Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/9rXp7ymL3SMtbCoGFNwkLHfCRuM.roa
File:                     9rXp7ymL3SMtbCoGFNwkLHfCRuM.roa (raw, json)
Hash identifier:          d+Nc+dHI6whrtVIsPEwrdjGP9a4Bnnna1Wz52m0SUP4=
Subject key identifier:   F6:B5:E9:EF:29:8B:DD:23:2D:6C:2A:06:14:DC:24:2C:77:C2:46:E3
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       2B23BA52
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/9rXp7ymL3SMtbCoGFNwkLHfCRuM.roa
Signing time:             Sat 01 Jan 2022 13:58:20 +0000
ROA not before:           Sat 01 Jan 2022 13:58:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212915
IP address blocks:        77.65.170.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 723761746 (0x2b23ba52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 13:58:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f6b5e9ef298bdd232d6c2a0614dc242c77c246e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a0:60:14:0c:31:9b:dc:89:a3:a9:b8:ff:2b:
                    76:d2:3c:df:61:37:59:73:3b:e1:21:7c:05:f7:8d:
                    c9:51:96:c9:8a:61:df:76:25:d1:b6:9e:e8:fd:ea:
                    f9:54:e7:b9:24:76:35:f6:5b:ea:93:e7:8f:4b:ce:
                    52:14:1f:2c:8b:14:45:ba:d9:52:02:a1:d7:e7:cf:
                    f9:af:e0:a7:12:19:4e:ca:a9:e8:d4:59:09:26:66:
                    1c:38:c0:e7:95:89:13:3f:0b:23:a3:19:4a:06:bc:
                    70:0a:44:d5:21:6e:65:88:49:da:77:f2:73:34:7c:
                    37:fa:a8:bf:7c:e2:5f:f4:d8:c8:ed:6a:1b:13:c3:
                    a8:bc:0a:6d:61:57:a9:a6:29:20:81:db:df:a4:8d:
                    ea:38:8b:22:89:8b:93:5d:de:1c:f1:b8:66:53:37:
                    08:0e:86:59:eb:b3:56:83:31:6a:50:a8:0f:81:8d:
                    dc:39:24:05:92:19:5e:59:d8:16:95:56:c7:64:28:
                    08:2f:7c:71:c5:1f:a1:aa:e1:d2:14:d8:5f:fb:f9:
                    00:26:53:a7:05:af:eb:46:d1:a1:c4:61:69:24:1a:
                    6f:c2:38:42:02:c5:12:7d:46:c7:c3:93:1f:b2:6c:
                    7b:65:36:d3:09:dc:3c:b1:1d:93:38:19:3f:c1:d0:
                    a1:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:B5:E9:EF:29:8B:DD:23:2D:6C:2A:06:14:DC:24:2C:77:C2:46:E3
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/9rXp7ymL3SMtbCoGFNwkLHfCRuM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.65.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:40:bd:2a:58:c8:eb:de:b7:b6:97:8a:7a:64:b7:3b:1f:95:
         33:3b:2a:8d:67:b0:26:f6:7f:cb:4f:8d:bc:92:40:f6:c7:df:
         19:c1:38:6f:82:60:c8:95:68:5c:74:64:fa:eb:26:d5:ec:47:
         31:c9:77:40:14:c2:50:08:6c:32:62:5c:05:78:41:83:82:f1:
         e6:11:d1:71:a8:27:d8:0d:3d:fe:c8:fe:1c:a1:9d:69:a7:9d:
         0e:65:14:4b:31:67:fa:0b:12:a3:90:99:51:ff:e6:62:92:3e:
         5b:ef:ac:75:69:9b:ef:f6:8f:1c:0f:53:56:27:26:59:11:e1:
         4b:5f:45:91:f4:ec:93:a5:d7:a8:e0:f9:4e:3f:5a:6c:e5:4d:
         4c:f2:97:ef:60:39:9c:5e:9b:5c:da:4b:c3:75:42:e5:ae:6f:
         b3:a9:d3:4d:a0:fe:d9:72:2f:ab:df:72:75:b2:93:6f:1f:d1:
         29:12:b2:f1:fa:52:98:f2:49:69:9f:c2:b6:9d:95:63:1d:b2:
         7a:ed:98:d6:10:60:42:c3:90:57:25:3e:aa:05:a2:12:4d:39:
         9c:8f:f1:46:0c:da:3f:ef:85:87:62:2a:f9:ff:3a:62:62:f8:
         32:70:f1:bb:b5:ad:cc:b3:57:c3:59:d1:6f:a8:42:f0:f6:e3:
         1d:96:51:05
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKyO6UjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZiNWU5ZWYyOThi
ZGQyMzJkNmMyYTA2MTRkYzI0MmM3N2MyNDZlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMigYBQMMZvciaOpuP8rdtI832E3WXM74SF8BfeNyVGWyYph
33Yl0bae6P3q+VTnuSR2NfZb6pPnj0vOUhQfLIsURbrZUgKh1+fP+a/gpxIZTsqp
6NRZCSZmHDjA55WJEz8LI6MZSga8cApE1SFuZYhJ2nfyczR8N/qov3ziX/TYyO1q
GxPDqLwKbWFXqaYpIIHb36SN6jiLIomLk13eHPG4ZlM3CA6GWeuzVoMxalCoD4GN
3DkkBZIZXlnYFpVWx2QoCC98ccUfoarh0hTYX/v5ACZTpwWv60bRocRhaSQab8I4
QgLFEn1Gx8OTH7Jse2U20wncPLEdkzgZP8HQoU0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT2tenvKYvdIy1sKgYU3CQsd8JG4zAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
LzlyWHA3eW1MM1NNdGJDb0dGTndrTEhmQ1J1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE1BqjANBgkqhkiG9w0BAQsFAAOC
AQEAWUC9KljI6963tpeKemS3Ox+VMzsqjWewJvZ/y0+NvJJA9sffGcE4b4JgyJVo
XHRk+usm1exHMcl3QBTCUAhsMmJcBXhBg4Lx5hHRcagn2A09/sj+HKGdaaedDmUU
SzFn+gsSo5CZUf/mYpI+W++sdWmb7/aPHA9TVicmWRHhS19FkfTsk6XXqOD5Tj9a
bOVNTPKX72A5nF6bXNpLw3VC5a5vs6nTTaD+2XIvq99ydbKTbx/RKRKy8fpSmPJJ
aZ/Ctp2VYx2yeu2Y1hBgQsOQVyU+qgWiEk05nI/xRgzaP++Fh2Iq+f86YmL4MnDx
u7WtzLNXw1nRb6hC8PbjHZZRBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:21 2024 by rpki-client on console-ams.rpki-client.org