Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/c9XQSOxJbzqiuc-yavJoq9Z3CIs.roa
File:                     c9XQSOxJbzqiuc-yavJoq9Z3CIs.roa (raw, json)
Hash identifier:          70aSh3QjnpgplKu7dW5SkRFcKs7+dAH/qEv4aaGyB60=
Subject key identifier:   73:D5:D0:48:EC:49:6F:3A:A2:B9:CF:B2:6A:F2:68:AB:D6:77:08:8B
Certificate issuer:       /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial:       1D2DA7
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/c9XQSOxJbzqiuc-yavJoq9Z3CIs.roa
Signing time:             Sat 01 Jan 2022 01:03:08 +0000
ROA not before:           Sat 01 Jan 2022 01:03:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29286
IP address blocks:        37.9.176.0/21 maxlen: 21
                          185.20.212.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1912231 (0x1d2da7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
        Validity
            Not Before: Jan  1 01:03:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=73d5d048ec496f3aa2b9cfb26af268abd677088b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:81:4e:1d:63:65:46:f0:c7:18:67:ab:dc:88:
                    18:26:12:60:87:e0:a9:0c:d1:27:66:27:d5:e1:e0:
                    1b:b8:69:db:f5:23:0d:d2:5a:06:d8:a0:6d:b9:94:
                    05:c8:96:97:49:93:ef:c4:2f:81:81:6a:97:ae:7b:
                    a7:a1:a3:16:19:89:c0:7e:46:8d:72:86:37:20:a4:
                    cb:6b:0e:4e:31:26:04:75:2d:5e:b7:b7:87:7b:ab:
                    20:29:5c:9d:64:89:6c:22:8d:96:6e:d2:e3:17:0f:
                    9e:41:e0:cf:dd:e5:24:60:bc:4c:5a:74:7b:f8:f1:
                    7c:0c:32:27:8e:2b:2f:9a:62:49:75:e1:05:ef:25:
                    a1:75:79:d8:80:2d:c6:99:8c:8d:d2:a6:07:4c:c0:
                    bc:48:d9:5d:d6:37:2b:d3:9a:85:65:f0:a5:1d:0f:
                    e6:9a:90:d7:e8:13:2e:f6:cd:96:e4:8d:45:cf:f5:
                    d9:e0:ee:76:ab:ee:17:1e:d7:79:48:4f:15:9f:27:
                    fd:d0:bb:6f:e0:88:66:42:98:30:6b:01:9d:6f:a9:
                    89:4b:e0:b3:d3:e3:79:5d:ee:85:9d:b0:45:54:e3:
                    b6:5b:87:e6:85:e5:15:9e:fa:da:0e:03:7d:45:e1:
                    ac:da:bf:d5:5c:9e:70:9c:ae:e1:72:d9:fa:95:71:
                    98:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:D5:D0:48:EC:49:6F:3A:A2:B9:CF:B2:6A:F2:68:AB:D6:77:08:8B
            X509v3 Authority Key Identifier:
                keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/c9XQSOxJbzqiuc-yavJoq9Z3CIs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.9.176.0/21
                  185.20.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         95:47:27:45:91:92:c3:36:5e:31:19:32:f5:1c:78:0a:68:2b:
         e0:f6:19:a4:27:78:8f:a3:f2:a9:a0:83:ec:7d:9c:86:1a:a1:
         00:e9:31:cf:dc:45:8d:be:2d:1f:f9:88:03:80:01:0f:ea:47:
         95:a1:22:b7:b6:e1:21:df:a5:2e:40:f2:87:72:15:14:b3:5e:
         f4:4f:6c:c6:26:64:80:cd:06:5c:fc:e8:1c:11:55:80:55:c1:
         7a:76:43:03:f7:13:f1:74:71:6e:17:51:fe:41:6a:a3:54:d0:
         ab:a2:08:a1:03:d3:1f:ea:0b:53:b2:8e:3c:d0:57:61:32:16:
         f3:e7:4a:e1:35:56:e5:ec:d6:34:74:d5:a2:bf:84:ec:15:4c:
         21:f4:93:e7:fa:19:0d:7a:53:9b:ac:2d:3a:b5:87:1b:57:16:
         6e:43:9a:0f:08:90:e4:fe:8c:41:a9:35:dc:04:7b:ec:34:5d:
         d0:cf:aa:2f:12:a2:82:20:90:0e:5c:61:63:5a:2d:78:de:87:
         62:db:bb:02:24:dd:7b:02:4f:b7:8f:d4:bf:ef:bd:20:0b:c4:
         b9:9d:46:a9:e1:bf:9f:d8:9d:6f:28:0b:a0:7e:11:03:52:92:
         a7:74:b1:07:68:f6:82:a5:c0:49:71:37:c5:2c:b0:f7:fc:61:
         16:61:cb:33
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDHS2nMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBm
NjcxZmVjMzhmMDBjNDAyZjMwNjZmMTNjNzkyZTFhMGVkMTZkYjMwHhcNMjIwMTAx
MDEwMzA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3M2Q1ZDA0OGVjNDk2
ZjNhYTJiOWNmYjI2YWYyNjhhYmQ2NzcwODhiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuoFOHWNlRvDHGGer3IgYJhJgh+CpDNEnZifV4eAbuGnb9SMN
0loG2KBtuZQFyJaXSZPvxC+BgWqXrnunoaMWGYnAfkaNcoY3IKTLaw5OMSYEdS1e
t7eHe6sgKVydZIlsIo2WbtLjFw+eQeDP3eUkYLxMWnR7+PF8DDInjisvmmJJdeEF
7yWhdXnYgC3GmYyN0qYHTMC8SNld1jcr05qFZfClHQ/mmpDX6BMu9s2W5I1Fz/XZ
4O52q+4XHtd5SE8Vnyf90Ltv4IhmQpgwawGdb6mJS+Cz0+N5Xe6FnbBFVOO2W4fm
heUVnvraDgN9ReGs2r/VXJ5wnK7hctn6lXGYAwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFHPV0EjsSW86ornPsmryaKvWdwiLMB8GA1UdIwQYMBaAFA9nH+w48AxALzBm
8Tx5LhoO0W2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTItOTc3MzA1YzcwMDUxLzEv
YzlYUVNPeEpienFpdWMteWF2Sm9xOVozQ0lzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS80
OWJiNjktZGZmOS00NDhlLWE4YTItOTc3MzA1YzcwMDUxLzEvRDJjZjdEandERUF2
TUdieFBIa3VHZzdSYmJNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJQmwAwQCuRTUMA0GCSqGSIb3DQEB
CwUAA4IBAQCVRydFkZLDNl4xGTL1HHgKaCvg9hmkJ3iPo/KpoIPsfZyGGqEA6THP
3EWNvi0f+YgDgAEP6keVoSK3tuEh36UuQPKHchUUs170T2zGJmSAzQZc/OgcEVWA
VcF6dkMD9xPxdHFuF1H+QWqjVNCrogihA9Mf6gtTso480FdhMhbz50rhNVbl7NY0
dNWiv4TsFUwh9JPn+hkNelObrC06tYcbVxZuQ5oPCJDk/oxBqTXcBHvsNF3Qz6ov
EqKCIJAOXGFjWi143odi27sCJN17Ak+3j9S/770gC8S5nUap4b+f2J1vKAugfhED
UpKndLEHaPaCpcBJcTfFLLD3/GEWYcsz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:45 2024 by rpki-client on console-fra.rpki-client.org