Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/QAe-dLNsEr3w_w4lnmUd3agYfNg.roa
File:                     QAe-dLNsEr3w_w4lnmUd3agYfNg.roa (raw, json)
Hash identifier:          XIEcSVxKv2v8l0r2c+wRBhLvc3s02EUZP/0Kz/ZKUQY=
Subject key identifier:   40:07:BE:74:B3:6C:12:BD:F0:FF:0E:25:9E:65:1D:DD:A8:18:7C:D8
Certificate issuer:       /CN=374e2729b17369890a1512f643cd08e4ba2ff414
Certificate serial:       1BE663
Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/QAe-dLNsEr3w_w4lnmUd3agYfNg.roa
Signing time:             Sat 01 Jan 2022 02:01:09 +0000
ROA not before:           Sat 01 Jan 2022 02:01:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49453
IP address blocks:        178.20.215.0/24 maxlen: 24
                          178.20.214.0/24 maxlen: 24
                          77.243.89.0/24 maxlen: 24
                          77.243.91.0/24 maxlen: 24
                          77.243.88.0/24 maxlen: 24
                          185.101.20.0/24 maxlen: 24
                          185.101.21.0/24 maxlen: 24
                          178.20.213.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1828451 (0x1be663)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414
        Validity
            Not Before: Jan  1 02:01:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4007be74b36c12bdf0ff0e259e651ddda8187cd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:b5:18:d0:bd:60:00:d1:8a:5c:c7:57:8d:e5:
                    76:4f:8a:98:02:e3:44:1d:0e:8f:66:30:b7:46:4c:
                    51:13:28:ec:9e:58:3d:c9:00:26:6c:8a:e2:b4:20:
                    e2:c3:a9:40:d2:47:21:24:72:14:19:b7:0a:0b:08:
                    64:24:7f:63:62:2e:18:e8:7a:da:a9:90:5c:4f:a2:
                    ef:26:17:cf:58:c4:7c:7f:e6:35:d1:22:95:5e:ea:
                    b2:ef:e9:41:70:4a:d7:9a:11:5e:5d:bc:ea:66:31:
                    ec:20:a3:a5:c9:3e:ec:57:7e:0d:1d:b7:70:f8:51:
                    32:a3:0d:02:8d:89:70:5c:e5:92:9c:c6:32:f4:c9:
                    35:44:c0:51:44:1d:a6:fb:32:0e:e7:f7:45:37:f6:
                    61:e3:57:52:9b:02:ad:0b:7a:cf:20:52:2d:3c:5d:
                    43:37:60:09:f5:65:ed:d4:96:5a:56:db:3f:cc:a9:
                    75:aa:85:1c:d2:66:f8:81:9a:4b:61:56:06:13:6a:
                    ab:94:f6:08:ca:f6:4e:6f:84:f6:72:be:a9:f9:eb:
                    ff:a9:a3:43:c0:5f:2b:b5:00:49:e1:c9:1d:14:0e:
                    e8:83:7d:ee:bc:4b:f5:d8:ef:ed:19:a1:ea:49:c5:
                    ee:ce:86:5d:64:5b:dc:b6:d6:f4:b7:67:86:4f:3b:
                    14:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:07:BE:74:B3:6C:12:BD:F0:FF:0E:25:9E:65:1D:DD:A8:18:7C:D8
            X509v3 Authority Key Identifier:
                keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/QAe-dLNsEr3w_w4lnmUd3agYfNg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.243.88.0/23
