Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/lC4grjOUryPHsd6b92yCywoLtiU.roa
File:                     lC4grjOUryPHsd6b92yCywoLtiU.roa (raw, json)
Hash identifier:          AN8c5Ttzx8BPSiALs6UymvJZS/VTYzyfTrnohDQSyIY=
Subject key identifier:   94:2E:20:AE:33:94:AF:23:C7:B1:DE:9B:F7:6C:82:CB:0A:0B:B6:25
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       37B7145C
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/lC4grjOUryPHsd6b92yCywoLtiU.roa
Signing time:             Sat 01 Jan 2022 08:55:57 +0000
ROA not before:           Sat 01 Jan 2022 08:55:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212063
IP address blocks:        87.107.172.0/24 maxlen: 24
                          87.107.188.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 934745180 (0x37b7145c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Jan  1 08:55:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=942e20ae3394af23c7b1de9bf76c82cb0a0bb625
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f7:25:67:a5:39:66:99:a1:a3:1d:8f:18:a4:
                    50:f3:91:a9:f4:c0:52:02:45:ca:90:96:d2:c4:c3:
                    44:02:b0:5b:2f:19:bd:b6:99:4f:42:ef:33:ad:15:
                    e9:bf:be:35:a0:09:76:ac:de:19:86:0c:2f:83:e9:
                    52:34:3f:a7:e4:0f:75:5d:92:33:44:2e:39:35:a1:
                    92:50:8c:63:4f:ca:57:b9:77:ca:81:f6:4a:b1:a5:
                    98:a9:63:00:2e:ac:8b:2a:a5:04:ce:64:26:4e:3b:
                    6f:7e:0f:b3:15:bc:c2:36:61:eb:18:81:93:3f:ec:
                    af:d9:47:27:81:56:9c:ef:08:eb:80:9b:44:da:2f:
                    4f:36:c9:e2:6a:95:19:96:d7:0f:e9:80:5b:37:2f:
                    f2:74:33:4a:1e:59:97:ec:6e:3c:8c:f6:ae:8f:49:
                    9b:6c:46:e5:1f:26:b7:56:49:37:1c:67:45:49:65:
                    31:ab:8e:ae:ff:4b:0f:e5:8c:f8:c2:74:9a:9a:49:
                    80:18:d3:a0:53:12:3a:e2:8a:f3:c2:e8:54:d8:e8:
                    63:55:62:6d:f6:41:57:0f:d1:8f:2e:c0:1f:c8:0a:
                    6c:12:8f:03:31:01:a2:85:42:86:3b:4b:55:7a:be:
                    bf:b3:93:87:45:e4:2b:21:a2:9f:81:5d:af:25:a2:
                    1b:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:2E:20:AE:33:94:AF:23:C7:B1:DE:9B:F7:6C:82:CB:0A:0B:B6:25
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/lC4grjOUryPHsd6b92yCywoLtiU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.107.172.0/24
                  87.107.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:8c:a1:23:45:d3:f7:57:4e:f9:12:88:de:fd:d2:c5:6a:d1:
         eb:d9:13:68:a2:5e:e6:93:ce:5a:56:2f:9f:b7:c5:d7:a3:1d:
         66:47:a5:4b:ac:fa:d8:8f:45:58:d8:8d:7c:54:48:17:c0:63:
         b7:ca:cb:46:5a:15:3a:93:0e:5d:85:2d:9d:3a:48:66:13:9d:
         34:da:ff:0c:14:61:c0:6e:f8:a5:d8:e7:c4:d6:d5:11:f0:1d:
         27:2f:3f:e9:86:81:80:d0:2d:a7:c9:21:ab:af:31:51:f8:bb:
         8d:98:44:a0:7e:7b:86:0d:9c:2d:28:a4:3e:cf:f2:ea:d9:03:
         18:76:4c:83:a0:83:27:e2:14:e5:cb:60:bb:8f:eb:5f:23:fd:
         48:f3:26:8a:fe:e3:61:d9:94:11:a9:29:b1:f8:b5:ff:78:8a:
         a3:d5:f2:57:46:0d:04:d2:4a:46:84:78:b5:2b:72:7d:88:35:
         ca:78:b0:fd:2f:d4:fb:4d:b6:02:fa:71:a6:6e:3e:bc:c0:0d:
         73:52:30:b0:53:31:86:bb:fb:14:71:a4:27:aa:e7:31:10:53:
         e5:d4:e3:88:24:b8:a2:d5:57:03:36:5d:14:7e:3a:a5:21:66:
         79:f2:65:bf:cd:89:0e:6f:e1:68:bc:d3:0b:10:55:25:a5:3e:
         a0:8e:0e:5f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEN7cUXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDc3NWQ5NDcxYjg1ZDk2M2ZlZjZkMjgzNTkwZTJkOTQyZGQ1YzIxMB4XDTIyMDEw
MTA4NTU1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQyZTIwYWUzMzk0
YWYyM2M3YjFkZTliZjc2YzgyY2IwYTBiYjYyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKf3JWelOWaZoaMdjxikUPORqfTAUgJFypCW0sTDRAKwWy8Z
vbaZT0LvM60V6b++NaAJdqzeGYYML4PpUjQ/p+QPdV2SM0QuOTWhklCMY0/KV7l3
yoH2SrGlmKljAC6siyqlBM5kJk47b34PsxW8wjZh6xiBkz/sr9lHJ4FWnO8I64Cb
RNovTzbJ4mqVGZbXD+mAWzcv8nQzSh5Zl+xuPIz2ro9Jm2xG5R8mt1ZJNxxnRUll
MauOrv9LD+WM+MJ0mppJgBjToFMSOuKK88LoVNjoY1VibfZBVw/Rjy7AH8gKbBKP
AzEBooVChjtLVXq+v7OTh0XkKyGin4FdryWiG3MCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSULiCuM5SvI8ex3pv3bILLCgu2JTAfBgNVHSMEGDAWgBQAd12Ucbhdlj/v
bSg1kOLZQt1cITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FIZGRsSEc0WFpZXzcyMG9OWkRpMlVMZFhDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8x
L2xDNGdyak9VcnlQSHNkNmI5MnlDeXdvTHRpVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8xL0FIZGRsSEc0WFpZ
XzcyMG9OWkRpMlVMZFhDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFdrrAMEAFdrvDANBgkqhkiG9w0B
AQsFAAOCAQEAGoyhI0XT91dO+RKI3v3SxWrR69kTaKJe5pPOWlYvn7fF16MdZkel
S6z62I9FWNiNfFRIF8Bjt8rLRloVOpMOXYUtnTpIZhOdNNr/DBRhwG74pdjnxNbV
EfAdJy8/6YaBgNAtp8khq68xUfi7jZhEoH57hg2cLSikPs/y6tkDGHZMg6CDJ+IU
5ctgu4/rXyP9SPMmiv7jYdmUEakpsfi1/3iKo9XyV0YNBNJKRoR4tStyfYg1yniw
/S/U+022Avpxpm4+vMANc1IwsFMxhrv7FHGkJ6rnMRBT5dTjiCS4otVXAzZdFH46
pSFmefJlv82JDm/haLzTCxBVJaU+oI4OXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org