Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/1eWSgm8v63xxyF0tHz5Not8rHwQ.roa
File:                     1eWSgm8v63xxyF0tHz5Not8rHwQ.roa (raw, json)
Hash identifier:          LUlqxL5ncMB6e3KUsqJAHUnN+GLC9RHcS/ZSSMQPRXc=
Subject key identifier:   D5:E5:92:82:6F:2F:EB:7C:71:C8:5D:2D:1F:3E:4D:A2:DF:2B:1F:04
Certificate issuer:       /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial:       1C3D216E
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/1eWSgm8v63xxyF0tHz5Not8rHwQ.roa
Signing time:             Sat 01 Jan 2022 07:55:37 +0000
ROA not before:           Sat 01 Jan 2022 07:55:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     136744
IP address blocks:        77.47.242.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 473768302 (0x1c3d216e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19426325acb8ce609a686fa655b058968809b346
        Validity
            Not Before: Jan  1 07:55:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d5e592826f2feb7c71c85d2d1f3e4da2df2b1f04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a7:63:2e:19:e4:ac:75:5b:0b:ea:12:93:fb:
                    1c:43:fd:d6:c4:2f:9b:fe:22:2d:78:5a:17:ef:6a:
                    94:ae:67:72:f3:49:24:3d:a2:df:6b:a1:2d:18:ad:
                    4c:0a:66:20:f6:81:97:25:72:e0:2a:6f:3b:61:20:
                    72:b6:4f:af:c3:ef:63:5d:ff:97:d9:3c:cd:cb:10:
                    d0:75:b1:79:df:0a:1c:98:90:b2:84:a6:32:c1:0f:
                    77:9f:c3:de:10:6a:36:75:10:60:f0:f4:f8:23:29:
                    db:3b:4d:0f:f7:e9:82:eb:88:e1:22:0d:bf:ae:6d:
                    c8:5d:15:d8:d5:dd:f2:46:7c:56:9d:5c:75:0c:f9:
                    aa:2f:16:ae:6d:dd:56:3a:df:53:8e:59:e4:15:e3:
                    68:83:a8:22:a2:ab:a8:17:55:e9:03:35:e6:15:ca:
                    0e:50:a4:06:74:d0:37:83:14:4f:73:1f:fc:21:28:
                    2f:a6:0f:fa:0f:43:1e:8d:75:fe:46:b9:98:0a:57:
                    6f:1c:88:8b:c7:62:fc:21:95:e6:8f:36:9a:53:64:
                    f4:5c:94:0b:df:f1:9a:93:ee:e9:71:8b:6f:d4:6b:
                    62:f2:4f:8f:fc:bd:a1:3c:1c:f2:fc:a1:85:bf:7e:
                    3d:d2:dd:ad:d2:93:54:06:7b:92:b0:10:1d:f6:ec:
                    52:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:E5:92:82:6F:2F:EB:7C:71:C8:5D:2D:1F:3E:4D:A2:DF:2B:1F:04
            X509v3 Authority Key Identifier:
                keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/1eWSgm8v63xxyF0tHz5Not8rHwQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.47.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         59:ab:25:9c:0c:07:73:40:3d:69:e7:93:9f:bc:a1:61:1d:60:
         4f:3d:a0:32:9b:56:6f:fd:23:75:ea:98:83:3f:14:59:cb:8c:
         a0:4a:2a:de:fe:9c:46:93:fd:b6:78:7a:e5:46:ed:be:ca:b5:
         89:f6:34:e9:ee:de:5b:0e:06:be:15:17:ef:57:35:2f:64:ab:
         bd:91:37:97:2c:97:8b:dd:69:3d:69:58:59:70:79:6a:51:cb:
         f9:ca:3c:ea:6f:df:ae:dc:0e:9e:e7:8b:1d:0f:e1:94:b6:84:
         16:ef:1f:ab:e3:5f:ef:28:f4:47:d3:ff:ef:03:b6:f7:dd:05:
         bd:5d:ff:7c:b4:bc:1b:24:64:90:d6:8b:5b:56:14:ce:f0:c8:
         99:f5:4f:ed:74:9a:dd:4e:80:e7:29:70:d6:df:5c:8f:ed:71:
         2e:13:96:05:9c:70:29:b9:e1:02:11:19:0b:84:07:11:4f:b0:
         1c:1a:32:eb:a2:d9:9e:b3:00:4b:be:0a:77:4e:8c:1d:bc:11:
         3c:9e:87:f0:e8:27:3e:42:41:8b:9e:7f:8c:5a:f9:ab:5e:54:
         02:58:ea:17:95:17:40:2d:25:79:9d:48:3b:01:9a:1a:ef:79:
         11:6d:f3:bd:9a:89:a7:d9:5c:63:ae:5b:11:46:27:69:23:75:
         17:a5:61:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHD0hbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDEw
MTA3NTUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVlNTkyODI2ZjJm
ZWI3YzcxYzg1ZDJkMWYzZTRkYTJkZjJiMWYwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGnYy4Z5Kx1WwvqEpP7HEP91sQvm/4iLXhaF+9qlK5ncvNJ
JD2i32uhLRitTApmIPaBlyVy4CpvO2EgcrZPr8PvY13/l9k8zcsQ0HWxed8KHJiQ
soSmMsEPd5/D3hBqNnUQYPD0+CMp2ztND/fpguuI4SINv65tyF0V2NXd8kZ8Vp1c
dQz5qi8Wrm3dVjrfU45Z5BXjaIOoIqKrqBdV6QM15hXKDlCkBnTQN4MUT3Mf/CEo
L6YP+g9DHo11/ka5mApXbxyIi8di/CGV5o82mlNk9FyUC9/xmpPu6XGLb9RrYvJP
j/y9oTwc8vyhhb9+PdLdrdKTVAZ7krAQHfbsUvECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTV5ZKCby/rfHHIXS0fPk2i3ysfBDAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
LzFlV1NnbTh2NjN4eHlGMHRIejVOb3Q4ckh3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU0v8jANBgkqhkiG9w0BAQsFAAOC
AQEAWaslnAwHc0A9aeeTn7yhYR1gTz2gMptWb/0jdeqYgz8UWcuMoEoq3v6cRpP9
tnh65Ubtvsq1ifY06e7eWw4GvhUX71c1L2SrvZE3lyyXi91pPWlYWXB5alHL+co8
6m/frtwOnueLHQ/hlLaEFu8fq+Nf7yj0R9P/7wO2990FvV3/fLS8GyRkkNaLW1YU
zvDImfVP7XSa3U6A5ylw1t9cj+1xLhOWBZxwKbnhAhEZC4QHEU+wHBoy66LZnrMA
S74Kd06MHbwRPJ6H8OgnPkJBi55/jFr5q15UAljqF5UXQC0leZ1IOwGaGu95EW3z
vZqJp9lcY65bEUYnaSN1F6Vhqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org