                  77.243.91.0/24
                  178.20.213.0-178.20.215.255
                  185.101.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ac:2a:29:fc:3f:2b:7c:4d:a3:73:3e:a9:bf:ea:16:d4:ee:0c:
         c0:c1:5b:60:76:20:fc:3c:33:89:32:cc:7d:23:2e:52:d8:df:
         a3:fb:1f:72:ca:1e:ca:9e:09:07:bc:a1:01:33:bf:6d:07:f7:
         5c:1f:5a:e7:38:2f:83:60:ca:bc:75:43:b4:17:ca:cd:4c:9f:
         23:29:cf:bd:b8:65:83:1b:59:d0:9b:54:46:5b:81:65:1e:ca:
         db:c9:c2:c3:b8:3e:de:92:32:8c:fc:b3:8b:63:ca:0a:2e:ac:
         68:fa:aa:34:44:09:f7:6c:91:1f:00:ec:39:03:a7:bb:a3:5a:
         4f:dc:85:44:b3:19:a4:03:46:32:12:4b:91:83:4c:34:98:2f:
         5f:3e:7f:e2:d0:19:1f:eb:b8:3b:14:ba:11:3d:a6:40:53:a2:
         5a:fb:d5:a3:28:7a:84:50:28:d7:58:4b:bb:97:90:ba:2e:42:
         52:c9:62:98:e0:16:6d:e0:dc:29:cb:d9:45:2f:db:5f:5e:66:
         5e:6b:53:f7:ed:9b:b2:96:d5:24:6e:4a:c8:11:01:ae:5a:67:
         51:bf:ee:ba:62:ce:38:2e:91:c6:1d:c9:17:39:2d:51:e5:d9:
         7d:c0:b2:db:fa:b7:dc:83:0e:a6:93:f7:95:6f:0f:98:a9:48:
         49:82:d8:16
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIDG+ZjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM3
NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEyZmY0MTQwHhcNMjIwMTAx
MDIwMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0MDA3YmU3NGIzNmMx
MmJkZjBmZjBlMjU5ZTY1MWRkZGE4MTg3Y2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuLUY0L1gANGKXMdXjeV2T4qYAuNEHQ6PZjC3RkxREyjsnlg9
yQAmbIritCDiw6lA0kchJHIUGbcKCwhkJH9jYi4Y6HraqZBcT6LvJhfPWMR8f+Y1
0SKVXuqy7+lBcErXmhFeXbzqZjHsIKOlyT7sV34NHbdw+FEyow0CjYlwXOWSnMYy
9Mk1RMBRRB2m+zIO5/dFN/Zh41dSmwKtC3rPIFItPF1DN2AJ9WXt1JZaVts/zKl1
qoUc0mb4gZpLYVYGE2qrlPYIyvZOb4T2cr6p+ev/qaNDwF8rtQBJ4ckdFA7og33u
vEv12O/tGaHqScXuzoZdZFvcttb0t2eGTzsUDwIDAQABo4ICIzCCAh8wHQYDVR0O
BBYEFEAHvnSzbBK98P8OJZ5lHd2oGHzYMB8GA1UdIwQYMBaAFDdOJymxc2mJChUS
9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4LzEv
UUFlLWRMTnNFcjN3X3c0bG5tVWQzYWdZZk5nLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85
NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4LzEvTjA0bktiRnphWWtL
RlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDkG
CCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBTfNYAwQATfNbMAwDBACyFNUDBAOy
FNADBAG5ZRQwDQYJKoZIhvcNAQELBQADggEBAKwqKfw/K3xNo3M+qb/qFtTuDMDB
W2B2IPw8M4kyzH0jLlLY36P7H3LKHsqeCQe8oQEzv20H91wfWuc4L4Ngyrx1Q7QX
ys1MnyMpz724ZYMbWdCbVEZbgWUeytvJwsO4Pt6SMoz8s4tjygourGj6qjRECfds
kR8A7DkDp7ujWk/chUSzGaQDRjISS5GDTDSYL18+f+LQGR/ruDsUuhE9pkBTolr7
1aMoeoRQKNdYS7uXkLouQlLJYpjgFm3g3CnL2UUv219eZl5rU/ftm7KW1SRuSsgR
Aa5aZ1G/7rpizjgukcYdyRc5LVHl2X3Astv6t9yDDqaT95VvD5ipSEmC2BY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:57 2024 by rpki-client on console-ams.rpki-client.org