Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/fd4U7GjwW5Fj70obNc2oHqOownE.roa
File:                     fd4U7GjwW5Fj70obNc2oHqOownE.roa (raw, json)
Hash identifier:          AncK3R1um5kD1tjI3Q12XvKCJbGCKSAuzXgdB2xDpUk=
Subject key identifier:   7D:DE:14:EC:68:F0:5B:91:63:EF:4A:1B:35:CD:A8:1E:A3:A8:C2:71
Certificate issuer:       /CN=c276a8ba874c3fbddad344d03258b3e2c04d7bcb
Certificate serial:       BAA598
Authority key identifier: C2:76:A8:BA:87:4C:3F:BD:DA:D3:44:D0:32:58:B3:E2:C0:4D:7B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wnaouodMP73a00TQMliz4sBNe8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/fd4U7GjwW5Fj70obNc2oHqOownE.roa
Signing time:             Sat 01 Jan 2022 06:56:31 +0000
ROA not before:           Sat 01 Jan 2022 06:56:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206380
IP address blocks:        185.188.27.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12232088 (0xbaa598)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c276a8ba874c3fbddad344d03258b3e2c04d7bcb
        Validity
            Not Before: Jan  1 06:56:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7dde14ec68f05b9163ef4a1b35cda81ea3a8c271
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7f:73:5c:88:67:18:4b:68:84:97:ed:aa:42:
                    9b:4a:a6:36:4b:c0:63:fc:50:3f:ed:f4:1f:bc:f6:
                    13:f6:5b:d0:9a:40:ac:61:a6:63:65:01:37:c8:23:
                    ac:c8:b4:51:45:a4:1f:91:01:2e:a6:f3:19:b7:81:
                    b6:c5:ae:2c:dd:b1:e6:b8:7e:c7:35:85:46:62:e5:
                    3a:54:ec:a9:55:28:f5:de:fe:db:44:a2:6f:f6:59:
                    14:0d:3f:6a:06:ef:33:f5:92:35:4e:21:69:16:58:
                    a8:e4:73:b9:43:82:f6:f8:d9:c3:be:f5:7c:56:40:
                    ea:0f:3e:a2:e4:be:c9:8e:b9:96:28:70:9c:ea:a3:
                    3c:11:f2:0b:8e:70:2e:b7:04:da:bc:b3:86:f9:af:
                    5d:80:82:d5:a5:04:c9:a6:9a:aa:75:2c:a7:c2:a4:
                    d8:86:45:c0:fa:20:ad:70:0b:17:60:c3:e1:24:b1:
                    9f:40:56:5f:58:b5:ae:2b:18:74:79:4e:de:7a:98:
                    90:fc:df:14:06:83:2f:d7:7a:31:76:af:27:14:a7:
                    31:ff:18:60:54:f4:53:ea:4f:05:6c:99:3a:5f:3d:
                    89:73:39:c5:c5:2d:c0:b6:40:69:87:02:b8:f8:de:
                    f3:ba:8c:d3:3c:f0:2f:f3:be:ec:53:bf:34:63:3a:
                    48:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:DE:14:EC:68:F0:5B:91:63:EF:4A:1B:35:CD:A8:1E:A3:A8:C2:71
            X509v3 Authority Key Identifier:
                keyid:C2:76:A8:BA:87:4C:3F:BD:DA:D3:44:D0:32:58:B3:E2:C0:4D:7B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnaouodMP73a00TQMliz4sBNe8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/fd4U7GjwW5Fj70obNc2oHqOownE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/wnaouodMP73a00TQMliz4sBNe8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.188.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:6c:0d:fb:52:b2:0d:5c:7b:52:66:3e:ad:b7:23:ef:4c:1c:
