Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0dpyQBlB5KBLhyiCePJQFuwuNXE.roa
File:                     0dpyQBlB5KBLhyiCePJQFuwuNXE.roa (raw, json)
Hash identifier:          M7bqw8dgiKZuk0gGQjb6SGAzrb3Kzi/deoLbOEYpkTQ=
Subject key identifier:   D1:DA:72:40:19:41:E4:A0:4B:87:28:82:78:F2:50:16:EC:2E:35:71
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       379C8CE0
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0dpyQBlB5KBLhyiCePJQFuwuNXE.roa
Signing time:             Sat 01 Jan 2022 08:55:43 +0000
ROA not before:           Sat 01 Jan 2022 08:55:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29577
IP address blocks:        81.12.1.0/24 maxlen: 24
                          81.12.2.0/24 maxlen: 24
                          81.12.0.0/24 maxlen: 24
                          81.12.3.0/24 maxlen: 24
                          87.107.104.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 933006560 (0x379c8ce0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Jan  1 08:55:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d1da72401941e4a04b87288278f25016ec2e3571
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:07:d8:5c:23:62:b2:39:69:ba:62:f5:76:d8:
                    dc:e0:d4:9a:d3:34:56:9c:86:81:98:2d:03:cd:eb:
                    dd:96:60:d8:24:7e:8b:4b:3e:1f:41:52:f4:99:55:
                    d5:d3:85:ee:d6:02:f2:cc:1d:4f:32:56:01:93:a0:
                    c0:e2:8c:6e:f5:02:9e:dd:06:1b:bf:54:b8:59:89:
                    61:05:61:7f:de:d7:20:bc:ec:63:71:92:2e:94:74:
                    6a:ea:ec:b9:cd:bd:71:3c:a3:98:7f:de:4c:5e:e8:
                    0a:48:35:72:0a:ad:47:a1:f8:2f:4f:93:f4:72:63:
                    28:d7:2e:37:07:59:b4:a3:45:97:80:ba:ad:3f:23:
                    f0:b9:33:9e:76:58:ee:e1:8d:2b:e9:19:4b:7f:9a:
                    46:45:c9:e1:23:64:f7:24:15:e0:4c:12:79:db:06:
                    af:37:56:79:5e:b7:83:fc:9f:5c:8d:8f:11:92:74:
                    61:ea:e2:e9:3a:c5:37:72:f0:aa:a8:dd:3c:5c:24:
                    30:95:48:3c:b2:72:35:35:6b:3c:90:f1:52:64:db:
                    2d:a3:1a:28:52:5d:88:91:d2:40:ec:58:3f:96:59:
                    5c:41:20:3d:86:71:8f:8d:32:8d:76:6e:a8:65:e8:
                    44:38:87:93:6a:c1:31:7c:1e:c7:b7:dc:e2:cd:c7:
                    7a:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:DA:72:40:19:41:E4:A0:4B:87:28:82:78:F2:50:16:EC:2E:35:71
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0dpyQBlB5KBLhyiCePJQFuwuNXE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.12.0.0/22
                  87.107.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:fe:87:d6:64:96:ad:41:fb:22:20:28:9a:6c:39:bb:71:59:
         98:06:23:7b:65:48:7f:66:6d:11:75:97:14:32:0e:48:03:da:
         9d:48:3a:28:a1:47:eb:cc:1b:15:91:e4:85:39:be:43:fb:6a:
         c7:e3:1b:19:e2:f2:08:7d:e7:de:f7:fa:a3:23:87:0d:39:7c:
         b2:c4:aa:47:e7:23:85:16:e1:82:0a:c6:7a:2c:ba:54:3e:90:
         ad:ce:a9:7d:d8:ad:08:5a:92:18:40:d1:cd:2e:cd:3d:68:5f:
         f1:90:82:e0:8d:5a:65:72:11:70:70:5f:dd:d9:36:27:94:4b:
         e8:54:a6:5b:50:95:f7:22:08:de:16:97:90:75:91:41:15:54:
         25:7c:94:92:23:db:4f:91:a5:16:6d:ba:c8:b8:9b:83:84:20:
         68:c6:67:3f:be:6c:d0:7e:b7:e6:26:f0:c5:84:ca:a3:31:de:
         80:61:0d:44:c0:3d:cc:56:8f:88:d1:c5:c6:b5:53:41:69:d2:
         cf:b6:fe:1a:82:e7:ba:13:0c:d4:96:98:15:94:5f:17:86:ea:
         64:e2:0f:c9:28:3f:f6:74:7b:ee:b3:ff:2e:7f:85:99:84:a0:
         69:66:c6:3d:c1:50:e5:34:8a:d8:b3:4b:f6:38:8e:9f:0b:29:
         9e:c4:cf:c5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEN5yM4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDc3NWQ5NDcxYjg1ZDk2M2ZlZjZkMjgzNTkwZTJkOTQyZGQ1YzIxMB4XDTIyMDEw
MTA4NTU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFkYTcyNDAxOTQx
ZTRhMDRiODcyODgyNzhmMjUwMTZlYzJlMzU3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMgH2FwjYrI5abpi9XbY3ODUmtM0VpyGgZgtA83r3ZZg2CR+
i0s+H0FS9JlV1dOF7tYC8swdTzJWAZOgwOKMbvUCnt0GG79UuFmJYQVhf97XILzs
Y3GSLpR0aursuc29cTyjmH/eTF7oCkg1cgqtR6H4L0+T9HJjKNcuNwdZtKNFl4C6
rT8j8LkznnZY7uGNK+kZS3+aRkXJ4SNk9yQV4EwSedsGrzdWeV63g/yfXI2PEZJ0
Yeri6TrFN3LwqqjdPFwkMJVIPLJyNTVrPJDxUmTbLaMaKFJdiJHSQOxYP5ZZXEEg
PYZxj40yjXZuqGXoRDiHk2rBMXwex7fc4s3HegECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTR2nJAGUHkoEuHKIJ48lAW7C41cTAfBgNVHSMEGDAWgBQAd12Ucbhdlj/v
bSg1kOLZQt1cITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FIZGRsSEc0WFpZXzcyMG9OWkRpMlVMZFhDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8x
LzBkcHlRQmxCNUtCTGh5aUNlUEpRRnV3dU5YRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8xL0FIZGRsSEc0WFpZ
XzcyMG9OWkRpMlVMZFhDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlEMAAMEAFdraDANBgkqhkiG9w0B
AQsFAAOCAQEAC/6H1mSWrUH7IiAommw5u3FZmAYje2VIf2ZtEXWXFDIOSAPanUg6
KKFH68wbFZHkhTm+Q/tqx+MbGeLyCH3n3vf6oyOHDTl8ssSqR+cjhRbhggrGeiy6
VD6Qrc6pfditCFqSGEDRzS7NPWhf8ZCC4I1aZXIRcHBf3dk2J5RL6FSmW1CV9yII
3haXkHWRQRVUJXyUkiPbT5GlFm26yLibg4QgaMZnP75s0H635ibwxYTKozHegGEN
RMA9zFaPiNHFxrVTQWnSz7b+GoLnuhMM1JaYFZRfF4bqZOIPySg/9nR77rP/Ln+F
mYSgaWbGPcFQ5TSK2LNL9jiOnwspnsTPxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:59 2024 by rpki-client on console-ams.rpki-client.org