Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/YrBW-qaaXZI_jphbWK6LabNDH1k.roa
File:                     YrBW-qaaXZI_jphbWK6LabNDH1k.roa (raw, json)
Hash identifier:          fZM+/luIJHDlc9zpFzGkL9JuG6BRgzah0QCrC98Usok=
Subject key identifier:   62:B0:56:FA:A6:9A:5D:92:3F:8E:98:5B:58:AE:8B:69:B3:43:1F:59
Certificate issuer:       /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial:       03203F50
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/YrBW-qaaXZI_jphbWK6LabNDH1k.roa
Signing time:             Sat 01 Jan 2022 01:54:22 +0000
ROA not before:           Sat 01 Jan 2022 01:54:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47721
IP address blocks:        78.135.77.0/24 maxlen: 32
                          78.135.90.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52445008 (0x3203f50)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
        Validity
            Not Before: Jan  1 01:54:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62b056faa69a5d923f8e985b58ae8b69b3431f59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:cb:72:b5:de:3a:e9:04:2c:1f:a6:0c:39:24:
                    2d:02:cf:02:71:e6:f9:a7:fd:0c:70:a4:48:cf:41:
                    39:13:f7:c4:b1:46:19:72:22:0b:c0:56:cf:d0:72:
                    e1:84:2e:41:bd:69:71:66:08:53:96:a5:25:de:86:
                    d6:8a:28:8e:e3:b1:34:6a:61:61:35:84:98:00:fb:
                    75:c2:26:5b:72:19:c6:89:dd:74:fa:ea:f2:c9:68:
                    e3:a1:ac:d1:5e:95:0b:e2:8a:df:86:c4:da:e2:15:
                    87:84:e4:ed:78:d2:69:14:82:45:da:b1:02:12:b9:
                    78:cc:cf:2d:86:09:f3:b7:dd:7f:b1:32:c3:a0:79:
                    a0:f3:88:1a:7f:cc:56:52:43:b9:46:41:dc:ce:20:
                    8e:c1:f6:0c:40:9a:ef:8c:d1:04:3d:66:8c:c0:96:
                    96:6e:5f:a7:32:4a:f8:15:9f:f3:2c:ae:d4:0f:e3:
                    19:25:ce:07:70:7b:da:d2:19:27:6c:91:db:29:0b:
                    4e:b9:97:a1:0a:38:90:f9:90:fc:ce:a8:ed:91:68:
                    6c:22:82:31:67:b6:40:e7:fb:9b:3d:53:8b:23:a4:
                    fb:98:1e:46:9a:4f:67:79:31:a5:79:5b:b9:f4:a7:
                    0f:9a:f2:c5:9f:48:eb:eb:88:db:bf:c9:1a:35:41:
                    ee:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B0:56:FA:A6:9A:5D:92:3F:8E:98:5B:58:AE:8B:69:B3:43:1F:59
            X509v3 Authority Key Identifier:
                keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/YrBW-qaaXZI_jphbWK6LabNDH1k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.135.77.0/24
                  78.135.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:d0:2e:33:69:e3:83:4a:9f:0b:d7:f6:fd:7a:6c:74:7c:86:
         20:84:1b:72:43:f3:c5:e3:cf:48:ea:8d:3c:25:c4:36:bc:bc:
         5f:65:4f:f7:89:fa:ca:b5:23:08:31:73:2e:ec:ae:ca:20:b1:
         26:e8:1d:9d:72:d0:12:16:e3:59:3c:ff:c4:08:ca:4e:31:4e:
         d6:4d:19:10:58:ec:42:94:80:7e:b8:d1:97:29:15:f6:c3:56:
         6b:f1:55:23:f8:fc:d1:2c:7b:c2:54:8c:e7:6a:40:f4:54:01:
         4f:ee:63:2f:81:a6:39:fc:00:8b:6d:e8:2a:d3:cf:4f:4e:7d:
         f1:a3:5e:df:53:5f:75:7c:8a:b1:4d:d0:f3:35:e1:2d:03:32:
         cc:5b:76:db:7b:4f:b3:42:7f:71:55:8a:4c:1a:43:72:d6:f1:
         de:b2:a6:b4:3d:c7:52:ed:bd:85:8f:1b:46:26:1b:10:e9:2d:
         a7:18:f0:70:51:7c:8f:92:c1:7f:b1:4f:63:8b:61:8f:4f:4f:
         32:a5:36:c4:01:0b:87:e3:aa:cf:5b:d1:1a:63:1b:c2:f4:60:
         05:12:e9:b4:a0:0e:37:c2:cb:71:ce:14:c8:a1:01:43:b4:65:
         57:fe:2d:b4:e6:55:e4:0e:6d:ca:ce:6a:51:03:d9:f0:4b:5e:
         a3:ac:56:bc
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAyA/UDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWQ1NzQ0N2UzNDIwYjg1Mzg3NWI2ZmE0MDM3MmFhZGUzMTkyY2EyMB4XDTIyMDEw
MTAxNTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJiMDU2ZmFhNjlh
NWQ5MjNmOGU5ODViNThhZThiNjliMzQzMWY1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7LcrXeOukELB+mDDkkLQLPAnHm+af9DHCkSM9BORP3xLFG
GXIiC8BWz9By4YQuQb1pcWYIU5alJd6G1ooojuOxNGphYTWEmAD7dcImW3IZxond
dPrq8slo46Gs0V6VC+KK34bE2uIVh4Tk7XjSaRSCRdqxAhK5eMzPLYYJ87fdf7Ey
w6B5oPOIGn/MVlJDuUZB3M4gjsH2DECa74zRBD1mjMCWlm5fpzJK+BWf8yyu1A/j
GSXOB3B72tIZJ2yR2ykLTrmXoQo4kPmQ/M6o7ZFobCKCMWe2QOf7mz1TiyOk+5ge
RppPZ3kxpXlbufSnD5ryxZ9I6+uI27/JGjVB7qcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRisFb6pppdkj+OmFtYrotps0MfWTAfBgNVHSMEGDAWgBTJ1XRH40ILhTh1
tvpANyqt4xksojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lkVjBSLU5DQzRVNGRiYjZRRGNxcmVNWkxLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvMTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8x
L1lyQlctcWFhWFpJX2pwaGJXSzZMYWJOREgxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
MTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8xL3lkVjBSLU5DQzRV
NGRiYjZRRGNxcmVNWkxLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAE6HTQMEAE6HWjANBgkqhkiG9w0B
AQsFAAOCAQEAqNAuM2njg0qfC9f2/XpsdHyGIIQbckPzxePPSOqNPCXENry8X2VP
94n6yrUjCDFzLuyuyiCxJugdnXLQEhbjWTz/xAjKTjFO1k0ZEFjsQpSAfrjRlykV
9sNWa/FVI/j80Sx7wlSM52pA9FQBT+5jL4GmOfwAi23oKtPPT0598aNe31NfdXyK
sU3Q8zXhLQMyzFt223tPs0J/cVWKTBpDctbx3rKmtD3HUu29hY8bRiYbEOktpxjw
cFF8j5LBf7FPY4thj09PMqU2xAELh+Oqz1vRGmMbwvRgBRLptKAON8LLcc4UyKEB
Q7RlV/4ttOZV5A5tys5qUQPZ8Eteo6xWvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org