Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/mGCzOxtd_ewFCa-Q-xhvJG4Lhsc.roa
File:                     mGCzOxtd_ewFCa-Q-xhvJG4Lhsc.roa (raw, json)
Hash identifier:          Y3tPsyV2l/jWEFnrsqPskwDLmixEW8bD6/5o9sWpbsU=
Subject key identifier:   98:60:B3:3B:1B:5D:FD:EC:05:09:AF:90:FB:18:6F:24:6E:0B:86:C7
Certificate issuer:       /CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Certificate serial:       01851C9D1715C027E885F9516F43FEC58501
Authority key identifier: 73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/mGCzOxtd_ewFCa-Q-xhvJG4Lhsc.roa
Signing time:             Fri 16 Dec 2022 20:25:35 +0000
ROA not before:           Fri 16 Dec 2022 20:25:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43391
IP address blocks:        185.80.72.0/24 maxlen: 24
                          77.223.132.0/24 maxlen: 24
                          77.223.128.0/19 maxlen: 24
                          77.223.136.0/24 maxlen: 24
                          77.223.135.0/24 maxlen: 24
                          77.223.143.0/24 maxlen: 24
                          93.187.200.0/21 maxlen: 21
                          93.187.206.0/24 maxlen: 24
                          93.187.205.0/24 maxlen: 24
                          93.187.204.0/24 maxlen: 24
                          93.187.207.0/24 maxlen: 24
                          195.244.32.0/19 maxlen: 24
                          195.244.33.0/24 maxlen: 24
                          77.223.148.0/23 maxlen: 23
                          77.223.152.0/24 maxlen: 24
                          77.223.158.0/24 maxlen: 24
                          77.223.153.0/24 maxlen: 24
                          77.223.156.0/24 maxlen: 24
                          77.223.154.0/24 maxlen: 24
                          91.191.160.0/20 maxlen: 24
                          91.191.171.0/24 maxlen: 24
                          91.191.170.0/24 maxlen: 24
                          91.191.168.0/21 maxlen: 21
                          78.40.224.0/24 maxlen: 24
                          78.40.224.0/21 maxlen: 21
                          2a0a:be80::/29 maxlen: 29
                          2a01:aac0::/32 maxlen: 32
                          2a0a:be80::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1c:9d:17:15:c0:27:e8:85:f9:51:6f:43:fe:c5:85:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
        Validity
            Not Before: Dec 16 20:25:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9860b33b1b5dfdec0509af90fb186f246e0b86c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:dd:68:c2:d2:f6:58:27:3e:ac:3e:e6:8c:2b:
                    4c:e7:d7:e5:4e:76:a5:15:e8:19:2a:2f:24:8b:1d:
                    b9:15:65:2f:c7:a3:61:9a:6c:11:d5:98:95:17:78:
                    b9:fb:bd:04:93:f2:40:5e:41:39:56:83:51:94:e2:
                    75:2e:94:03:17:e8:ba:94:8a:ff:cf:e2:4d:9e:66:
                    da:79:66:34:fe:82:d7:0e:20:a4:b0:f8:df:3c:c9:
                    c1:31:84:8c:66:59:f9:16:65:8a:b0:61:cd:a4:bb:
                    ce:4d:86:3b:cc:cb:21:fc:b5:0f:e6:52:c1:9f:f8:
                    42:68:c7:57:9e:e6:57:d9:e3:d1:d5:28:f0:e1:d8:
                    6e:6a:8a:f5:18:03:f3:d0:97:67:0c:fb:eb:ea:b9:
                    12:84:fc:63:20:69:03:fc:3a:fe:60:3c:b7:91:53:
                    5c:8a:b9:c8:ab:72:96:a9:01:a0:3a:9d:67:90:88:
                    ee:c4:88:93:33:79:6d:2e:c3:a5:39:cc:0e:37:c5:
                    83:13:15:97:79:d9:57:c9:b6:0c:0a:49:e5:06:56:
                    f3:ee:8c:3a:7e:b2:60:1d:db:43:85:32:1b:fb:72:
                    1b:a2:35:60:ad:7e:76:76:f6:63:5a:fd:0c:0b:e5:
                    65:14:b3:f8:52:25:ae:08:36:d9:1a:51:a2:67:5c:
                    87:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:60:B3:3B:1B:5D:FD:EC:05:09:AF:90:FB:18:6F:24:6E:0B:86:C7
            X509v3 Authority Key Identifier:
                keyid:73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/mGCzOxtd_ewFCa-Q-xhvJG4Lhsc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/cwLNwp_coJ6aDz99IRPahafh1lQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.223.128.0/19
                  78.40.224.0/21
                  91.191.160.0/20
                  93.187.200.0/21
                  185.80.72.0/24
                  195.244.32.0/19
                IPv6:
                  2a01:aac0::/32
                  2a0a:be80::/29

    Signature Algorithm: sha256WithRSAEncryption
         6f:ca:d8:d3:78:ff:7f:ab:2c:68:26:1a:8c:9a:c6:26:c9:ee:
         a0:aa:06:08:86:04:80:fb:23:cb:fe:4d:4b:75:f7:00:ba:0f:
         c7:d0:ce:22:0b:07:b9:d6:26:8c:be:8f:7b:be:44:5b:72:b2:
         95:17:bf:19:8b:9c:8b:f8:15:76:6c:7a:76:b7:c3:44:90:8e:
         5d:6d:2a:bc:68:5d:7d:03:b6:9c:55:fb:db:ba:dc:e8:e3:3a:
         5b:98:80:d9:13:f3:8e:37:b5:19:24:62:9c:60:2c:ec:00:3f:
         16:df:4d:9c:4e:81:28:48:2b:a8:95:89:d8:63:0f:89:66:b1:
         17:1f:2f:2b:22:40:9f:d2:0a:73:cd:77:56:dc:22:a2:0a:fb:
         08:da:b2:82:ee:a8:4d:6e:00:d1:86:23:7c:16:b0:75:98:31:
         9c:33:50:a6:96:91:66:5a:ed:27:05:9d:90:c9:94:07:89:d3:
         5e:57:2a:ee:ab:a4:ec:aa:64:61:41:a5:0b:bc:90:86:b6:73:
         30:34:ca:76:da:df:65:ef:ad:8b:74:ea:a4:21:45:a9:b5:93:
         2d:11:7b:8c:0f:fb:c1:a2:52:11:f0:b1:35:2f:89:3c:56:28:
         15:46:f8:8e:8f:95:1e:ad:e9:29:a4:46:bf:17:ad:b9:97:3d:
         c1:ad:aa:e3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYUcnRcVwCfohflRb0P+xYUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMDJjZGMyOWZkY2EwOWU5YTBmM2Y3ZDIxMTNkYTg1YTdl
MWQ2NTQwHhcNMjIxMjE2MjAyNTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODYwYjMzYjFiNWRmZGVjMDUwOWFmOTBmYjE4NmYyNDZlMGI4NmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt1owtL2WCc+rD7mjCtM59flTnal
FegZKi8kix25FWUvx6NhmmwR1ZiVF3i5+70Ek/JAXkE5VoNRlOJ1LpQDF+i6lIr/
z+JNnmbaeWY0/oLXDiCksPjfPMnBMYSMZln5FmWKsGHNpLvOTYY7zMsh/LUP5lLB
n/hCaMdXnuZX2ePR1Sjw4dhuaor1GAPz0JdnDPvr6rkShPxjIGkD/Dr+YDy3kVNc
irnIq3KWqQGgOp1nkIjuxIiTM3ltLsOlOcwON8WDExWXedlXybYMCknlBlbz7ow6
frJgHdtDhTIb+3IbojVgrX52dvZjWv0MC+VlFLP4UiWuCDbZGlGiZ1yHfQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJhgszsbXf3sBQmvkPsYbyRuC4bHMB8GA1UdIwQY
MBaAFHMCzcKf3KCemg8/fSET2oWn4dZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjIt
ZmUwMzMzZWQwMDVmLzEvbUdDek94dGRfZXdGQ2EtUS14aHZKRzRMaHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjItZmUwMzMzZWQwMDVm
LzEvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQFTd+AAwQD
TijgAwQEW7+gAwQDXbvIAwQAuVBIAwQFw/QgMBQEAgACMA4DBQAqAarAAwUDKgq+
gDANBgkqhkiG9w0BAQsFAAOCAQEAb8rY03j/f6ssaCYajJrGJsnuoKoGCIYEgPsj
y/5NS3X3ALoPx9DOIgsHudYmjL6Pe75EW3KylRe/GYuci/gVdmx6drfDRJCOXW0q
vGhdfQO2nFX727rc6OM6W5iA2RPzjje1GSRinGAs7AA/Ft9NnE6BKEgrqJWJ2GMP
iWaxFx8vKyJAn9IKc813Vtwiogr7CNqygu6oTW4A0YYjfBawdZgxnDNQppaRZlrt
JwWdkMmUB4nTXlcq7quk7KpkYUGlC7yQhrZzMDTKdtrfZe+ti3TqpCFFqbWTLRF7
jA/7waJSEfCxNS+JPFYoFUb4jo+VHq3pKaRGvxetuZc9wa2q4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:10 2024 by rpki-client on console-fra.rpki-client.org