Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/pRjunHmpM-stmDY1u8dhF3C4K4s.roa
File:                     pRjunHmpM-stmDY1u8dhF3C4K4s.roa (raw, json)
Hash identifier:          Rr3MhNQF7fxyPtI3f7OC8IRkbDdo/uCnxJ+IT4GH5w4=
Subject key identifier:   A5:18:EE:9C:79:A9:33:EB:2D:98:36:35:BB:C7:61:17:70:B8:2B:8B
Certificate issuer:       /CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Certificate serial:       0571C785
Authority key identifier: 71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/pRjunHmpM-stmDY1u8dhF3C4K4s.roa
Signing time:             Sat 01 Jan 2022 11:00:56 +0000
ROA not before:           Sat 01 Jan 2022 11:00:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43171
IP address blocks:        91.189.32.0/21 maxlen: 21
                          77.87.77.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91342725 (0x571c785)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
        Validity
            Not Before: Jan  1 11:00:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a518ee9c79a933eb2d983635bbc7611770b82b8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:5c:a7:df:7c:9d:ac:9d:35:39:2e:a1:68:75:
                    2a:d9:ac:f3:14:00:78:40:a4:78:26:40:9f:72:f8:
                    45:0f:9a:bf:74:2f:bb:33:82:17:a1:9e:97:e2:61:
                    ea:97:ca:c8:4f:dd:28:55:5d:96:a4:56:05:83:6f:
                    00:a3:45:ed:5c:41:ae:41:ad:29:cc:86:6d:b6:00:
                    a1:86:98:db:7f:7d:ec:96:f4:31:6e:bf:91:fb:81:
                    d2:7f:6b:65:ee:ea:6a:46:14:9f:f3:97:63:63:12:
                    8e:d5:ef:8d:22:7a:6c:15:59:e6:44:ae:1f:2b:05:
                    75:29:3f:ec:67:8c:52:f6:92:bc:8c:9f:a2:97:d3:
                    3a:3b:97:1a:39:35:a5:49:53:36:02:9e:80:87:2f:
                    e2:3e:23:49:60:4b:9e:94:d1:b1:0b:e9:f8:23:40:
                    3c:27:c6:7f:a4:1f:41:c8:36:dc:56:18:a8:7a:dc:
                    53:38:32:a8:06:78:54:7e:b4:52:e5:6a:dd:2c:6d:
                    95:bd:e3:a2:4c:d7:ab:d0:b5:47:6e:b7:65:bd:54:
                    5f:ee:a9:b2:35:b4:ea:95:ef:e6:c3:ef:50:2c:ba:
                    a4:8e:b0:50:93:e0:81:d5:13:13:8e:00:bc:06:b0:
                    6d:45:13:a7:89:ee:39:d5:13:45:3c:2c:8d:a7:f3:
                    1d:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:18:EE:9C:79:A9:33:EB:2D:98:36:35:BB:C7:61:17:70:B8:2B:8B
            X509v3 Authority Key Identifier:
                keyid:71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/pRjunHmpM-stmDY1u8dhF3C4K4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.87.77.0/24
                  91.189.32.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a1:15:70:46:94:77:31:35:34:2c:92:ae:a8:7e:1e:61:23:a5:
