Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/8znm9aDn9UltkScvtfgDgbQwvDY.roa
File:                     8znm9aDn9UltkScvtfgDgbQwvDY.roa (raw, json)
Hash identifier:          4o2nXz6C7O1FjICv6+8yWp9ah6OxMsqv2l4lpkdP5iA=
Subject key identifier:   F3:39:E6:F5:A0:E7:F5:49:6D:91:27:2F:B5:F8:03:81:B4:30:BC:36
Certificate issuer:       /CN=c7770135d0f0d30a868df551d8752d4b4badc2c1
Certificate serial:       08115C13
Authority key identifier: C7:77:01:35:D0:F0:D3:0A:86:8D:F5:51:D8:75:2D:4B:4B:AD:C2:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3cBNdDw0wqGjfVR2HUtS0utwsE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/8znm9aDn9UltkScvtfgDgbQwvDY.roa
Signing time:             Sat 01 Jan 2022 15:00:50 +0000
ROA not before:           Sat 01 Jan 2022 15:00:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206150
IP address blocks:        81.173.47.0/24 maxlen: 24
                          81.173.46.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 135355411 (0x8115c13)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7770135d0f0d30a868df551d8752d4b4badc2c1
        Validity
            Not Before: Jan  1 15:00:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f339e6f5a0e7f5496d91272fb5f80381b430bc36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7e:04:a6:7e:e8:4d:8e:5a:99:b5:00:39:31:
                    f7:b8:ff:43:46:56:d8:09:92:00:b0:8b:86:f1:93:
                    d7:4d:30:16:af:14:2b:f2:3e:3c:ee:b0:0f:f7:11:
                    d1:95:25:6c:60:55:de:e2:26:03:14:88:fc:3d:ad:
                    e9:69:5b:00:74:81:8c:17:81:55:45:8c:e0:af:30:
                    33:91:f5:db:ae:0d:1c:e4:5f:53:78:6d:ad:c0:3f:
                    fc:ca:e4:88:75:a6:42:11:ef:83:f1:e5:68:59:3b:
                    07:b0:9c:a2:a2:5f:bd:3b:76:b1:37:89:e9:f1:c3:
                    bb:0c:62:7a:ae:d1:cc:d7:22:86:0d:c0:22:63:0b:
                    8d:b0:3c:fe:d7:6c:b1:24:6d:e5:e2:b0:e3:4a:86:
                    24:4a:c0:cb:c3:7c:62:96:55:a7:03:9f:77:dd:60:
                    df:74:c2:9f:b7:89:3e:bf:aa:2c:ab:0c:a7:9e:ba:
                    9a:93:d4:8a:db:fb:2d:dd:78:d0:bc:d7:f8:14:be:
                    6a:d6:33:a1:5c:2f:7a:07:46:34:da:fd:f8:5f:88:
                    92:cf:84:d3:f7:c7:72:7a:1e:ca:4a:c0:eb:56:2a:
                    6c:c8:4b:5f:a7:1d:f7:fb:a7:ed:17:f5:d8:c7:d5:
                    c5:4f:4f:6d:b4:82:28:1d:ee:90:d8:4a:55:a0:e6:
                    46:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:39:E6:F5:A0:E7:F5:49:6D:91:27:2F:B5:F8:03:81:B4:30:BC:36
            X509v3 Authority Key Identifier:
                keyid:C7:77:01:35:D0:F0:D3:0A:86:8D:F5:51:D8:75:2D:4B:4B:AD:C2:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3cBNdDw0wqGjfVR2HUtS0utwsE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/8znm9aDn9UltkScvtfgDgbQwvDY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/x3cBNdDw0wqGjfVR2HUtS0utwsE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.173.46.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:bb:05:80:6a:51:28:b4:ac:53:46:f0:fc:34:0f:97:83:0d:
