Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/e0cd69-deff-4c21-a809-6999a99dcf1e/1/PULmtABJFZKxlAaHcjZONHqMJ-k.roa
File:                     PULmtABJFZKxlAaHcjZONHqMJ-k.roa (raw, json)
Hash identifier:          evRsNynpjKEhJj0R4okNIrMZmWZ6p98zToiyRsNEDd0=
Subject key identifier:   3D:42:E6:B4:00:49:15:92:B1:94:06:87:72:36:4E:34:7A:8C:27:E9
Certificate issuer:       /CN=6bf0f847e1a216e7543c752a6350c6be23c7c6d5
Certificate serial:       0181FC5CD036208B9EEFB909A82389A7E3E5
Authority key identifier: 6B:F0:F8:47:E1:A2:16:E7:54:3C:75:2A:63:50:C6:BE:23:C7:C6:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a_D4R-GiFudUPHUqY1DGviPHxtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/e0cd69-deff-4c21-a809-6999a99dcf1e/1/PULmtABJFZKxlAaHcjZONHqMJ-k.roa
Signing time:             Thu 14 Jul 2022 10:59:09 +0000
ROA not before:           Thu 14 Jul 2022 10:59:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43404
IP address blocks:        77.87.200.0/21 maxlen: 24
                          89.23.32.0/19 maxlen: 24
                          2a04:17c0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:fc:5c:d0:36:20:8b:9e:ef:b9:09:a8:23:89:a7:e3:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bf0f847e1a216e7543c752a6350c6be23c7c6d5
        Validity
            Not Before: Jul 14 10:59:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d42e6b400491592b194068772364e347a8c27e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5f:b7:aa:d3:ff:d2:6a:e4:2b:11:ec:ef:01:
                    a4:8d:89:d8:bb:0a:5d:f9:69:d9:da:1c:61:8b:f3:
                    83:d7:d1:40:82:89:18:2a:1d:dd:a5:10:a3:7e:8d:
                    c7:34:0f:05:58:3f:c2:a4:e9:1d:64:1a:b9:21:46:
                    32:86:b3:e2:ba:2b:48:ee:ef:f8:f0:e7:07:6a:b7:
                    35:20:e1:45:dc:24:85:ff:d4:4f:22:86:a3:ae:b6:
                    33:c1:dd:d9:ec:ea:b8:61:00:04:75:6a:86:07:69:
                    b9:8f:1d:dd:cc:1a:a0:3b:53:4b:d1:cc:73:a7:c2:
                    43:18:bc:7a:f6:e5:0c:df:4d:58:b1:8a:d7:5b:a9:
                    68:30:3e:f1:6c:f4:dc:dc:a0:6e:37:78:98:85:f5:
                    67:91:f9:fb:36:6c:f4:b3:f4:84:aa:bd:27:09:75:
                    42:7c:eb:28:ee:3c:99:b0:06:78:32:5a:70:03:93:
                    40:3a:62:ae:95:f8:1d:e0:3a:7b:68:75:7c:28:e8:
                    05:74:a6:bd:36:a7:ed:38:cf:0e:74:fc:dd:9c:c0:
                    3b:df:60:1c:a0:c1:95:ab:cf:eb:d7:3d:c9:95:bf:
                    5c:32:ee:93:d2:5e:d3:5b:f1:ed:3f:19:7b:37:fa:
                    a9:40:83:1a:39:9f:f5:73:66:2b:ff:67:74:e3:f4:
                    50:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:42:E6:B4:00:49:15:92:B1:94:06:87:72:36:4E:34:7A:8C:27:E9
            X509v3 Authority Key Identifier:
                keyid:6B:F0:F8:47:E1:A2:16:E7:54:3C:75:2A:63:50:C6:BE:23:C7:C6:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a_D4R-GiFudUPHUqY1DGviPHxtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/e0cd69-deff-4c21-a809-6999a99dcf1e/1/PULmtABJFZKxlAaHcjZONHqMJ-k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/e0cd69-deff-4c21-a809-6999a99dcf1e/1/a_D4R-GiFudUPHUqY1DGviPHxtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.87.200.0/21
