Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/dTUrW0KnCfNCSFz1lhmgZnL6lmA.roa
File:                     dTUrW0KnCfNCSFz1lhmgZnL6lmA.roa (raw, json)
Hash identifier:          OraYVKbaHmfnHKv60yiHOj6Dn2qdD/AnFvVbvHSDcMw=
Subject key identifier:   75:35:2B:5B:42:A7:09:F3:42:48:5C:F5:96:19:A0:66:72:FA:96:60
Certificate issuer:       /CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Certificate serial:       0B1CAD1D
Authority key identifier: 73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/dTUrW0KnCfNCSFz1lhmgZnL6lmA.roa
Signing time:             Thu 14 Apr 2022 06:34:41 +0000
ROA not before:           Thu 14 Apr 2022 06:34:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43391
IP address blocks:        185.80.72.0/24 maxlen: 24
                          77.223.132.0/24 maxlen: 24
                          77.223.128.0/19 maxlen: 24
                          77.223.136.0/24 maxlen: 24
                          77.223.135.0/24 maxlen: 24
                          77.223.143.0/24 maxlen: 24
                          93.187.200.0/21 maxlen: 21
                          93.187.206.0/24 maxlen: 24
                          93.187.205.0/24 maxlen: 24
                          93.187.207.0/24 maxlen: 24
                          195.244.32.0/19 maxlen: 24
                          195.244.33.0/24 maxlen: 24
                          77.223.148.0/23 maxlen: 23
                          77.223.152.0/24 maxlen: 24
                          77.223.158.0/24 maxlen: 24
                          77.223.153.0/24 maxlen: 24
                          77.223.156.0/24 maxlen: 24
                          77.223.154.0/24 maxlen: 24
                          91.191.160.0/20 maxlen: 24
                          91.191.171.0/24 maxlen: 24
                          91.191.170.0/24 maxlen: 24
                          91.191.168.0/21 maxlen: 21
                          78.40.224.0/21 maxlen: 21
                          2a0a:be80::/29 maxlen: 29
                          2a01:aac0::/32 maxlen: 32
                          2a0a:be80::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 186428701 (0xb1cad1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
        Validity
            Not Before: Apr 14 06:34:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75352b5b42a709f342485cf59619a06672fa9660
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:52:d9:43:29:b4:7c:a7:2d:4d:c3:fa:0b:e0:
                    ec:96:ae:d0:fd:f9:73:11:1e:05:69:52:a4:de:d7:
                    a2:fe:58:15:b9:4f:df:76:d0:0b:5a:a1:c8:85:46:
                    9e:1a:4a:39:34:56:73:ae:31:b5:61:62:1b:86:8e:
                    38:12:5a:c8:a9:3e:a3:c7:46:20:3b:01:cd:7c:4d:
                    af:55:66:0b:bb:f3:f4:82:7a:34:2b:fa:c8:36:59:
                    2e:a9:10:bf:a5:ea:d9:36:85:50:8f:42:4a:29:55:
                    d0:f5:9e:6f:c8:59:45:a6:d6:02:13:f5:53:22:45:
                    03:b4:ba:54:fd:c2:14:8a:5f:97:53:cd:c5:bb:90:
                    ae:a8:fe:99:cb:b2:ac:64:ce:22:de:9e:fa:2a:8d:
                    46:72:7e:23:e0:fa:d6:d4:2c:98:cd:d8:84:1f:ae:
                    54:7b:96:f4:71:3d:5b:ea:75:0f:98:b0:27:17:f6:
                    4c:68:0a:e7:1a:98:50:6b:b1:26:10:b9:75:21:88:
                    aa:a4:63:da:f5:df:13:ce:76:cd:ce:dc:d8:18:bf:
                    83:40:50:ea:ee:1c:7a:85:bf:87:35:ea:df:57:92:
                    e9:a0:17:41:de:a3:f0:07:cf:df:42:d8:29:fc:fe:
                    6b:4e:49:8a:b5:9f:8b:42:69:52:5c:81:f7:f6:d1:
