Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/i4A7A9ypxD2a9VRBjHzFnI7-K1Q.roa
File:                     i4A7A9ypxD2a9VRBjHzFnI7-K1Q.roa (raw, json)
Hash identifier:          DzTKTf3ldh1mW3iKMEEW7eITQ1sEQCUW0cfL7bm2EVc=
Subject key identifier:   8B:80:3B:03:DC:A9:C4:3D:9A:F5:54:41:8C:7C:C5:9C:8E:FE:2B:54
Certificate issuer:       /CN=682c842dfa2a1e714727bccb95f165347103f277
Certificate serial:       1688DF36
Authority key identifier: 68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/i4A7A9ypxD2a9VRBjHzFnI7-K1Q.roa
Signing time:             Sat 01 Jan 2022 09:01:33 +0000
ROA not before:           Sat 01 Jan 2022 09:01:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25037
IP address blocks:        77.80.128.0/17 maxlen: 17
                          2a05:2242::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 378068790 (0x1688df36)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=682c842dfa2a1e714727bccb95f165347103f277
        Validity
            Not Before: Jan  1 09:01:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8b803b03dca9c43d9af554418c7cc59c8efe2b54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:8d:52:c1:60:0c:e1:e7:19:16:57:9e:b1:dd:
                    0f:42:31:49:b0:2f:4f:1e:20:95:6f:86:0b:66:27:
                    8e:78:d5:43:c8:1c:82:47:5d:e6:63:eb:5e:58:a4:
                    a3:6b:9b:8c:6d:ae:22:5c:35:5f:65:d3:f9:2d:1f:
                    ae:da:23:aa:08:8c:f7:5b:65:35:03:b5:0f:84:38:
                    87:74:d3:1e:57:0b:96:58:15:80:6a:94:3c:0c:74:
                    f5:ef:b4:0b:c7:4e:93:9a:ce:f1:c7:23:fc:ce:fa:
                    1b:44:da:6a:d8:4d:4f:6c:b7:04:31:30:43:d0:8d:
                    65:21:a3:4b:3f:1c:44:5e:e7:43:a3:2f:ea:74:b0:
                    90:17:58:2f:76:d7:b5:c4:aa:a6:49:1b:22:06:06:
                    74:4a:85:a9:74:80:b1:4e:72:c8:77:d4:4a:ff:aa:
                    10:1b:3a:76:c1:cc:f9:95:83:05:f9:0f:20:70:1c:
                    2b:9d:75:c5:30:c5:ec:1e:47:53:59:7b:7b:bb:5e:
                    26:f5:8e:c5:54:62:a9:41:30:e6:ec:fb:ca:ce:cc:
                    8a:04:5b:bd:73:bc:4b:8c:a2:b9:ed:85:62:84:15:
                    9b:2e:d0:f7:8d:02:a7:fa:e8:c2:64:4c:c9:6e:ac:
                    82:4c:09:de:e9:cd:18:a5:21:ce:b8:6e:68:4d:b4:
                    27:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:80:3B:03:DC:A9:C4:3D:9A:F5:54:41:8C:7C:C5:9C:8E:FE:2B:54
            X509v3 Authority Key Identifier:
                keyid:68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/i4A7A9ypxD2a9VRBjHzFnI7-K1Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.80.128.0/17
                IPv6:
                  2a05:2242::/32

