f1:29:31:e5:74:af:72:6f:
                    67:dc:69:ed:3b:88:86:0c:98:04:d7:41:d4:e7:d2:
                    7f:a1:af:96:7b:ff:5d:74:33:e7:d6:72:a6:6a:08:
                    36:65:bc:99:27:43:dc:55:09:56:87:64:5a:84:30:
                    9f:60:09:41:9b:f7:4b:cf:c3:0f:fc:19:4c:c2:94:
                    6b:a7:e2:a9:ca:17:61:f2:dc:34:c5:22:bd:90:66:
                    32:0d:cd:36:f7:13:20:84:dd:d0:28:95:09:53:f2:
                    94:66:dd:b8:2f:3e:88:23:a7:4c:19:e7:f2:53:49:
                    a0:94:a2:1c:1d:ce:12:99:37:62:a7:0c:36:18:c6:
                    25:9e:41:4e:33:d7:fd:d6:3c:d9:5c:93:7b:24:3d:
                    53:5a:98:b0:ae:d8:bc:fe:04:f8:ad:ff:f9:89:ef:
                    53:d3:5e:90:8e:51:97:94:c2:c0:28:52:48:d4:de:
                    b7:38:50:2a:dd:ba:b3:be:de:a2:57:0f:ca:20:c4:
                    75:f2:ad:7d:e9:5d:05:7b:80:fa:68:17:6a:39:2b:
                    9a:4d:34:11:de:81:22:c2:8f:34:db:90:e2:55:51:
                    3a:c3:4d:2d:84:17:b2:57:7b:41:ac:4b:79:05:81:
                    4d:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:B7:CD:9C:EA:58:B6:46:1A:86:AB:7E:B9:18:44:27:52:23:70:2F
            X509v3 Authority Key Identifier:
                keyid:B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/17fNnOpYtkYahqt-uRhEJ1IjcC8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.89.192.0/18
                  185.8.68.0/22
                  188.131.0.0/17
                  193.239.182.0/23
                  217.12.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         44:bf:dd:4e:31:bd:ab:60:6d:fe:d9:c3:56:a4:b1:ab:3d:9c:
         9f:42:f5:29:6e:2a:be:22:16:7d:7d:32:a0:32:4a:e7:e3:61:
         ae:1a:44:fa:66:e8:32:d5:34:39:eb:e0:f1:ca:da:de:df:b7:
         34:4b:2b:66:43:06:e8:18:f9:60:1d:e9:a8:aa:4c:de:7c:3a:
         b8:38:4c:c7:86:5c:23:67:c0:78:c1:31:74:21:61:21:56:dc:
         e4:f2:59:a3:41:41:2b:a0:3b:30:6e:b1:ac:fe:94:35:3a:94:
         ff:85:90:8c:dc:55:dc:3a:77:ab:93:a6:81:05:91:32:b6:fd:
         88:1b:2a:76:90:b7:e3:36:2f:db:c8:2a:71:fa:89:a9:bf:da:
         0d:a9:f7:65:90:38:a4:27:05:3c:5e:7a:25:c1:d8:4d:ff:34:
         ed:c6:dc:39:2e:21:e8:52:44:b5:f2:c7:ac:35:72:72:07:7a:
         8a:dd:b1:b9:50:ac:ae:d5:f1:b7:73:73:c4:08:e4:42:b3:44:
         a1:44:04:f2:11:25:24:4e:de:9d:05:6d:37:7f:eb:8e:bd:48:
         60:ea:06:dc:2a:3f:14:8d:3c:98:5e:41:90:c2:52:a1:93:ea:
         ad:19:5f:19:43:01:9e:fe:a2:9c:3b:7c:2a:8d:41:6b:58:76:
         73:e3:4c:5a
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIDEghpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIw
M2MzMDJjMmY1MjI3N2UzZDBhYjY4NDJmNjhhYTVmOGQwZDc3ODcwHhcNMjIwNjA3
MDgwMzIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkN2I3Y2Q5Y2VhNThi
NjQ2MWE4NmFiN2ViOTE4NDQyNzUyMjM3MDJmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4yXF21OdvcIEGNQ8tI0lmLApyDFR8Skx5XSvcm9n3GntO4iG
DJgE10HU59J/oa+We/9ddDPn1nKmagg2ZbyZJ0PcVQlWh2RahDCfYAlBm/dLz8MP
/BlMwpRrp+Kpyhdh8tw0xSK9kGYyDc029xMghN3QKJUJU/KUZt24Lz6II6dMGefy
U0mglKIcHc4SmTdipww2GMYlnkFOM9f91jzZXJN7JD1TWpiwrti8/gT4rf/5ie9T
016QjlGXlMLAKFJI1N63OFAq3bqzvt6iVw/KIMR18q196V0Fe4D6aBdqOSuaTTQR
3oEiwo8025DiVVE6w00thBeyV3tBrEt5BYFNDQIDAQABo4ICITCCAh0wHQYDVR0O
BBYEFNe3zZzqWLZGGoarfrkYRCdSI3AvMB8GA1UdIwQYMBaAFLA8MCwvUid+PQq2
hC9oql+NDXeHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2EtNmY3MDI0YzNhYWQ3LzEv
MTdmTm5PcFl0a1lhaHF0LXVSaEVKMUlqY0M4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9h
MmVjOWMtOWQ3Ni00ZTk0LTllM2EtNmY3MDI0YzNhYWQ3LzEvc0R3d0xDOVNKMzQ5
Q3JhRUwyaXFYNDBOZDRjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcG
CCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQGTVnAAwQCuQhEAwQHvIMAAwQBwe+2
AwQE2QxwMA0GCSqGSIb3DQEBCwUAA4IBAQBEv91OMb2rYG3+2cNWpLGrPZyfQvUp
biq+IhZ9fTKgMkrn42GuGkT6Zugy1TQ56+Dxytre37c0SytmQwboGPlgHemoqkze
fDq4OEzHhlwjZ8B4wTF0IWEhVtzk8lmjQUEroDswbrGs/pQ1OpT/hZCM3FXcOner
k6aBBZEytv2IGyp2kLfjNi/byCpx+ompv9oNqfdlkDikJwU8XnolwdhN/zTtxtw5
LiHoUkS18sesNXJyB3qK3bG5UKyu1fG3c3PECORCs0ShRATyESUkTt6dBW03f+uO
vUhg6gbcKj8UjTyYXkGQwlKhk+qtGV8ZQwGe/qKcO3wqjUFrWHZz40xa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:41 2024 by rpki-client on console-fra.rpki-client.org