                  89.23.32.0/19
                IPv6:
                  2a04:17c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         2d:be:ff:9d:b7:d4:dd:08:f8:05:7e:ce:ee:27:41:26:2a:7c:
         e2:00:aa:ae:30:6a:ef:0c:f7:41:52:b2:3a:ea:7d:d3:fd:87:
         17:6f:4c:b9:42:fc:5e:76:92:56:2a:b0:85:b4:00:a5:db:be:
         ca:00:0d:8a:f3:1a:20:e1:9a:a5:1d:f5:63:58:01:0e:d1:1f:
         d0:8e:24:05:89:ab:2c:fc:4e:18:45:4c:7e:ee:03:38:80:85:
         a0:2e:b7:e6:d5:8a:68:ad:4f:b5:a9:04:76:72:94:aa:53:20:
         fb:53:1f:0b:6b:e2:17:cf:f4:cf:b4:7f:3d:5b:33:51:fa:16:
         b2:95:6c:bd:70:04:9e:b6:38:21:11:8f:83:72:63:14:32:9c:
         af:0e:b1:15:a4:53:a7:77:46:1f:3b:2b:d0:43:62:dd:80:d2:
         b2:37:2f:a4:2a:4a:38:04:73:df:db:c5:16:e1:4a:d4:8c:44:
         e8:4f:2a:13:d2:09:ef:68:6d:55:be:6f:25:fe:35:88:5d:b0:
         0c:b9:bf:03:94:d9:f4:0c:c7:a9:21:ce:f1:d1:1c:46:26:b9:
         70:18:59:f8:b2:b9:ad:d8:bc:49:45:20:f8:f5:72:ea:7d:dc:
         f4:a8:76:46:28:bb:31:2e:9f:4c:e6:00:57:97:a3:91:3a:32:
         53:52:af:37
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYH8XNA2IIue77kJqCOJp+PlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZjBmODQ3ZTFhMjE2ZTc1NDNjNzUyYTYzNTBjNmJlMjNj
N2M2ZDUwHhcNMjIwNzE0MTA1OTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDQyZTZiNDAwNDkxNTkyYjE5NDA2ODc3MjM2NGUzNDdhOGMyN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01+3qtP/0mrkKxHs7wGkjYnYuwpd
+WnZ2hxhi/OD19FAgokYKh3dpRCjfo3HNA8FWD/CpOkdZBq5IUYyhrPiuitI7u/4
8OcHarc1IOFF3CSF/9RPIoajrrYzwd3Z7Oq4YQAEdWqGB2m5jx3dzBqgO1NL0cxz
p8JDGLx69uUM301YsYrXW6loMD7xbPTc3KBuN3iYhfVnkfn7Nmz0s/SEqr0nCXVC
fOso7jyZsAZ4MlpwA5NAOmKulfgd4Dp7aHV8KOgFdKa9NqftOM8OdPzdnMA732Ac
oMGVq8/r1z3Jlb9cMu6T0l7TW/HtPxl7N/qpQIMaOZ/1c2Yr/2d04/RQPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD1C5rQASRWSsZQGh3I2TjR6jCfpMB8GA1UdIwQY
MBaAFGvw+EfhohbnVDx1KmNQxr4jx8bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYV9ENFItR2lGdWRVUEhVcVkxREd2aVBIeHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9lMGNkNjktZGVmZi00YzIxLWE4MDkt
Njk5OWE5OWRjZjFlLzEvUFVMbXRBQkpGWkt4bEFhSGNqWk9OSHFNSi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9lMGNkNjktZGVmZi00YzIxLWE4MDktNjk5OWE5OWRjZjFl
LzEvYV9ENFItR2lGdWRVUEhVcVkxREd2aVBIeHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTVfIAwQF
WRcgMA0EAgACMAcDBQMqBBfAMA0GCSqGSIb3DQEBCwUAA4IBAQAtvv+dt9TdCPgF
fs7uJ0EmKnziAKquMGrvDPdBUrI66n3T/YcXb0y5QvxedpJWKrCFtACl277KAA2K
8xog4ZqlHfVjWAEO0R/QjiQFiass/E4YRUx+7gM4gIWgLrfm1YporU+1qQR2cpSq
UyD7Ux8La+IXz/TPtH89WzNR+haylWy9cASetjghEY+DcmMUMpyvDrEVpFOnd0Yf
OyvQQ2LdgNKyNy+kKko4BHPf28UW4UrUjEToTyoT0gnvaG1Vvm8l/jWIXbAMub8D
lNn0DMepIc7x0RxGJrlwGFn4srmt2LxJRSD49XLqfdz0qHZGKLsxLp9M5gBXl6OR
OjJTUq83
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:06 2024 by rpki-client on console-ams.rpki-client.org