Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/vPGgoSpFxVucqOHSmobI1t7sbCI.roa
File:                     vPGgoSpFxVucqOHSmobI1t7sbCI.roa (raw, json)
Hash identifier:          qb7WjVuv2gaYqRORYMTE0H+jpnptWWYHXU0bF/Zgdow=
Subject key identifier:   BC:F1:A0:A1:2A:45:C5:5B:9C:A8:E1:D2:9A:86:C8:D6:DE:EC:6C:22
Certificate issuer:       /CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Certificate serial:       081C7FB3
Authority key identifier: 2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/vPGgoSpFxVucqOHSmobI1t7sbCI.roa
Signing time:             Sat 01 Jan 2022 04:56:30 +0000
ROA not before:           Sat 01 Jan 2022 04:56:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58002
IP address blocks:        37.208.64.0/20 maxlen: 20
                          77.247.232.0/21 maxlen: 21
                          77.247.237.0/29 maxlen: 29
                          92.241.0.0/19 maxlen: 19
                          2a00:c9c0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136085427 (0x81c7fb3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
        Validity
            Not Before: Jan  1 04:56:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bcf1a0a12a45c55b9ca8e1d29a86c8d6deec6c22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f6:65:12:c5:fb:90:d6:3f:3b:05:07:8a:b5:
                    c6:ae:c7:17:2d:ed:f7:b2:4e:78:e6:ff:e1:9d:0d:
                    45:b5:fa:e7:f9:cb:6a:2b:9b:6c:d0:b2:d3:d5:ca:
                    52:f1:d1:c3:a8:ae:bc:bd:d6:fb:c3:10:48:c4:e2:
                    5c:27:5c:f3:ad:c3:15:c3:27:82:7a:91:c7:cb:b7:
                    e8:7e:3b:34:96:8d:06:97:bf:6a:67:80:56:f4:ed:
                    b1:d4:b8:9f:56:01:47:22:26:9f:e3:cb:bf:fa:ff:
                    4e:8f:a7:e8:1e:8b:c5:9a:e4:a5:df:72:a1:45:a9:
                    2b:e0:97:40:03:27:87:05:53:49:f2:45:3d:68:f5:
                    e6:8c:ab:e6:d7:a5:bc:ef:a8:3f:51:39:7c:e2:05:
                    a5:7f:dc:3d:43:5e:35:27:72:e0:76:d6:e7:5e:62:
                    52:41:04:9f:d3:0d:d1:64:e7:7f:11:f4:48:06:39:
                    cc:ed:9a:87:37:df:02:56:19:cb:ca:e9:93:83:d2:
                    fc:f4:3f:90:8d:b3:c3:5a:94:8d:ae:ce:43:a8:d8:
                    70:e6:9c:b6:60:b7:40:57:bb:26:c2:a6:24:c6:76:
                    7a:d2:a8:66:54:b6:1e:39:e9:7e:57:6f:8e:37:8d:
                    fa:1c:37:da:21:e6:f2:fb:57:5f:f5:64:30:70:02:
                    1d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:F1:A0:A1:2A:45:C5:5B:9C:A8:E1:D2:9A:86:C8:D6:DE:EC:6C:22
            X509v3 Authority Key Identifier:
                keyid:2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/vPGgoSpFxVucqOHSmobI1t7sbCI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.208.64.0/20
                  77.247.232.0/21
                  92.241.0.0/19