         f9:c9:96:9d:d0:dd:76:5d:d0:32:d8:ef:89:2e:77:fb:e5:59:
         18:fa:e0:47:0c:ae:92:89:34:9c:e0:f1:0d:47:3e:c0:f7:5d:
         1e:d4:23:58:1a:c8:34:db:2b:80:10:63:5a:3e:50:7a:32:b7:
         a1:a1:64:92:65:fd:62:0e:97:98:58:4b:93:a0:46:ca:c8:f8:
         c2:c4:68:4e:6a:ef:9b:4a:1f:70:3b:f0:9d:d1:85:5a:11:08:
         82:c6:2a:5d:83:61:0c:7e:8a:a9:a6:46:0a:b6:a2:68:d8:ef:
         5f:da:33:1e:96:52:e4:68:d1:27:54:3d:34:46:54:45:20:ea:
         7d:61:53:ad:28:8b:98:33:13:fc:00:a4:1d:26:0b:10:99:35:
         ed:26:4e:c1:2f:64:ac:8b:82:31:5a:00:a0:7e:c9:7c:fa:73:
         7e:ef:67:fb:dc:d8:8d:02:85:99:11:46:a5:34:0c:b3:c5:41:
         7c:2b:55:e9:98:5c:37:72:9c:7c:ba:cd:c0:69:6f:35:55:c4:
         7f:cd:e3:ef:26:7b:e0:02:ee:10:27:1e:8f:1b:ca:35:ef:00:
         a5:98:dc:a6:8a:13:ba:f0:69:d1:14:11:6f:35:c9:54:a2:60:
         a1:89:2b:bb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECBFcEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Nzc3MDEzNWQwZjBkMzBhODY4ZGY1NTFkODc1MmQ0YjRiYWRjMmMxMB4XDTIyMDEw
MTE1MDA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjMzOWU2ZjVhMGU3
ZjU0OTZkOTEyNzJmYjVmODAzODFiNDMwYmMzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKh+BKZ+6E2OWpm1ADkx97j/Q0ZW2AmSALCLhvGT100wFq8U
K/I+PO6wD/cR0ZUlbGBV3uImAxSI/D2t6WlbAHSBjBeBVUWM4K8wM5H1264NHORf
U3htrcA//MrkiHWmQhHvg/HlaFk7B7CcoqJfvTt2sTeJ6fHDuwxieq7RzNcihg3A
ImMLjbA8/tdssSRt5eKw40qGJErAy8N8YpZVpwOfd91g33TCn7eJPr+qLKsMp566
mpPUitv7Ld140LzX+BS+atYzoVwvegdGNNr9+F+Iks+E0/fHcnoeykrA61YqbMhL
X6cd9/un7Rf12MfVxU9PbbSCKB3ukNhKVaDmRh0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTzOeb1oOf1SW2RJy+1+AOBtDC8NjAfBgNVHSMEGDAWgBTHdwE10PDTCoaN
9VHYdS1LS63CwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gzY0JOZER3MHdxR2pmVlIySFV0UzB1dHdzRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvYjk3MDcwLWM1ZjQtNDQxMC05NGI1LWQ2NGQ3NTM5NDAzNy8x
Lzh6bm05YURuOVVsdGtTY3Z0ZmdEZ2JRd3ZEWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
Yjk3MDcwLWM1ZjQtNDQxMC05NGI1LWQ2NGQ3NTM5NDAzNy8xL3gzY0JOZER3MHdx
R2pmVlIySFV0UzB1dHdzRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVGtLjANBgkqhkiG9w0BAQsFAAOC
AQEAMbsFgGpRKLSsU0bw/DQPl4MN+cmWndDddl3QMtjviS53++VZGPrgRwyukok0
nODxDUc+wPddHtQjWBrINNsrgBBjWj5QejK3oaFkkmX9Yg6XmFhLk6BGysj4wsRo
Tmrvm0ofcDvwndGFWhEIgsYqXYNhDH6KqaZGCraiaNjvX9ozHpZS5GjRJ1Q9NEZU
RSDqfWFTrSiLmDMT/ACkHSYLEJk17SZOwS9krIuCMVoAoH7JfPpzfu9n+9zYjQKF
mRFGpTQMs8VBfCtV6ZhcN3KcfLrNwGlvNVXEf83j7yZ74ALuECcejxvKNe8ApZjc
pooTuvBp0RQRbzXJVKJgoYkruw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:27 2024 by rpki-client on console-fra.rpki-client.org