Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/74q3huf7eerlclnq6hDRgP55eSg.roa
File:                     74q3huf7eerlclnq6hDRgP55eSg.roa (raw, json)
Hash identifier:          oQC7FM8E6Oi98kh7lFtYJNkbFKmMI+l1vE680XHQj9A=
Subject key identifier:   EF:8A:B7:86:E7:FB:79:EA:E5:72:59:EA:EA:10:D1:80:FE:79:79:28
Certificate issuer:       /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial:       38B85138
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/74q3huf7eerlclnq6hDRgP55eSg.roa
Signing time:             Fri 21 Jan 2022 10:07:08 +0000
ROA not before:           Fri 21 Jan 2022 10:07:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49964
IP address blocks:        109.69.217.16/28 maxlen: 28
                          62.112.31.0/24 maxlen: 24
                          62.112.29.0/24 maxlen: 24
                          46.18.38.0/24 maxlen: 24
                          46.18.36.0/22 maxlen: 24
                          46.18.36.0/24 maxlen: 24
                          46.18.37.0/24 maxlen: 24
                          46.18.34.0/24 maxlen: 24
                          46.18.34.0/23 maxlen: 24
                          46.18.35.0/24 maxlen: 24
                          46.18.33.0/24 maxlen: 24
                          46.18.39.0/24 maxlen: 24
                          185.64.64.0/22 maxlen: 24
                          85.119.216.0/21 maxlen: 24
                          109.69.221.192/28 maxlen: 28
                          185.185.231.0/24 maxlen: 24
                          185.185.228.0/24 maxlen: 24
                          185.185.229.0/24 maxlen: 24
                          109.69.219.0/24 maxlen: 24
                          109.69.216.0/23 maxlen: 24
                          109.69.221.0/24 maxlen: 24
                          109.69.222.0/24 maxlen: 24
                          109.69.220.0/24 maxlen: 24
                          37.19.8.0/21 maxlen: 24
                          2a00:1528::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 951603512 (0x38b85138)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
        Validity
            Not Before: Jan 21 10:07:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ef8ab786e7fb79eae57259eaea10d180fe797928
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a9:fb:1d:c4:65:29:20:0f:a0:c6:e7:3c:38:
                    8f:f9:b2:f9:5d:29:b8:a1:8f:93:aa:9d:c9:38:46:
                    86:be:6c:3a:e7:77:63:d8:52:97:ef:4e:14:c5:cd:
                    59:8e:5a:97:df:85:97:b7:db:ef:bc:28:5d:9c:57:
                    f9:cf:48:7e:2a:75:0b:b1:5c:6e:7e:7d:db:7d:b4:
                    90:dd:66:b5:b6:49:06:10:58:92:b5:38:52:9d:70:
                    19:17:66:ec:94:ae:8f:15:b8:68:8d:82:f4:66:12:
                    66:ee:6f:45:53:b9:30:33:f2:5d:7a:52:77:4f:49:
                    61:72:d6:a5:c5:44:03:a7:75:47:ad:47:59:5d:1e:
                    18:b6:da:0d:2c:96:d9:75:07:95:32:ae:ea:73:fb:
                    76:32:a6:0e:c0:08:c2:7e:a9:ae:46:52:a8:a3:e6:
                    04:79:d3:7a:55:05:23:90:7e:04:11:8c:9d:0a:ed:
                    24:9c:49:b9:6d:b5:6a:23:e0:ef:85:f2:ce:a3:1d:
                    9e:8b:26:7e:b7:46:a4:21:3b:e9:7b:3f:d2:a4:4b:
                    03:79:67:af:68:69:61:8a:0e:35:2a:47:ae:96:d4:
                    cf:94:14:6c:19:0b:68:7c:83:87:76:18:1c:7f:3f:
                    f4:28:0f:f2:f4:5f:47:cc:54:39:72:c2:77:10:ff:
                    fb:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:8A:B7:86:E7:FB:79:EA:E5:72:59:EA:EA:10:D1:80:FE:79:79:28
