Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0l0Aro4Ryr-vEjaapwoe6qusa_U.roa
File:                     0l0Aro4Ryr-vEjaapwoe6qusa_U.roa (raw, json)
Hash identifier:          QBbU8NrGNglJtnVfhMUhKycv/hClUjqbPe27XlEnD74=
Subject key identifier:   D2:5D:00:AE:8E:11:CA:BF:AF:12:36:9A:A7:0A:1E:EA:AB:AC:6B:F5
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       37A1B532
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0l0Aro4Ryr-vEjaapwoe6qusa_U.roa
Signing time:             Sat 01 Jan 2022 08:55:46 +0000
ROA not before:           Sat 01 Jan 2022 08:55:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48944
IP address blocks:        87.107.148.0/22 maxlen: 22
                          87.107.148.0/23 maxlen: 23
                          81.12.112.0/22 maxlen: 22
                          87.107.176.0/21 maxlen: 21
                          87.107.184.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 933344562 (0x37a1b532)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Jan  1 08:55:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d25d00ae8e11cabfaf12369aa70a1eeaabac6bf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:73:c1:49:de:81:98:d4:83:4a:3a:07:0b:d8:
                    97:cb:10:6a:44:88:2a:85:75:f2:82:c1:6b:a9:16:
                    11:b1:fe:c5:7d:cb:57:4f:70:08:0a:50:09:b4:2a:
                    9b:37:b4:8a:fb:94:91:94:65:e3:b3:68:3a:86:40:
                    04:55:10:64:74:fd:63:aa:50:3f:52:81:55:ca:e5:
                    bb:ff:0c:22:df:c4:6b:92:92:bb:68:dd:eb:18:ed:
                    e1:c9:ba:b3:55:97:b1:e7:5f:29:da:e9:d9:42:91:
                    ee:cf:26:c8:b9:e1:1a:e4:c3:90:22:a6:94:0e:2c:
                    7e:f1:2b:80:b8:ad:e1:d4:57:7a:e6:85:c0:aa:59:
                    1a:ca:ff:62:de:47:d8:4e:67:14:af:f2:77:48:66:
                    83:0b:81:d4:fa:4c:b2:a6:b6:96:48:0a:89:46:32:
                    31:f0:e7:b0:11:56:28:19:19:19:52:cc:5f:4c:5a:
                    ab:e2:2b:1b:f1:84:65:4d:e4:c6:00:78:a6:a4:15:
                    e1:8e:a0:27:d2:b6:d1:bc:a6:1d:85:ce:f2:5b:f8:
                    89:93:21:0b:c9:74:e9:a1:65:47:33:86:50:75:a2:
                    da:f5:c2:45:3e:e4:2f:94:c9:2d:5c:98:52:dd:d6:
                    a0:99:01:dc:51:f0:1d:13:b5:08:7d:4d:5d:cd:7e:
                    b9:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:5D:00:AE:8E:11:CA:BF:AF:12:36:9A:A7:0A:1E:EA:AB:AC:6B:F5
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0l0Aro4Ryr-vEjaapwoe6qusa_U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.12.112.0/22
                  87.107.148.0/22
                  87.107.176.0-87.107.187.255

    Signature Algorithm: sha256WithRSAEncryption
         c6:9a:27:30:bd:01:2b:e8:bf:18:3a:9a:bf:27:ee:04:8c:98:
         05:e3:9b:9e:8e:28:9e:c7:a9:c5:50:c2:cf:2a:9e:26:e5:16:
         9c:dc:ab:8e:28:4c:c2:18:8a:5d:9f:08:0f:2f:0b:24:3d:5e:
         8b:3f:8a:b7:9d:4b:01:cc:0b:a7:22:03:d7:55:d7:d6:87:8c:
         27:70:5b:43:e3:3f:b4:df:f5:c0:46:20:d1:93:e2:2d:91:12:
         fb:f3:4a:f0:51:b7:6f:26:13:05:be:ac:47:cf:c4:a2:50:cc:
         b5:92:fc:1c:86:e0:db:10:92:8b:51:d8:6d:06:0c:d1:81:a3:
         e4:c6:e3:b7:49:66:18:bf:db:36:0b:86:75:b7:7d:41:f6:27:
         f2:85:3c:a9:a2:52:d2:cd:91:b8:d8:5b:02:ed:17:36:58:80:
         aa:68:5a:e3:02:02:16:00:8e:9c:3f:8c:08:d3:75:4d:d0:f1:
         4b:5e:78:e8:8a:08:79:a6:b1:a2:03:f8:37:75:7e:8d:c5:fc:
         29:d7:4b:9c:56:c4:23:12:d4:8e:92:f1:d9:c8:ae:fc:f7:4a:
         51:e1:f5:10:d7:15:5a:86:2d:97:bc:74:cc:b7:2d:7a:ce:25:
         75:1d:2c:99:bc:75:b9:8f:b9:1b:f4:ae:e4:1e:18:ca:85:cc:
         bc:6c:b6:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEN6G1MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDc3NWQ5NDcxYjg1ZDk2M2ZlZjZkMjgzNTkwZTJkOTQyZGQ1YzIxMB4XDTIyMDEw
MTA4NTU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI1ZDAwYWU4ZTEx
Y2FiZmFmMTIzNjlhYTcwYTFlZWFhYmFjNmJmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtzwUnegZjUg0o6BwvYl8sQakSIKoV18oLBa6kWEbH+xX3L
V09wCApQCbQqmze0ivuUkZRl47NoOoZABFUQZHT9Y6pQP1KBVcrlu/8MIt/Ea5KS
u2jd6xjt4cm6s1WXsedfKdrp2UKR7s8myLnhGuTDkCKmlA4sfvErgLit4dRXeuaF
wKpZGsr/Yt5H2E5nFK/yd0hmgwuB1PpMsqa2lkgKiUYyMfDnsBFWKBkZGVLMX0xa
q+IrG/GEZU3kxgB4pqQV4Y6gJ9K20bymHYXO8lv4iZMhC8l06aFlRzOGUHWi2vXC
RT7kL5TJLVyYUt3WoJkB3FHwHRO1CH1NXc1+ubECAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTSXQCujhHKv68SNpqnCh7qq6xr9TAfBgNVHSMEGDAWgBQAd12Ucbhdlj/v
bSg1kOLZQt1cITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FIZGRsSEc0WFpZXzcyMG9OWkRpMlVMZFhDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8x
LzBsMEFybzRSeXItdkVqYWFwd29lNnF1c2FfVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8xL0FIZGRsSEc0WFpZ
XzcyMG9OWkRpMlVMZFhDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAlEMcAMEAldrlDAMAwQEV2uwAwQC
V2u4MA0GCSqGSIb3DQEBCwUAA4IBAQDGmicwvQEr6L8YOpq/J+4EjJgF45uejiie
x6nFUMLPKp4m5Rac3KuOKEzCGIpdnwgPLwskPV6LP4q3nUsBzAunIgPXVdfWh4wn
cFtD4z+03/XARiDRk+ItkRL780rwUbdvJhMFvqxHz8SiUMy1kvwchuDbEJKLUdht
BgzRgaPkxuO3SWYYv9s2C4Z1t31B9ifyhTypolLSzZG42FsC7Rc2WICqaFrjAgIW
AI6cP4wI03VN0PFLXnjoigh5prGiA/g3dX6Nxfwp10ucVsQjEtSOkvHZyK7890pR
4fUQ1xVahi2XvHTMty16ziV1HSyZvHW5j7kb9K7kHhjKhcy8bLZO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:59 2024 by rpki-client on console-ams.rpki-client.org