                    7a:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:35:2B:5B:42:A7:09:F3:42:48:5C:F5:96:19:A0:66:72:FA:96:60
            X509v3 Authority Key Identifier:
                keyid:73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/dTUrW0KnCfNCSFz1lhmgZnL6lmA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/cwLNwp_coJ6aDz99IRPahafh1lQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.223.128.0/19
                  78.40.224.0/21
                  91.191.160.0/20
                  93.187.200.0/21
                  185.80.72.0/24
                  195.244.32.0/19
                IPv6:
                  2a01:aac0::/32
                  2a0a:be80::/29

    Signature Algorithm: sha256WithRSAEncryption
         53:cc:71:00:01:99:d3:54:53:78:2f:fa:3e:97:b1:91:05:c1:
         03:c3:f9:07:91:7b:43:47:89:78:52:61:af:f7:8b:7a:38:9f:
         a7:ce:fd:5a:86:55:14:82:b4:02:44:91:15:60:62:61:3f:e5:
         72:f2:0f:9c:3a:0e:94:74:43:ba:b9:4d:72:cb:89:ce:4e:1c:
         a4:a0:06:f0:7a:1c:a6:5d:82:0f:06:67:3d:a1:d5:7a:38:b1:
         a7:2b:ca:03:6f:26:58:50:fa:14:73:06:2b:dc:b1:52:42:f2:
         27:1b:76:77:15:80:10:7f:41:07:35:05:ef:00:55:7d:07:8c:
         94:06:c3:07:4d:50:00:4e:52:9c:a1:d3:cd:04:60:4f:9d:b3:
         06:50:18:51:6b:ee:e1:a2:3a:1e:84:12:19:19:ad:15:1f:d2:
         f1:44:f8:99:7c:b1:4d:1f:ed:e7:8d:d6:66:62:43:9b:44:6d:
         3e:30:94:c0:a5:f3:0f:6d:b8:6d:e8:66:f9:fb:38:c1:22:54:
         bc:8f:76:f5:3b:1a:01:00:02:52:6a:1a:67:3c:a1:6d:2d:46:
         31:b0:da:6c:e6:82:cf:b0:5d:5c:f5:53:55:d4:90:68:4d:42:
         4c:2d:f5:b7:28:7f:27:ba:37:4e:65:f1:f7:05:89:ee:cb:1a:
         59:00:e8:18
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIECxytHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzAyY2RjMjlmZGNhMDllOWEwZjNmN2QyMTEzZGE4NWE3ZTFkNjU0MB4XDTIyMDQx
NDA2MzQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzUzNTJiNWI0MmE3
MDlmMzQyNDg1Y2Y1OTYxOWEwNjY3MmZhOTY2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpS2UMptHynLU3D+gvg7Jau0P35cxEeBWlSpN7Xov5YFblP
33bQC1qhyIVGnhpKOTRWc64xtWFiG4aOOBJayKk+o8dGIDsBzXxNr1VmC7vz9IJ6
NCv6yDZZLqkQv6Xq2TaFUI9CSilV0PWeb8hZRabWAhP1UyJFA7S6VP3CFIpfl1PN
xbuQrqj+mcuyrGTOIt6e+iqNRnJ+I+D61tQsmM3YhB+uVHuW9HE9W+p1D5iwJxf2
TGgK5xqYUGuxJhC5dSGIqqRj2vXfE852zc7c2Bi/g0BQ6u4ceoW/hzXq31eS6aAX
Qd6j8AfP30LYKfz+a05JirWfi0JpUlyB9/bRevkCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBR1NStbQqcJ80JIXPWWGaBmcvqWYDAfBgNVHSMEGDAWgBRzAs3Cn9ygnpoP
P30hE9qFp+HWVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2N3TE53cF9jb0o2YUR6OTlJUlBhaGFmaDFsUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvNzcyMTdkLTgxNGItNDg2YS04ZWYyLWZlMDMzM2VkMDA1Zi8x
L2RUVXJXMEtuQ2ZOQ1NGejFsaG1nWm5MNmxtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
NzcyMTdkLTgxNGItNDg2YS04ZWYyLWZlMDMzM2VkMDA1Zi8xL2N3TE53cF9jb0o2
YUR6OTlJUlBhaGFmaDFsUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAMEBU3fgAMEA04o4AMEBFu/oAMEA127
yAMEALlQSAMEBcP0IDAUBAIAAjAOAwUAKgGqwAMFAyoKvoAwDQYJKoZIhvcNAQEL
BQADggEBAFPMcQABmdNUU3gv+j6XsZEFwQPD+QeRe0NHiXhSYa/3i3o4n6fO/VqG
VRSCtAJEkRVgYmE/5XLyD5w6DpR0Q7q5TXLLic5OHKSgBvB6HKZdgg8GZz2h1Xo4
sacrygNvJlhQ+hRzBivcsVJC8icbdncVgBB/QQc1Be8AVX0HjJQGwwdNUABOUpyh
080EYE+dswZQGFFr7uGiOh6EEhkZrRUf0vFE+Jl8sU0f7eeN1mZiQ5tEbT4wlMCl
8w9tuG3oZvn7OMEiVLyPdvU7GgEAAlJqGmc8oW0tRjGw2mzmgs+wXVz1U1XUkGhN
Qkwt9bcofye6N05l8fcFie7LGlkA6Bg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:05 2024 by rpki-client on console-ams.rpki-client.org