         12:71:cb:70:a3:40:fe:f3:b4:d7:fb:0b:4f:e2:1b:ea:d6:7d:
         71:c0:f2:8f:0a:3c:5a:39:f3:d8:30:a8:df:9a:c7:43:e5:2d:
         0a:fb:5c:1a:c2:35:7e:a2:a8:fa:7c:67:46:95:71:0c:46:d1:
         b2:45:4e:b6:06:a8:c4:3d:f0:5d:96:01:75:e0:9b:fe:85:b4:
         6c:85:bb:5f:f3:7c:c3:a6:8d:1c:18:5d:a8:b5:18:f5:a8:72:
         41:de:6e:b5:5c:c9:99:e0:a6:50:44:b4:25:30:e6:f1:dc:a4:
         4a:c9:a2:ef:f9:65:f2:b4:01:9a:7c:4f:81:b4:07:e8:6c:6b:
         a6:d0:35:37:3c:83:0c:39:69:a1:ab:77:d5:a2:48:75:26:9a:
         55:f7:5d:ae:70:93:c7:f8:d2:1b:89:51:8c:3e:c0:2b:af:56:
         b8:3a:37:3b:1c:a1:21:90:28:72:5f:16:f7:ad:84:f5:b1:ed:
         d3:2c:52:09:dd:1b:fa:bd:fa:d0:2c:3b:c8:be:5f:f2:7a:4c:
         8e:be:01:63:bd:c6:51:6a:84:bc:02:b2:e1:35:44:4f:9e:c5:
         75:40:c3:92:42:21:4c:ba:0e:a7:18:ae:9d:2e:d1:a9:10:82:
         41:20:ab:bb
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBXHHhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MWMxNjkwZWY1N2FmY2ZmYWU3M2JkYjk5MzQzMDlmOGI3MGViYjYxMB4XDTIyMDEw
MTExMDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUxOGVlOWM3OWE5
MzNlYjJkOTgzNjM1YmJjNzYxMTc3MGI4MmI4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJcp998naydNTkuoWh1Ktms8xQAeECkeCZAn3L4RQ+av3Qv
uzOCF6Gel+Jh6pfKyE/dKFVdlqRWBYNvAKNF7VxBrkGtKcyGbbYAoYaY23997Jb0
MW6/kfuB0n9rZe7qakYUn/OXY2MSjtXvjSJ6bBVZ5kSuHysFdSk/7GeMUvaSvIyf
opfTOjuXGjk1pUlTNgKegIcv4j4jSWBLnpTRsQvp+CNAPCfGf6QfQcg23FYYqHrc
UzgyqAZ4VH60UuVq3Sxtlb3jokzXq9C1R263Zb1UX+6psjW06pXv5sPvUCy6pI6w
UJPggdUTE44AvAawbUUTp4nuOdUTRTwsjafzHcECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSlGO6ceakz6y2YNjW7x2EXcLgrizAfBgNVHSMEGDAWgBRxwWkO9Xr8/65z
vbmTQwn4tw67YTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NjRnBEdlY2X1AtdWM3MjVrME1KLUxjT3UyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvOWM3MGU5LTNkZjMtNGJjNy04MmU2LTAwNmU5YmI4ZWQ1OS8x
L3BSanVuSG1wTS1zdG1EWTF1OGRoRjNDNEs0cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
OWM3MGU5LTNkZjMtNGJjNy04MmU2LTAwNmU5YmI4ZWQ1OS8xL2NjRnBEdlY2X1At
dWM3MjVrME1KLUxjT3UyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAE1XTQMEA1u9IDANBgkqhkiG9w0B
AQsFAAOCAQEAoRVwRpR3MTU0LJKuqH4eYSOlEnHLcKNA/vO01/sLT+Ib6tZ9ccDy
jwo8Wjnz2DCo35rHQ+UtCvtcGsI1fqKo+nxnRpVxDEbRskVOtgaoxD3wXZYBdeCb
/oW0bIW7X/N8w6aNHBhdqLUY9ahyQd5utVzJmeCmUES0JTDm8dykSsmi7/ll8rQB
mnxPgbQH6GxrptA1NzyDDDlpoat31aJIdSaaVfddrnCTx/jSG4lRjD7AK69WuDo3
OxyhIZAocl8W962E9bHt0yxSCd0b+r360Cw7yL5f8npMjr4BY73GUWqEvAKy4TVE
T57FdUDDkkIhTLoOpxiunS7RqRCCQSCruw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:48 2024 by rpki-client on console-fra.rpki-client.org