Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/64JD3A1AMHQoqtRFzNWoxYOjzP8.roa
File:                     64JD3A1AMHQoqtRFzNWoxYOjzP8.roa (raw, json)
Hash identifier:          6HexIIDehnKCDoB2LXhK/aCFgolPf9pkYeMf3h8EXAM=
Subject key identifier:   EB:82:43:DC:0D:40:30:74:28:AA:D4:45:CC:D5:A8:C5:83:A3:CC:FF
Certificate issuer:       /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial:       0182EE74B773458CD4245A3188FCC2678CDE
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/64JD3A1AMHQoqtRFzNWoxYOjzP8.roa
Signing time:             Tue 30 Aug 2022 11:13:22 +0000
ROA not before:           Tue 30 Aug 2022 11:13:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210644
IP address blocks:        77.73.131.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ee:74:b7:73:45:8c:d4:24:5a:31:88:fc:c2:67:8c:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
        Validity
            Not Before: Aug 30 11:13:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eb8243dc0d40307428aad445ccd5a8c583a3ccff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ff:de:d6:f6:ca:f7:e7:53:62:99:c3:6f:72:
                    1b:f0:8e:32:19:8f:6b:1f:db:c2:5f:d9:ef:6c:b1:
                    d8:8b:c6:86:73:3b:43:a7:70:44:0e:0e:87:ce:7d:
                    db:51:c1:29:f4:f9:9e:53:46:e5:89:ea:61:14:2f:
                    94:a4:c8:91:e6:81:c0:45:6e:2a:98:47:9d:79:62:
                    66:47:80:d7:d0:23:a8:e7:9e:d9:9f:9d:e4:00:59:
                    ae:02:fd:62:b4:d2:b0:eb:4b:90:97:ac:2b:89:ef:
                    72:37:dc:7e:f2:b9:d5:e1:2a:9a:f7:5f:a9:c0:6d:
                    3a:ad:44:38:12:a2:f2:b5:72:b1:90:5c:c8:92:c0:
                    73:a1:1e:74:3f:02:05:e2:39:5f:95:21:e8:6e:76:
                    e9:eb:f1:7f:f8:a1:d0:22:cd:29:12:32:4c:18:31:
                    6d:34:c4:5d:a8:50:98:15:6e:0d:44:5a:4e:03:39:
                    55:77:90:89:56:5a:1d:af:6c:06:f0:ec:9a:97:b7:
                    6b:a7:2a:8f:60:7d:7c:2b:55:29:e1:76:70:20:24:
                    6e:96:8e:48:65:9f:c9:ad:0f:96:db:c0:d4:ec:e9:
                    b1:f1:f8:95:f7:01:c4:79:ad:b2:ad:33:1c:a1:67:
                    3f:3d:3a:0b:f4:e4:6d:67:17:59:2d:59:98:4e:bc:
                    89:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:82:43:DC:0D:40:30:74:28:AA:D4:45:CC:D5:A8:C5:83:A3:CC:FF
            X509v3 Authority Key Identifier:
                keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/64JD3A1AMHQoqtRFzNWoxYOjzP8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.73.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:e5:3d:b9:5b:d3:0e:eb:dd:63:88:0a:00:83:17:ae:ea:a4:
         93:da:e6:a2:5a:c2:d4:ee:23:46:1b:79:c9:19:2a:a2:0b:13:
         be:e8:10:ed:58:82:b3:09:67:9a:34:9f:91:02:5b:bc:b2:7d:
         21:db:5d:bd:02:ba:7a:89:23:dc:4b:94:a3:c8:e2:c8:28:38:
         19:c3:cd:28:8e:48:28:2d:39:b5:ff:92:75:dc:dc:44:c1:bb:
         4d:1f:0c:0e:df:9c:32:61:6a:ea:91:05:69:e4:33:d6:0a:a0:
         26:28:17:5a:29:8c:f4:01:92:81:5d:a0:34:a6:34:93:61:10:
         74:bb:4e:05:d1:49:a0:f7:80:e3:07:c5:83:bb:71:f6:e8:ce:
         5c:63:cb:28:45:bd:42:33:13:e7:54:23:6f:48:3b:7a:2c:fa:
         9e:7d:bf:0f:dd:e1:67:9c:8e:b9:fb:bd:80:17:12:2b:3d:74:
         c8:79:2c:2c:26:0a:94:be:24:f3:6a:91:1e:b1:01:71:36:1b:
         a0:01:30:6f:7f:21:9b:ae:79:11:a4:a1:6f:ca:ae:7a:05:ab:
         34:05:fc:a7:b8:6d:60:3d:db:a9:38:b4:ba:22:27:a5:b6:fc:
         e3:4c:b1:8f:4e:a0:41:b3:05:16:39:84:92:ab:13:a0:42:42:
         b0:bf:ad:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLudLdzRYzUJFoxiPzCZ4zeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjIwODMwMTExMzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjgyNDNkYzBkNDAzMDc0MjhhYWQ0NDVjY2Q1YThjNTgzYTNjY2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv/e1vbK9+dTYpnDb3Ib8I4yGY9r
H9vCX9nvbLHYi8aGcztDp3BEDg6Hzn3bUcEp9PmeU0bliephFC+UpMiR5oHARW4q
mEedeWJmR4DX0COo557Zn53kAFmuAv1itNKw60uQl6wrie9yN9x+8rnV4Sqa91+p
wG06rUQ4EqLytXKxkFzIksBzoR50PwIF4jlflSHobnbp6/F/+KHQIs0pEjJMGDFt
NMRdqFCYFW4NRFpOAzlVd5CJVlodr2wG8Oyal7drpyqPYH18K1Up4XZwICRulo5I
ZZ/JrQ+W28DU7Omx8fiV9wHEea2yrTMcoWc/PToL9ORtZxdZLVmYTryJ8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOuCQ9wNQDB0KKrURczVqMWDo8z/MB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvNjRKRDNBMUFNSFFvcXRSRnpOV294WU9qelA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmDMA0G
CSqGSIb3DQEBCwUAA4IBAQBn5T25W9MO691jiAoAgxeu6qST2uaiWsLU7iNGG3nJ
GSqiCxO+6BDtWIKzCWeaNJ+RAlu8sn0h2129Arp6iSPcS5SjyOLIKDgZw80ojkgo
LTm1/5J13NxEwbtNHwwO35wyYWrqkQVp5DPWCqAmKBdaKYz0AZKBXaA0pjSTYRB0
u04F0Umg94DjB8WDu3H26M5cY8soRb1CMxPnVCNvSDt6LPqefb8P3eFnnI65+72A
FxIrPXTIeSwsJgqUviTzapEesQFxNhugATBvfyGbrnkRpKFvyq56Bas0BfynuG1g
PdupOLS6IieltvzjTLGPTqBBswUWOYSSqxOgQkKwv63k
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:23 2024 by rpki-client on console-fra.rpki-client.org