Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/LquF4tCuc1O2xMZWyRl9TEvl9VY.roa
File:                     LquF4tCuc1O2xMZWyRl9TEvl9VY.roa (raw, json)
Hash identifier:          A6TgGzWFMrQsUQxm1QtibG4mDyXlBsoEwF3nya+cZe4=
Subject key identifier:   2E:AB:85:E2:D0:AE:73:53:B6:C4:C6:56:C9:19:7D:4C:4B:E5:F5:56
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       2BA0C94F
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/LquF4tCuc1O2xMZWyRl9TEvl9VY.roa
Signing time:             Tue 22 Feb 2022 05:13:25 +0000
ROA not before:           Tue 22 Feb 2022 05:13:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210910
IP address blocks:        77.65.152.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 731957583 (0x2ba0c94f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Feb 22 05:13:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2eab85e2d0ae7353b6c4c656c9197d4c4be5f556
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:8b:ce:5b:bf:0a:4e:2a:d6:3c:f6:cc:33:0e:
                    c1:5e:78:27:1b:7a:86:60:20:3a:35:57:a2:25:e3:
                    07:31:e5:13:41:37:d7:9f:4f:89:70:b1:55:f3:fc:
                    54:e8:a2:43:03:0b:56:c0:93:c4:66:c3:1c:77:3a:
                    aa:82:4e:65:ab:e0:f6:4c:34:72:e9:bd:a0:2a:35:
                    17:4c:d7:b0:d0:bf:78:a1:76:7c:60:f7:c7:b7:20:
                    92:cf:3f:0c:10:10:f6:9d:dd:2e:9e:04:3b:d6:2c:
                    6c:23:4e:10:b4:02:16:2c:82:4e:76:6d:cf:ea:8b:
                    41:77:ef:bd:d1:16:42:77:4b:9f:7d:dd:e3:98:9c:
                    d1:0e:f8:7e:8a:9f:ba:7f:a8:00:66:62:a4:4a:72:
                    8c:f8:97:dc:8d:81:81:ec:bc:fb:da:be:e1:d8:ad:
                    a3:c3:36:f8:51:01:c8:e9:0e:a2:81:94:26:6f:3a:
                    e6:48:01:31:23:aa:d7:04:5b:ad:8d:2a:14:b5:22:
                    05:51:21:ff:8d:96:40:4c:9a:27:33:ff:27:8a:ff:
                    23:01:ef:90:6d:0f:63:96:25:80:e0:b3:44:2a:82:
                    3a:d6:c0:c0:39:bb:77:b7:67:97:e3:e1:2a:83:8f:
                    90:0f:85:f1:0a:de:1d:a5:06:12:56:0c:db:32:91:
                    b9:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:AB:85:E2:D0:AE:73:53:B6:C4:C6:56:C9:19:7D:4C:4B:E5:F5:56
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/LquF4tCuc1O2xMZWyRl9TEvl9VY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.65.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:e0:02:06:ec:64:39:1f:33:80:de:ad:0d:36:0b:ca:91:c4:
         39:25:52:44:40:52:39:91:d7:7e:cd:69:bf:a3:08:7e:86:cd:
         ee:ee:2c:02:20:33:38:fc:8e:95:0a:37:46:7a:f2:e0:3c:84:
         30:2c:86:fc:49:c8:b2:23:8b:a8:8e:07:b5:15:83:f3:26:d6:
         14:11:90:3c:fa:7d:5b:ef:e1:72:43:02:64:63:d9:be:20:b4:
         18:39:5c:e6:23:b6:e0:fd:5c:f4:75:fe:67:b4:00:cc:ef:c1:
         b7:1d:61:49:88:43:79:22:bc:dc:cf:2a:b8:25:cd:b0:42:f6:
         63:10:64:04:14:57:d2:9e:6e:5b:c4:48:64:a7:da:63:16:e1:
         aa:b1:24:fa:87:ce:b4:7c:b6:4e:20:b1:03:e1:fa:d4:ef:71:
         b7:29:4b:14:c9:4f:78:b0:c5:61:20:b8:77:05:5c:85:19:ce:
         9f:6c:73:a1:89:70:fc:1b:03:d9:47:b9:97:68:72:0a:b9:30:
         b3:08:84:92:6a:1c:26:2b:dd:6c:63:a2:78:47:27:d2:a4:b5:
         4d:90:35:34:65:0d:7a:e8:22:04:ab:61:4e:a2:6a:6d:0a:b3:
         69:25:28:19:d4:6a:cf:96:ed:a1:71:d2:5d:75:18:33:b1:0d:
         03:ce:26:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEK6DJTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDIy
MjA1MTMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVhYjg1ZTJkMGFl
NzM1M2I2YzRjNjU2YzkxOTdkNGM0YmU1ZjU1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPGLzlu/Ck4q1jz2zDMOwV54Jxt6hmAgOjVXoiXjBzHlE0E3
159PiXCxVfP8VOiiQwMLVsCTxGbDHHc6qoJOZavg9kw0cum9oCo1F0zXsNC/eKF2
fGD3x7cgks8/DBAQ9p3dLp4EO9YsbCNOELQCFiyCTnZtz+qLQXfvvdEWQndLn33d
45ic0Q74foqfun+oAGZipEpyjPiX3I2Bgey8+9q+4dito8M2+FEByOkOooGUJm86
5kgBMSOq1wRbrY0qFLUiBVEh/42WQEyaJzP/J4r/IwHvkG0PY5YlgOCzRCqCOtbA
wDm7d7dnl+PhKoOPkA+F8QreHaUGElYM2zKRuesCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQuq4Xi0K5zU7bExlbJGX1MS+X1VjAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L0xxdUY0dEN1YzFPMnhNWld5Umw5VEV2bDlWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE1BmDANBgkqhkiG9w0BAQsFAAOC
AQEAN+ACBuxkOR8zgN6tDTYLypHEOSVSREBSOZHXfs1pv6MIfobN7u4sAiAzOPyO
lQo3Rnry4DyEMCyG/EnIsiOLqI4HtRWD8ybWFBGQPPp9W+/hckMCZGPZviC0GDlc
5iO24P1c9HX+Z7QAzO/Btx1hSYhDeSK83M8quCXNsEL2YxBkBBRX0p5uW8RIZKfa
YxbhqrEk+ofOtHy2TiCxA+H61O9xtylLFMlPeLDFYSC4dwVchRnOn2xzoYlw/BsD
2Ue5l2hyCrkwswiEkmocJivdbGOieEcn0qS1TZA1NGUNeugiBKthTqJqbQqzaSUo
GdRqz5btoXHSXXUYM7ENA84mtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:21 2024 by rpki-client on console-ams.rpki-client.org