Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0YKl6z1O1rxPJ0NEYssz9ZBbEJQ.roa
File:                     0YKl6z1O1rxPJ0NEYssz9ZBbEJQ.roa (raw, json)
Hash identifier:          nCX8QteOXkTa05GAfkAjWwVzGps59qM9FpoByFhb4GQ=
Subject key identifier:   D1:82:A5:EB:3D:4E:D6:BC:4F:27:43:44:62:CB:33:F5:90:5B:10:94
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       01847050CBCACE0F1D618C3769BC26039797
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0YKl6z1O1rxPJ0NEYssz9ZBbEJQ.roa
Signing time:             Sun 13 Nov 2022 09:27:34 +0000
ROA not before:           Sun 13 Nov 2022 09:27:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48944
IP address blocks:        81.12.112.0/22 maxlen: 22
                          87.107.176.0/21 maxlen: 21
                          87.107.184.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:70:50:cb:ca:ce:0f:1d:61:8c:37:69:bc:26:03:97:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Nov 13 09:27:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d182a5eb3d4ed6bc4f27434462cb33f5905b1094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:bb:f3:c5:dd:51:5d:2e:33:3c:58:bc:2b:83:
                    a3:77:87:af:55:44:82:28:53:0d:e9:40:05:6c:23:
                    da:41:a7:94:77:a1:b6:34:1c:17:00:25:15:80:9a:
                    78:e5:8b:19:9f:4e:6f:5b:6d:f5:90:f3:62:4b:19:
                    24:04:27:81:40:91:b4:35:eb:f6:74:1b:78:15:0a:
                    9b:15:8c:b4:46:3d:1a:dd:b9:d0:b2:5d:bf:0d:cd:
                    ec:b6:38:01:b8:4f:77:27:f1:5d:19:35:39:2f:0c:
                    72:fd:39:60:3f:8d:88:bf:aa:5d:ed:39:1c:92:e0:
                    ac:ea:2b:c4:70:97:e4:44:c5:f5:f2:5d:60:e5:c1:
                    41:0c:f2:65:69:a7:40:bd:b8:1a:83:98:af:13:1b:
                    52:d0:71:13:66:ba:9a:2a:d3:ee:f2:5e:1b:35:db:
                    c5:97:30:56:f7:03:62:b5:d3:df:a8:f9:7e:f0:06:
                    4a:ec:a7:ec:82:2a:75:8d:77:c3:90:92:d9:8a:02:
                    fd:3b:c2:a2:73:aa:26:58:8d:33:c9:17:2f:56:a6:
                    4b:4c:1d:c8:c7:e0:e8:e3:00:8a:23:ed:f5:6d:0e:
                    e6:56:5a:c5:d0:88:9c:f6:7f:28:21:2d:60:c3:da:
                    65:0d:c7:13:35:88:ee:96:bb:5e:4e:4e:61:73:e2:
                    71:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:82:A5:EB:3D:4E:D6:BC:4F:27:43:44:62:CB:33:F5:90:5B:10:94
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0YKl6z1O1rxPJ0NEYssz9ZBbEJQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.12.112.0/22
                  87.107.176.0-87.107.187.255

    Signature Algorithm: sha256WithRSAEncryption
         94:13:25:f1:db:60:d6:b6:a0:a0:71:2e:b1:6a:5c:3d:0e:cf:
         6e:fb:00:24:37:c9:fa:eb:a1:dc:f1:0c:ad:9d:9f:e6:e9:a1:
         99:10:10:66:ef:ed:e0:b1:05:8d:d3:de:b5:9e:21:ee:1e:0d:
         9f:ed:ef:c2:d7:f6:80:f1:cf:ee:1b:7d:53:f8:6e:86:a9:41:
         7a:e2:d4:2e:ca:c7:d9:a5:60:1b:d4:e2:25:2c:e1:0c:69:20:
         bb:bb:6b:65:3d:a4:cc:27:63:29:c0:34:cf:76:8a:ca:82:9d:
         80:dc:15:d3:4d:50:d5:c3:8b:78:04:7d:96:69:6d:68:ff:f4:
         35:2e:be:d1:11:31:e4:9b:02:b8:3e:36:c3:35:e6:6d:43:01:
         e2:f6:ac:30:52:21:1d:87:58:18:d1:e9:39:f4:73:5e:75:c4:
         2f:83:a1:32:b6:b2:6d:88:49:58:6e:6a:74:dd:c0:33:35:36:
         31:09:09:b4:ce:e2:d4:75:1d:c6:82:66:a5:87:eb:83:b7:d6:
         03:82:07:1e:f6:0b:89:2f:2a:51:a6:23:b1:0f:08:0b:96:5e:
         45:80:5b:83:d5:7b:8a:3a:a3:4f:0c:4f:f6:4a:17:9e:e1:84:
         d2:12:46:75:43:d5:23:15:d2:52:83:ca:05:70:1a:e0:15:6b:
         fa:44:c3:07
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYRwUMvKzg8dYYw3abwmA5eXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjIxMTEzMDkyNzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTgyYTVlYjNkNGVkNmJjNGYyNzQzNDQ2MmNiMzNmNTkwNWIxMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7vzxd1RXS4zPFi8K4Ojd4evVUSC
KFMN6UAFbCPaQaeUd6G2NBwXACUVgJp45YsZn05vW231kPNiSxkkBCeBQJG0Nev2
dBt4FQqbFYy0Rj0a3bnQsl2/Dc3stjgBuE93J/FdGTU5Lwxy/TlgP42Iv6pd7Tkc
kuCs6ivEcJfkRMX18l1g5cFBDPJlaadAvbgag5ivExtS0HETZrqaKtPu8l4bNdvF
lzBW9wNitdPfqPl+8AZK7Kfsgip1jXfDkJLZigL9O8Kic6omWI0zyRcvVqZLTB3I
x+Do4wCKI+31bQ7mVlrF0Iic9n8oIS1gw9plDccTNYjulrteTk5hc+JxfQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNGCpes9Tta8TydDRGLLM/WQWxCUMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvMFlLbDZ6MU8xcnhQSjBORVlzc3o5WkJiRUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCUQxwMAwD
BARXa7ADBAJXa7gwDQYJKoZIhvcNAQELBQADggEBAJQTJfHbYNa2oKBxLrFqXD0O
z277ACQ3yfrrodzxDK2dn+bpoZkQEGbv7eCxBY3T3rWeIe4eDZ/t78LX9oDxz+4b
fVP4boapQXri1C7Kx9mlYBvU4iUs4QxpILu7a2U9pMwnYynANM92isqCnYDcFdNN
UNXDi3gEfZZpbWj/9DUuvtERMeSbArg+NsM15m1DAeL2rDBSIR2HWBjR6Tn0c151
xC+DoTK2sm2ISVhuanTdwDM1NjEJCbTO4tR1HcaCZqWH64O31gOCBx72C4kvKlGm
I7EPCAuWXkWAW4PVe4o6o08MT/ZKF57hhNISRnVD1SMV0lKDygVwGuAVa/pEwwc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:59 2024 by rpki-client on console-ams.rpki-client.org