            X509v3 Authority Key Identifier:
                keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/74q3huf7eerlclnq6hDRgP55eSg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.19.8.0/21
                  46.18.33.0-46.18.39.255
                  62.112.29.0/24
                  62.112.31.0/24
                  85.119.216.0/21
                  109.69.216.0/23
                  109.69.219.0-109.69.222.255
                  185.64.64.0/22
                  185.185.228.0/23
                  185.185.231.0/24
                IPv6:
                  2a00:1528::/32

    Signature Algorithm: sha256WithRSAEncryption
         84:a2:ab:ee:72:11:2e:55:ee:d5:09:3b:60:3d:04:c7:ff:69:
         a5:b0:1b:41:94:f3:b7:b7:cf:5d:a2:ac:01:3c:a2:b5:68:db:
         84:0a:c2:a8:7e:de:68:37:19:50:64:39:3b:ac:9e:31:cb:a8:
         09:b1:0c:9c:cc:eb:5d:08:5d:92:18:21:3e:a0:dc:ea:29:8f:
         e6:05:b6:6e:e7:a6:4c:64:a0:6c:bd:b9:5f:e8:2c:13:18:d7:
         a6:0b:ba:48:eb:68:30:5c:82:79:25:4e:ff:cf:63:b4:5f:3c:
         e2:39:45:b7:5a:9e:8a:9f:c2:d8:08:17:29:80:be:e7:42:ac:
         f2:80:43:a9:77:31:25:ed:7c:11:d0:ae:9e:2f:56:22:14:d7:
         2d:07:da:61:72:e5:69:94:33:dc:ce:92:16:7a:48:9d:7f:54:
         3b:5e:f8:62:bb:84:d9:6c:e6:9d:b2:b7:2e:fd:aa:d5:d4:fe:
         1f:af:ec:ab:1d:39:36:84:6b:f5:9c:e9:04:04:f0:59:18:17:
         76:2f:b2:83:77:99:5b:7c:42:4c:2b:e2:7b:b7:e0:26:38:56:
         33:20:8a:38:ed:6a:5d:a8:63:f9:49:e3:6e:56:ef:08:0e:da:
         d4:12:39:77:c3:ae:89:78:32:08:05:ff:7f:4b:d5:17:a7:cd:
         aa:2a:7f:a5
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIEOLhRODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Nzc3YjViMzZmNjZlMTNjNDM4OGM5OTM0ZGE1MDc4NTY1MTVkMDczMB4XDTIyMDEy
MTEwMDcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWY4YWI3ODZlN2Zi
NzllYWU1NzI1OWVhZWExMGQxODBmZTc5NzkyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWp+x3EZSkgD6DG5zw4j/my+V0puKGPk6qdyThGhr5sOud3
Y9hSl+9OFMXNWY5al9+Fl7fb77woXZxX+c9Ifip1C7Fcbn592320kN1mtbZJBhBY
krU4Up1wGRdm7JSujxW4aI2C9GYSZu5vRVO5MDPyXXpSd09JYXLWpcVEA6d1R61H
WV0eGLbaDSyW2XUHlTKu6nP7djKmDsAIwn6prkZSqKPmBHnTelUFI5B+BBGMnQrt
JJxJuW21aiPg74XyzqMdnosmfrdGpCE76Xs/0qRLA3lnr2hpYYoONSpHrpbUz5QU
bBkLaHyDh3YYHH8/9CgP8vRfR8xUOXLCdxD/+2MCAwEAAaOCAl4wggJaMB0GA1Ud
DgQWBBTvireG5/t56uVyWerqENGA/nl5KDAfBgNVHSMEGDAWgBSHd7Wzb2bhPEOI
yZNNpQeFZRXQczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gzZTFzMjltNFR4RGlNbVRUYVVIaFdVVjBITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvZjkyZTJhLWUxZTQtNDg3ZC05YWNjLWVkMWYzMGNjMWM1Ny8x
Lzc0cTNodWY3ZWVybGNsbnE2aERSZ1A1NWVTZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
ZjkyZTJhLWUxZTQtNDg3ZC05YWNjLWVkMWYzMGNjMWM1Ny8xL2gzZTFzMjltNFR4
RGlNbVRUYVVIaFdVVjBITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB0
BggrBgEFBQcBBwEB/wRlMGMwUgQCAAEwTAMEAyUTCDAMAwQALhIhAwQDLhIgAwQA
PnAdAwQAPnAfAwQDVXfYAwQBbUXYMAwDBABtRdsDBABtRd4DBAK5QEADBAG5ueQD
BAC5uecwDQQCAAIwBwMFACoAFSgwDQYJKoZIhvcNAQELBQADggEBAISiq+5yES5V
7tUJO2A9BMf/aaWwG0GU87e3z12irAE8orVo24QKwqh+3mg3GVBkOTusnjHLqAmx
DJzM610IXZIYIT6g3Oopj+YFtm7npkxkoGy9uV/oLBMY16YLukjraDBcgnklTv/P
Y7RfPOI5RbdanoqfwtgIFymAvudCrPKAQ6l3MSXtfBHQrp4vViIU1y0H2mFy5WmU
M9zOkhZ6SJ1/VDte+GK7hNls5p2yty79qtXU/h+v7KsdOTaEa/Wc6QQE8FkYF3Yv
soN3mVt8Qkwr4nu34CY4VjMgijjtal2oY/lJ425W7wgO2tQSOXfDrol4MggF/39L
1Renzaoqf6U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:29 2024 by rpki-client on console-fra.rpki-client.org