Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1NEl339p1DLs4DiUAbVyNb3aIdQ.roa
File:                     1NEl339p1DLs4DiUAbVyNb3aIdQ.roa (raw, json)
Hash identifier:          MLbkrM+zYjrEQH7pV+0yStIPtLRQRYd6Y08c4FGR3hk=
Subject key identifier:   D4:D1:25:DF:7F:69:D4:32:EC:E0:38:94:01:B5:72:35:BD:DA:21:D4
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       04ECFBBD
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1NEl339p1DLs4DiUAbVyNb3aIdQ.roa
Signing time:             Sat 01 Jan 2022 07:56:34 +0000
ROA not before:           Sat 01 Jan 2022 07:56:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51765
IP address blocks:        185.77.218.0/23 maxlen: 24
                          185.77.217.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82639805 (0x4ecfbbd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jan  1 07:56:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d4d125df7f69d432ece0389401b57235bdda21d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:f6:0d:eb:ac:70:03:74:b2:8e:7c:9f:ae:d5:
                    b3:0e:f4:64:b2:20:36:f4:07:77:d6:40:0c:60:d5:
                    d6:41:56:a4:6a:80:ca:c7:6d:91:7d:47:89:f1:32:
                    71:1b:72:a3:58:b0:21:f6:4a:41:42:af:6d:28:d2:
                    dd:75:72:db:c6:b1:67:42:12:4e:7a:b1:3d:e1:29:
                    bd:53:48:e0:16:79:65:c1:22:70:87:2f:66:33:71:
                    a6:44:b5:e0:f4:cc:f4:fc:cb:4d:aa:b6:9c:5d:a6:
                    0e:e7:2c:2e:b0:82:08:4f:af:79:5a:fd:18:e3:96:
                    44:58:89:84:23:32:b8:83:37:43:fc:f7:3e:41:ea:
                    a0:a1:ee:2d:4f:47:f2:e0:83:58:64:88:64:38:1c:
                    dd:07:47:0c:bb:a9:54:89:a6:e9:20:ea:a2:af:30:
                    e1:60:55:b0:80:af:41:9a:eb:b1:7f:24:d1:28:34:
                    3e:0d:27:78:b2:ce:ee:2c:0d:85:8f:25:e6:3b:b3:
                    f0:c3:6a:ee:13:5e:31:36:7b:c7:88:9a:74:46:a2:
                    60:a1:ca:26:16:30:2a:18:ee:5c:a8:dd:cf:91:6c:
                    5a:6c:f8:a3:dc:ad:28:8e:72:64:1d:bc:52:26:63:
                    e9:0c:e9:68:e0:42:5b:b5:71:08:13:be:e8:95:79:
                    10:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:D1:25:DF:7F:69:D4:32:EC:E0:38:94:01:B5:72:35:BD:DA:21:D4
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1NEl339p1DLs4DiUAbVyNb3aIdQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.77.217.0-185.77.219.255

    Signature Algorithm: sha256WithRSAEncryption
         25:bd:d5:fc:cd:c6:59:e4:95:d6:3e:64:3c:8b:50:c3:02:64:
         5c:2a:88:5a:ac:77:29:e4:ad:e2:ef:1f:0d:2d:6d:9b:42:2b:
         35:a2:66:04:2f:8b:1a:dc:eb:dd:90:19:bd:81:8a:a5:15:34:
         16:ba:64:a2:76:6d:91:8e:53:9a:76:75:89:a9:14:38:35:1a:
         b7:5b:ed:b1:d4:11:d2:d0:60:27:cd:ad:a6:4e:e2:92:9e:3c:
         ca:59:f4:73:71:5f:ce:1a:95:90:41:33:d2:7c:82:4f:20:e7:
         e2:86:16:f9:08:62:0a:5d:c4:19:d0:3c:fb:b7:f1:02:e9:3b:
         9b:15:21:7d:a0:ad:4e:ce:2d:05:85:bc:94:d1:af:47:3f:66:
         d0:8f:6a:d7:98:7f:43:42:46:03:0f:fe:c5:b1:96:a7:6a:ef:
         14:34:c0:2a:7b:f7:86:65:db:40:f7:08:14:86:a6:fa:ec:39:
         22:39:55:75:af:d8:05:b9:ba:0d:a3:92:0a:f5:2b:83:cb:94:
         4f:55:71:2f:ae:97:fa:ac:eb:42:2f:36:ed:8e:31:e0:55:15:
         e5:31:91:1f:d8:85:11:9e:a5:c2:81:93:bb:31:fa:b6:f2:d7:
         68:3b:2b:51:26:84:9a:83:08:98:b6:48:45:76:2b:11:e6:a4:
         a1:74:a4:91
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBOz7vTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YWVlMTVjMzNkZTM1ODkzOGQ2OTAwYTFiM2MxNDQ4MGEzODllODViMB4XDTIyMDEw
MTA3NTYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRkMTI1ZGY3ZjY5
ZDQzMmVjZTAzODk0MDFiNTcyMzViZGRhMjFkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/2DeuscAN0so58n67Vsw70ZLIgNvQHd9ZADGDV1kFWpGqA
ysdtkX1HifEycRtyo1iwIfZKQUKvbSjS3XVy28axZ0ISTnqxPeEpvVNI4BZ5ZcEi
cIcvZjNxpkS14PTM9PzLTaq2nF2mDucsLrCCCE+veVr9GOOWRFiJhCMyuIM3Q/z3
PkHqoKHuLU9H8uCDWGSIZDgc3QdHDLupVImm6SDqoq8w4WBVsICvQZrrsX8k0Sg0
Pg0neLLO7iwNhY8l5juz8MNq7hNeMTZ7x4iadEaiYKHKJhYwKhjuXKjdz5FsWmz4
o9ytKI5yZB28UiZj6QzpaOBCW7VxCBO+6JV5EC0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTU0SXff2nUMuzgOJQBtXI1vdoh1DAfBgNVHSMEGDAWgBSa7hXDPeNYk41p
AKGzwUSAo4noWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L211NFZ3ejNqV0pPTmFRQ2hzOEZFZ0tPSjZGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8x
LzFORWwzMzlwMURMczREaVVBYlZ5TmIzYUlkUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8xL211NFZ3ejNqV0pP
TmFRQ2hzOEZFZ0tPSjZGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAuU3ZAwQCuU3YMA0GCSqGSIb3
DQEBCwUAA4IBAQAlvdX8zcZZ5JXWPmQ8i1DDAmRcKoharHcp5K3i7x8NLW2bQis1
omYEL4sa3OvdkBm9gYqlFTQWumSidm2RjlOadnWJqRQ4NRq3W+2x1BHS0GAnza2m
TuKSnjzKWfRzcV/OGpWQQTPSfIJPIOfihhb5CGIKXcQZ0Dz7t/EC6TubFSF9oK1O
zi0FhbyU0a9HP2bQj2rXmH9DQkYDD/7FsZanau8UNMAqe/eGZdtA9wgUhqb67Dki
OVV1r9gFuboNo5IK9SuDy5RPVXEvrpf6rOtCLzbtjjHgVRXlMZEf2IURnqXCgZO7
Mfq28tdoOytRJoSagwiYtkhFdisR5qShdKSR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org