Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/1-1BsnzoueUmuc1DSTuNgFiiLH3k.roa
File:                     1-1BsnzoueUmuc1DSTuNgFiiLH3k.roa (raw, json)
Hash identifier:          nfD6aXxHRF4MplBOfFlxRKwOIauDaz77aT3M1dYTt60=
Subject key identifier:   FB:50:6C:9F:3A:2E:79:49:AE:73:50:D2:4E:E3:60:16:28:8B:1F:79
Certificate issuer:       /CN=752b0d72bf0743bf2cdc78ba1f53e9a988f9af1e
Certificate serial:       064379B8
Authority key identifier: 75:2B:0D:72:BF:07:43:BF:2C:DC:78:BA:1F:53:E9:A9:88:F9:AF:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/1-1BsnzoueUmuc1DSTuNgFiiLH3k.roa
Signing time:             Sat 01 Jan 2022 14:08:02 +0000
ROA not before:           Sat 01 Jan 2022 14:08:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205913
IP address blocks:        185.202.76.0/24 maxlen: 24
                          185.202.77.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 105085368 (0x64379b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=752b0d72bf0743bf2cdc78ba1f53e9a988f9af1e
        Validity
            Not Before: Jan  1 14:08:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb506c9f3a2e7949ae7350d24ee36016288b1f79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:80:62:cf:c6:e9:b4:21:59:02:fc:eb:3e:12:
                    0b:15:56:35:76:bd:f0:ad:9e:ef:f1:a8:b8:10:15:
                    04:d0:80:51:98:b8:55:ca:fa:94:47:89:75:f0:f7:
                    80:57:44:52:e4:db:34:dc:73:43:8e:49:f3:dc:a3:
                    02:5a:ce:07:c4:eb:72:67:19:fe:4d:a7:5c:69:d8:
                    ee:9e:c9:1f:ba:87:c6:c0:df:1b:5b:31:19:a0:58:
                    57:51:4f:f5:b2:8a:f9:b9:a2:4f:00:09:58:3b:f8:
                    80:04:ff:92:e3:2d:9a:0f:00:81:dc:9f:0a:a5:e0:
                    ee:9d:8a:59:8f:f8:30:b0:b5:36:d8:46:cc:9a:69:
                    1b:f5:f6:bd:50:c1:17:1a:e6:54:e8:57:2e:09:e5:
                    41:3b:9d:6c:d1:33:2c:1b:55:c7:af:03:00:d3:d2:
                    cf:04:02:df:20:f0:ac:50:79:6f:21:02:51:5d:c7:
                    e8:c1:ef:ed:b1:de:bf:2b:69:5a:ec:06:65:79:43:
                    57:ff:f7:6c:6f:17:11:3e:3f:c1:61:ec:0d:2c:6c:
                    16:48:6e:54:8b:ee:e0:7a:85:85:6b:1a:58:7c:9b:
                    c6:2c:36:bb:94:15:98:70:d2:21:ae:8b:68:9f:4d:
                    02:fe:c5:98:5c:45:43:db:d4:39:b6:0d:8d:a3:db:
                    ca:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:50:6C:9F:3A:2E:79:49:AE:73:50:D2:4E:E3:60:16:28:8B:1F:79
            X509v3 Authority Key Identifier:
                keyid:75:2B:0D:72:BF:07:43:BF:2C:DC:78:BA:1F:53:E9:A9:88:F9:AF:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/1-1BsnzoueUmuc1DSTuNgFiiLH3k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.202.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bf:32:8f:3d:f8:41:5a:e1:37:7e:48:8b:67:bd:a9:80:7b:73:
         e6:d3:4e:cb:0f:5a:15:37:7c:f6:f3:13:b4:dd:b2:4e:06:43:
         2c:fb:88:f5:91:0d:5e:b1:68:e5:b4:9a:5e:87:42:de:dc:1d:
         b7:c8:93:ea:58:b4:9b:c9:1b:87:8d:59:e3:df:38:20:47:57:
         82:d4:9b:b6:60:d4:4c:88:50:e5:27:6e:f3:ee:cf:db:74:bc:
         5d:ca:b2:93:d9:a1:f6:9e:90:a4:0f:89:97:60:e6:7b:3d:74:
         20:57:f0:62:54:f3:96:72:ec:60:97:d6:b9:46:2a:dd:bc:dc:
         c6:3c:f7:48:dd:42:0f:1e:31:1a:41:ed:ad:c9:00:2a:c0:f1:
         15:97:22:7a:3d:87:0a:15:6d:09:cd:90:b5:ca:ab:04:01:90:
         3e:40:dd:0a:49:85:06:41:21:d3:1f:d8:0b:00:09:2c:0b:ca:
         f9:9b:65:07:8a:3a:51:c5:20:5b:23:de:38:09:44:c2:ce:53:
         c3:10:b1:f8:e1:89:1e:7e:12:73:c7:eb:26:2b:82:1e:cc:38:
         78:37:be:72:95:59:b2:cd:4a:d1:ec:6b:c3:08:76:b1:37:e1:
         7d:c4:18:4b:22:ed:44:77:0b:66:b1:c5:17:d3:7b:73:48:ce:
         5b:2a:36:b4
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBkN5uDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTJiMGQ3MmJmMDc0M2JmMmNkYzc4YmExZjUzZTlhOTg4ZjlhZjFlMB4XDTIyMDEw
MTE0MDgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI1MDZjOWYzYTJl
Nzk0OWFlNzM1MGQyNGVlMzYwMTYyODhiMWY3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmAYs/G6bQhWQL86z4SCxVWNXa98K2e7/GouBAVBNCAUZi4
Vcr6lEeJdfD3gFdEUuTbNNxzQ45J89yjAlrOB8TrcmcZ/k2nXGnY7p7JH7qHxsDf
G1sxGaBYV1FP9bKK+bmiTwAJWDv4gAT/kuMtmg8AgdyfCqXg7p2KWY/4MLC1NthG
zJppG/X2vVDBFxrmVOhXLgnlQTudbNEzLBtVx68DANPSzwQC3yDwrFB5byECUV3H
6MHv7bHevytpWuwGZXlDV//3bG8XET4/wWHsDSxsFkhuVIvu4HqFhWsaWHybxiw2
u5QVmHDSIa6LaJ9NAv7FmFxFQ9vUObYNjaPbypECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT7UGyfOi55Sa5zUNJO42AWKIsfeTAfBgNVHSMEGDAWgBR1Kw1yvwdDvyzc
eLofU+mpiPmvHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RTc05jcjhIUTc4czNIaTZIMVBwcVlqNXJ4NC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvM2FiYTdlLTFkNTAtNDcyZi04ZGI3LTY5MTIxOTIxMzRlOS8x
LzEtMUJzbnpvdWVVbXVjMURTVHVOZ0ZpaUxIM2sucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgw
LzNhYmE3ZS0xZDUwLTQ3MmYtOGRiNy02OTEyMTkyMTM0ZTkvMS9kU3NOY3I4SFE3
OHMzSGk2SDFQcHFZajVyeDQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG5ykwwDQYJKoZIhvcNAQELBQAD
ggEBAL8yjz34QVrhN35Ii2e9qYB7c+bTTssPWhU3fPbzE7Tdsk4GQyz7iPWRDV6x
aOW0ml6HQt7cHbfIk+pYtJvJG4eNWePfOCBHV4LUm7Zg1EyIUOUnbvPuz9t0vF3K
spPZofaekKQPiZdg5ns9dCBX8GJU85Zy7GCX1rlGKt283MY890jdQg8eMRpB7a3J
ACrA8RWXIno9hwoVbQnNkLXKqwQBkD5A3QpJhQZBIdMf2AsACSwLyvmbZQeKOlHF
IFsj3jgJRMLOU8MQsfjhiR5+EnPH6yYrgh7MOHg3vnKVWbLNStHsa8MIdrE34X3E
GEsi7UR3C2axxRfTe3NIzlsqNrQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org