                IPv6:
                  2a00:c9c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         ae:7b:26:46:f0:e1:90:2d:de:ea:00:1f:0f:1a:1c:28:44:80:
         77:5c:36:cd:e7:4f:58:9c:4c:0d:e0:24:a0:21:f7:ec:5a:65:
         a8:00:af:ca:47:22:03:14:df:36:f3:07:47:8a:5e:2d:b6:d1:
         d9:d7:5c:08:e3:ed:6e:d8:ae:2e:a4:19:cb:02:87:12:38:5b:
         6a:74:f7:6f:ab:57:db:e9:1c:d0:a8:49:4e:7e:6e:6c:13:80:
         a9:1e:af:bf:09:cc:bd:41:f0:af:f3:1a:a4:cc:e6:4c:a3:57:
         2d:25:e1:25:18:36:36:64:42:c8:41:59:d3:4d:08:48:d1:34:
         6d:7c:5f:2e:f1:e4:32:ff:68:a4:ac:bb:b7:91:8e:5f:27:46:
         cc:10:36:fe:59:51:52:10:0d:39:67:7a:bf:a5:6b:df:ea:49:
         e2:cb:2e:44:90:b3:8b:e8:ba:93:4c:4a:b5:03:af:23:c3:5e:
         73:93:01:d0:d8:2f:2b:73:b6:ff:ee:e2:de:25:91:0b:e2:72:
         32:ec:9f:7b:0a:15:15:bf:ae:f6:e6:31:f2:84:4c:bf:ee:64:
         9d:c8:e8:3d:03:70:f6:25:9a:05:d2:0a:66:41:8b:79:98:73:
         2a:91:6b:07:4d:66:76:bb:d4:77:c5:00:87:e3:35:5d:78:3b:
         4d:23:69:91
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECBx/szANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWVlYzUyMzFkMjEyYjMxMDU3OWQ3OGZjNDE0NzljYTZlYzJhYTA3MB4XDTIyMDEw
MTA0NTYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmNmMWEwYTEyYTQ1
YzU1YjljYThlMWQyOWE4NmM4ZDZkZWVjNmMyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKj2ZRLF+5DWPzsFB4q1xq7HFy3t97JOeOb/4Z0NRbX65/nL
aiubbNCy09XKUvHRw6iuvL3W+8MQSMTiXCdc863DFcMngnqRx8u36H47NJaNBpe/
ameAVvTtsdS4n1YBRyImn+PLv/r/To+n6B6LxZrkpd9yoUWpK+CXQAMnhwVTSfJF
PWj15oyr5telvO+oP1E5fOIFpX/cPUNeNSdy4HbW515iUkEEn9MN0WTnfxH0SAY5
zO2ahzffAlYZy8rpk4PS/PQ/kI2zw1qUja7OQ6jYcOactmC3QFe7JsKmJMZ2etKo
ZlS2HjnpfldvjjeN+hw32iHm8vtXX/VkMHACHRMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBS88aChKkXFW5yo4dKahsjW3uxsIjAfBgNVHSMEGDAWgBQu7sUjHSErMQV5
14/EFHnKbsKqBzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x1N0ZJeDBoS3pFRmVkZVB4QlI1eW03Q3FnYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvOGI4NTZhLTM4YWUtNGNmYi04MWQyLTI3MWE5NTc2ZWFlNy8x
L3ZQR2dvU3BGeFZ1Y3FPSFNtb2JJMXQ3c2JDSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
OGI4NTZhLTM4YWUtNGNmYi04MWQyLTI3MWE5NTc2ZWFlNy8xL0x1N0ZJeDBoS3pF
RmVkZVB4QlI1eW03Q3FnYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBCXQQAMEA0336AMEBVzxADANBAIA
AjAHAwUAKgDJwDANBgkqhkiG9w0BAQsFAAOCAQEArnsmRvDhkC3e6gAfDxocKESA
d1w2zedPWJxMDeAkoCH37FplqACvykciAxTfNvMHR4peLbbR2ddcCOPtbtiuLqQZ
ywKHEjhbanT3b6tX2+kc0KhJTn5ubBOAqR6vvwnMvUHwr/MapMzmTKNXLSXhJRg2
NmRCyEFZ000ISNE0bXxfLvHkMv9opKy7t5GOXydGzBA2/llRUhANOWd6v6Vr3+pJ
4ssuRJCzi+i6k0xKtQOvI8Nec5MB0NgvK3O2/+7i3iWRC+JyMuyfewoVFb+u9uYx
8oRMv+5kncjoPQNw9iWaBdIKZkGLeZhzKpFrB01mdrvUd8UAh+M1XXg7TSNpkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:09 2024 by rpki-client on console-fra.rpki-client.org