Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/97OHfiE8pB2FIc00LoyExvQwk_I.roa
File:                     97OHfiE8pB2FIc00LoyExvQwk_I.roa (raw, json)
Hash identifier:          RydA5YGsCMTLYuk9gAn3H+a7Qh1b00fYjnxVzDjaNPE=
Subject key identifier:   F7:B3:87:7E:21:3C:A4:1D:85:21:CD:34:2E:8C:84:C6:F4:30:93:F2
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       01826F6B6336DB6CB71F80E8798CE0060C78
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/97OHfiE8pB2FIc00LoyExvQwk_I.roa
Signing time:             Fri 05 Aug 2022 19:11:24 +0000
ROA not before:           Fri 05 Aug 2022 19:11:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213220
IP address blocks:        176.57.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:6f:6b:63:36:db:6c:b7:1f:80:e8:79:8c:e0:06:0c:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Aug  5 19:11:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f7b3877e213ca41d8521cd342e8c84c6f43093f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:77:30:65:05:1b:4f:f4:90:14:fc:4f:75:55:
                    40:1b:7d:cb:48:d2:ee:38:6c:2e:91:c5:1a:71:3c:
                    20:40:16:57:68:5a:39:77:d8:eb:9f:ac:d1:2f:86:
                    a3:55:3e:9c:5b:99:cc:8c:d1:be:f6:0a:bf:fd:da:
                    bf:68:9c:b1:18:45:43:58:3b:4c:74:8a:de:ee:e2:
                    ee:25:0d:bd:0d:fc:0f:28:2f:b5:7a:9a:61:f6:15:
                    23:60:d0:7b:85:80:6d:4a:9c:99:73:04:4a:b7:46:
                    2f:23:f1:29:87:7f:37:90:42:4a:b6:48:25:f9:3d:
                    b0:0d:e6:83:84:e7:33:d0:3c:cc:a1:58:7c:2b:65:
                    cc:c3:b0:00:d5:a9:a8:e4:3b:46:f4:a9:ae:21:65:
                    dc:7c:ed:97:cd:88:c7:c2:cc:37:40:cf:ca:63:01:
                    26:78:83:cb:82:2e:c0:43:b3:bf:63:ad:a7:89:69:
                    29:58:4f:25:a7:a6:5b:5b:7e:9e:b5:7f:11:82:c6:
                    46:ca:6d:d3:d8:9b:56:29:e6:89:1b:29:b1:40:6b:
                    a5:33:04:ba:a4:96:4f:28:ff:51:e9:4f:47:38:8d:
                    59:7f:43:3b:2c:f8:06:74:b0:aa:b7:34:7d:0a:38:
                    88:84:98:51:a0:1d:d9:3c:46:f0:f6:62:44:be:e5:
                    5c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:B3:87:7E:21:3C:A4:1D:85:21:CD:34:2E:8C:84:C6:F4:30:93:F2
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/97OHfiE8pB2FIc00LoyExvQwk_I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.57.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:43:62:77:17:3f:7c:18:82:37:9e:46:bf:ad:c6:ab:01:5d:
         df:22:d1:d6:ce:54:60:6a:d2:77:18:a2:9c:63:3a:f4:0e:d3:
         43:ce:7d:2e:96:01:bd:a3:e8:5e:2c:17:83:af:ab:df:2b:60:
         de:87:2d:53:3b:46:46:98:18:33:d4:ac:3d:7a:00:f8:eb:73:
         f6:50:ed:c7:19:03:1e:aa:9d:b7:74:2d:f5:68:31:8f:e4:0d:
         de:c6:4d:9e:1d:bf:bb:32:eb:f1:4f:94:98:d2:47:7b:da:f5:
         99:8b:c7:ed:b8:6a:a7:a9:3e:95:59:b3:ba:8e:96:71:b9:1f:
         65:b8:a5:ad:35:2e:92:ee:ba:ff:68:44:54:3f:c7:fc:49:b7:
         d8:a9:83:53:c6:5e:d7:1c:51:f5:d5:8f:f6:d9:1c:a3:dd:c1:
         ef:d4:b4:e6:d3:61:8b:81:30:0c:da:cb:e3:70:4c:65:70:d2:
         2c:0a:45:ae:16:2e:ce:ac:ed:57:ce:e9:de:cc:29:7a:b5:77:
         d8:27:7d:a5:dc:9a:b9:7a:2f:36:cd:78:06:ab:87:3a:0e:30:
         91:e0:f0:9b:2e:df:46:5b:14:6d:00:bb:b1:1a:56:ce:78:4c:
         7a:78:15:7b:0e:5d:66:5b:fb:33:c9:93:1b:b2:5c:4e:a0:94:
         08:22:47:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJva2M222y3H4DoeYzgBgx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjIwODA1MTkxMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2IzODc3ZTIxM2NhNDFkODUyMWNkMzQyZThjODRjNmY0MzA5M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13cwZQUbT/SQFPxPdVVAG33LSNLu
OGwukcUacTwgQBZXaFo5d9jrn6zRL4ajVT6cW5nMjNG+9gq//dq/aJyxGEVDWDtM
dIre7uLuJQ29DfwPKC+1epph9hUjYNB7hYBtSpyZcwRKt0YvI/Eph383kEJKtkgl
+T2wDeaDhOcz0DzMoVh8K2XMw7AA1amo5DtG9KmuIWXcfO2XzYjHwsw3QM/KYwEm
eIPLgi7AQ7O/Y62niWkpWE8lp6ZbW36etX8RgsZGym3T2JtWKeaJGymxQGulMwS6
pJZPKP9R6U9HOI1Zf0M7LPgGdLCqtzR9CjiIhJhRoB3ZPEbw9mJEvuVcLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPezh34hPKQdhSHNNC6MhMb0MJPyMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvOTdPSGZpRThwQjJGSWMwMExveUV4dlF3a19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDk0MA0G
CSqGSIb3DQEBCwUAA4IBAQC0Q2J3Fz98GII3nka/rcarAV3fItHWzlRgatJ3GKKc
Yzr0DtNDzn0ulgG9o+heLBeDr6vfK2Dehy1TO0ZGmBgz1Kw9egD463P2UO3HGQMe
qp23dC31aDGP5A3exk2eHb+7MuvxT5SY0kd72vWZi8ftuGqnqT6VWbO6jpZxuR9l
uKWtNS6S7rr/aERUP8f8SbfYqYNTxl7XHFH11Y/22Ryj3cHv1LTm02GLgTAM2svj
cExlcNIsCkWuFi7OrO1XzunezCl6tXfYJ32l3Jq5ei82zXgGq4c6DjCR4PCbLt9G
WxRtALuxGlbOeEx6eBV7Dl1mW/szyZMbslxOoJQIIkdL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:53 2024 by rpki-client on console-fra.rpki-client.org