Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/sSWmuoown2HTW82yM9P7_X_u5T4.roa
File:                     sSWmuoown2HTW82yM9P7_X_u5T4.roa (raw, json)
Hash identifier:          VQLD891EHyjGR07ITNkv9WNJq9LqxaiuM30eTWRcyLM=
Subject key identifier:   B1:25:A6:BA:8A:30:9F:61:D3:5B:CD:B2:33:D3:FB:FD:7F:EE:E5:3E
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       37B69596
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/sSWmuoown2HTW82yM9P7_X_u5T4.roa
Signing time:             Sat 01 Jan 2022 08:55:56 +0000
ROA not before:           Sat 01 Jan 2022 08:55:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212036
IP address blocks:        87.107.101.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 934712726 (0x37b69596)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Jan  1 08:55:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b125a6ba8a309f61d35bcdb233d3fbfd7feee53e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:4c:3d:15:9c:dc:40:5e:33:bd:c3:4e:ff:a5:
                    03:f8:1b:7a:f6:f3:a2:56:3c:98:d9:28:89:bf:6d:
                    c4:9d:55:89:a2:5f:f4:58:90:0d:8c:fe:b5:01:ea:
                    d3:7e:17:56:62:f1:5c:bf:2b:91:d1:e6:27:b5:73:
                    d7:25:5f:e5:5f:c4:a0:ca:bd:d1:14:3f:5e:a5:0d:
                    57:21:d7:9f:d9:90:10:83:34:80:57:3a:f7:72:ec:
                    e1:7f:8b:6b:9d:e6:85:a5:f4:61:9e:ed:be:18:c6:
                    24:c1:18:1e:8f:0f:94:db:fd:5e:8a:bd:63:13:db:
                    c0:b7:02:e8:1d:0f:f4:5c:85:81:82:82:af:75:61:
                    f8:e4:a0:ab:15:e2:e1:25:cc:e9:82:b6:cd:2f:c8:
                    e4:d5:1c:da:68:1a:fb:ec:dc:ef:72:9e:38:1b:65:
                    60:6e:8a:67:57:e6:c9:6e:0a:34:fe:6a:07:7c:63:
                    20:95:7c:56:28:66:96:99:7b:76:f2:89:5d:b9:fe:
                    a6:12:2a:72:50:d3:1e:07:5f:38:dd:38:1b:8c:a3:
                    2d:3b:53:b0:14:e9:ca:7b:1c:69:c1:e9:15:58:71:
                    7a:63:ac:fd:75:1b:06:e2:4a:51:2d:5f:7f:d2:28:
                    f5:44:b1:80:d4:2d:19:fd:a2:fc:91:46:5a:21:06:
                    69:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:25:A6:BA:8A:30:9F:61:D3:5B:CD:B2:33:D3:FB:FD:7F:EE:E5:3E
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/sSWmuoown2HTW82yM9P7_X_u5T4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.107.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:98:db:f1:76:3e:4c:44:c5:f4:d1:b6:c7:b9:32:3b:30:b6:
         41:e4:f9:aa:4e:8d:1d:4c:29:0f:4d:a9:74:7f:f6:10:54:8d:
         f1:f4:f7:31:99:22:e9:d5:3b:40:a1:a9:4f:84:65:94:1d:8f:
         a8:45:ad:bc:2b:1d:52:f8:91:36:7c:e2:99:9a:c0:e4:08:36:
         33:53:05:19:26:8e:92:c4:fe:5e:a9:4b:9f:f1:2e:eb:fb:fb:
         1c:85:5f:84:37:e6:4f:ab:ea:ce:67:1b:c2:09:6d:4c:6d:57:
         61:03:29:0c:cc:f9:84:32:56:33:5e:b3:6f:ff:ec:56:10:7c:
         e4:58:6c:63:98:15:7a:c5:f5:b4:82:70:02:b0:19:58:b5:89:
         e5:e0:ec:82:07:84:3e:8b:c7:4f:9d:bf:fd:9a:e0:dc:db:99:
         91:2a:40:3f:37:f3:b3:0d:66:e6:40:bd:0b:a2:a2:bd:85:8a:
         9e:55:87:e8:36:a7:44:5f:f8:da:b6:7c:1c:d9:6f:d7:4c:c0:
         d4:10:f8:e6:96:41:2d:5a:0d:bf:30:a7:20:ac:65:c6:d9:ae:
         fc:98:0a:69:4c:34:fa:7f:ee:2a:4e:08:93:bf:42:28:4e:78:
         ce:2f:f1:22:20:8a:b0:5c:b9:e9:21:b6:e7:e5:d5:9b:c4:55:
         8e:03:b1:8f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN7aVljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDc3NWQ5NDcxYjg1ZDk2M2ZlZjZkMjgzNTkwZTJkOTQyZGQ1YzIxMB4XDTIyMDEw
MTA4NTU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjEyNWE2YmE4YTMw
OWY2MWQzNWJjZGIyMzNkM2ZiZmQ3ZmVlZTUzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRMPRWc3EBeM73DTv+lA/gbevbzolY8mNkoib9txJ1ViaJf
9FiQDYz+tQHq034XVmLxXL8rkdHmJ7Vz1yVf5V/EoMq90RQ/XqUNVyHXn9mQEIM0
gFc693Ls4X+La53mhaX0YZ7tvhjGJMEYHo8PlNv9Xoq9YxPbwLcC6B0P9FyFgYKC
r3Vh+OSgqxXi4SXM6YK2zS/I5NUc2mga++zc73KeOBtlYG6KZ1fmyW4KNP5qB3xj
IJV8Vihmlpl7dvKJXbn+phIqclDTHgdfON04G4yjLTtTsBTpynscacHpFVhxemOs
/XUbBuJKUS1ff9Io9USxgNQtGf2i/JFGWiEGabMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSxJaa6ijCfYdNbzbIz0/v9f+7lPjAfBgNVHSMEGDAWgBQAd12Ucbhdlj/v
bSg1kOLZQt1cITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FIZGRsSEc0WFpZXzcyMG9OWkRpMlVMZFhDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8x
L3NTV211b293bjJIVFc4MnlNOVA3X1hfdTVUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8xL0FIZGRsSEc0WFpZ
XzcyMG9OWkRpMlVMZFhDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFdrZTANBgkqhkiG9w0BAQsFAAOC
AQEAm5jb8XY+TETF9NG2x7kyOzC2QeT5qk6NHUwpD02pdH/2EFSN8fT3MZki6dU7
QKGpT4RllB2PqEWtvCsdUviRNnzimZrA5Ag2M1MFGSaOksT+XqlLn/Eu6/v7HIVf
hDfmT6vqzmcbwgltTG1XYQMpDMz5hDJWM16zb//sVhB85FhsY5gVesX1tIJwArAZ
WLWJ5eDsggeEPovHT52//Zrg3NuZkSpAPzfzsw1m5kC9C6KivYWKnlWH6DanRF/4
2rZ8HNlv10zA1BD45pZBLVoNvzCnIKxlxtmu/JgKaUw0+n/uKk4Ik79CKE54zi/x
IiCKsFy56SG25+XVm8RVjgOxjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:59 2024 by rpki-client on console-ams.rpki-client.org