    Signature Algorithm: sha256WithRSAEncryption
         64:ad:4d:aa:91:7a:a3:2c:35:fd:13:21:ad:bc:10:29:21:dc:
         52:36:87:da:f1:86:37:8f:eb:4c:cb:4e:b6:5e:5f:4b:60:52:
         5b:38:8a:d6:21:c9:c5:75:ac:e9:d1:21:58:17:bc:bf:d7:48:
         16:7a:f6:e0:7f:b7:c1:14:f8:9b:79:ef:91:67:b8:ca:b8:2b:
         07:d2:97:d5:13:6c:d8:16:19:3d:06:80:0a:71:5a:1e:09:e4:
         76:85:47:ee:24:07:25:8c:27:d0:fd:5b:3d:9c:17:0b:d4:3e:
         e2:7f:ff:dd:56:03:58:c8:cc:4f:29:32:5a:89:ab:23:ee:b1:
         cc:0a:f9:a8:6e:70:b7:0b:57:24:0b:b0:31:20:bb:ea:2a:9f:
         4e:41:b9:0d:c8:13:77:2d:08:b4:ab:89:6d:48:60:48:49:83:
         bc:5c:2b:25:95:15:75:50:9d:e1:b1:bb:6d:78:e9:cf:35:04:
         d5:7f:1e:56:47:6b:ef:c6:34:b0:41:be:47:4a:da:0b:b0:56:
         82:0a:bf:61:2e:8c:d2:44:48:6f:55:a4:d9:01:36:fc:2f:04:
         3b:9e:ec:52:41:9c:d8:02:92:2a:ad:71:58:07:21:6c:01:21:
         a2:76:cc:f7:72:85:9f:3c:ad:52:47:4b:98:7c:d8:b1:4c:df:
         c7:bb:63:8f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFojfNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODJjODQyZGZhMmExZTcxNDcyN2JjY2I5NWYxNjUzNDcxMDNmMjc3MB4XDTIyMDEw
MTA5MDEzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI4MDNiMDNkY2E5
YzQzZDlhZjU1NDQxOGM3Y2M1OWM4ZWZlMmI1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuNUsFgDOHnGRZXnrHdD0IxSbAvTx4glW+GC2YnjnjVQ8gc
gkdd5mPrXliko2ubjG2uIlw1X2XT+S0frtojqgiM91tlNQO1D4Q4h3TTHlcLllgV
gGqUPAx09e+0C8dOk5rO8ccj/M76G0TaathNT2y3BDEwQ9CNZSGjSz8cRF7nQ6Mv
6nSwkBdYL3bXtcSqpkkbIgYGdEqFqXSAsU5yyHfUSv+qEBs6dsHM+ZWDBfkPIHAc
K511xTDF7B5HU1l7e7teJvWOxVRiqUEw5uz7ys7MigRbvXO8S4yiue2FYoQVmy7Q
940Cp/rowmRMyW6sgkwJ3unNGKUhzrhuaE20J3cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSLgDsD3KnEPZr1VEGMfMWcjv4rVDAfBgNVHSMEGDAWgBRoLIQt+ioecUcn
vMuV8WU0cQPydzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FDeUVMZm9xSG5GSEo3ekxsZkZsTkhFRDhuYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvMDAwNDY1LTgzY2ItNDFiNC04ZTYwLTA4ZDY1YjM4NjM5ZC8x
L2k0QTdBOXlweEQyYTlWUkJqSHpGbkk3LUsxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
MDAwNDY1LTgzY2ItNDFiNC04ZTYwLTA4ZDY1YjM4NjM5ZC8xL2FDeUVMZm9xSG5G
SEo3ekxsZkZsTkhFRDhuYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEB01QgDANBAIAAjAHAwUAKgUiQjAN
BgkqhkiG9w0BAQsFAAOCAQEAZK1NqpF6oyw1/RMhrbwQKSHcUjaH2vGGN4/rTMtO
tl5fS2BSWziK1iHJxXWs6dEhWBe8v9dIFnr24H+3wRT4m3nvkWe4yrgrB9KX1RNs
2BYZPQaACnFaHgnkdoVH7iQHJYwn0P1bPZwXC9Q+4n//3VYDWMjMTykyWomrI+6x
zAr5qG5wtwtXJAuwMSC76iqfTkG5DcgTdy0ItKuJbUhgSEmDvFwrJZUVdVCd4bG7
bXjpzzUE1X8eVkdr78Y0sEG+R0raC7BWggq/YS6M0kRIb1Wk2QE2/C8EO57sUkGc
2AKSKq1xWAchbAEhonbM93KFnzytUkdLmHzYsUzfx7tjjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:59 2024 by rpki-client on console-fra.rpki-client.org