         dc:03:82:0c:e3:e5:78:af:ed:da:b6:d5:b6:f6:33:5c:de:5b:
         9b:2f:9e:59:cf:52:ca:84:57:e7:d2:02:76:63:ba:9a:3d:19:
         5c:a8:77:d5:78:d4:df:00:eb:24:48:69:6a:04:04:be:1a:5d:
         3e:49:1f:92:93:97:7d:9a:89:10:a1:24:ea:8b:59:17:08:5e:
         6c:45:d0:79:f0:03:d3:ae:89:fe:e3:13:77:bc:e8:ff:04:63:
         1d:f2:7f:73:16:44:90:09:d4:95:64:ba:ef:49:e5:3f:27:c5:
         e7:47:1f:97:c5:28:65:4b:33:50:16:fe:0d:3e:a2:18:75:f9:
         99:74:2d:24:10:c1:64:8f:fa:eb:f6:0c:50:70:5c:06:b9:61:
         64:01:ac:75:7a:23:4a:bc:00:fe:ff:ea:34:45:64:a4:02:37:
         5d:94:a5:ee:af:a1:1b:59:4e:73:ed:72:f6:95:47:a0:2f:86:
         d2:fe:bb:23:8e:c4:25:3b:d9:ce:c3:1e:3d:08:0a:ef:13:e0:
         35:7c:c1:e7:c0:4d:7d:16:54:49:7c:67:9c:1d:e9:de:dd:11:
         f9:74:ff:14:4e:3d:13:fb:89:0f:e8:c4:d4:01:5d:07:c2:81:
         60:d0:c1:4c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALqlmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc2YThiYTg3NGMzZmJkZGFkMzQ0ZDAzMjU4YjNlMmMwNGQ3YmNiMB4XDTIyMDEw
MTA2NTYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RkZTE0ZWM2OGYw
NWI5MTYzZWY0YTFiMzVjZGE4MWVhM2E4YzI3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALh/c1yIZxhLaISX7apCm0qmNkvAY/xQP+30H7z2E/Zb0JpA
rGGmY2UBN8gjrMi0UUWkH5EBLqbzGbeBtsWuLN2x5rh+xzWFRmLlOlTsqVUo9d7+
20Sib/ZZFA0/agbvM/WSNU4haRZYqORzuUOC9vjZw771fFZA6g8+ouS+yY65lihw
nOqjPBHyC45wLrcE2ryzhvmvXYCC1aUEyaaaqnUsp8Kk2IZFwPogrXALF2DD4SSx
n0BWX1i1risYdHlO3nqYkPzfFAaDL9d6MXavJxSnMf8YYFT0U+pPBWyZOl89iXM5
xcUtwLZAaYcCuPje87qM0zzwL/O+7FO/NGM6SFcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR93hTsaPBbkWPvShs1zageo6jCcTAfBgNVHSMEGDAWgBTCdqi6h0w/vdrT
RNAyWLPiwE17yzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duYW91b2RNUDczYTAwVFFNbGl6NHNCTmU4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvNzcyY2JjLTdlNjktNGM5MS04NmEzLTM2NjFiMWViYmNmYi8x
L2ZkNFU3R2p3VzVGajcwb2JOYzJvSHFPb3duRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
NzcyY2JjLTdlNjktNGM5MS04NmEzLTM2NjFiMWViYmNmYi8xL3duYW91b2RNUDcz
YTAwVFFNbGl6NHNCTmU4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm8GzANBgkqhkiG9w0BAQsFAAOC
AQEAtGwN+1KyDVx7UmY+rbcj70wc3AOCDOPleK/t2rbVtvYzXN5bmy+eWc9SyoRX
59ICdmO6mj0ZXKh31XjU3wDrJEhpagQEvhpdPkkfkpOXfZqJEKEk6otZFwhebEXQ
efAD066J/uMTd7zo/wRjHfJ/cxZEkAnUlWS670nlPyfF50cfl8UoZUszUBb+DT6i
GHX5mXQtJBDBZI/66/YMUHBcBrlhZAGsdXojSrwA/v/qNEVkpAI3XZSl7q+hG1lO
c+1y9pVHoC+G0v67I47EJTvZzsMePQgK7xPgNXzB58BNfRZUSXxnnB3p3t0R+XT/
FE49E/uJD+jE1AFdB8KBYNDBTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:22 2024 by rpki-client on console-fra.rpki-client.org