Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/uy2pOkZb0wugirWov40-5fg3TY4.roa
File:                     uy2pOkZb0wugirWov40-5fg3TY4.roa (raw, json)
Hash identifier:          DZ6ASD5jJYlj6GFshXYyqmiLLR/dICAs/hDMBYH5x+A=
Subject key identifier:   BB:2D:A9:3A:46:5B:D3:0B:A0:8A:B5:A8:BF:8D:3E:E5:F8:37:4D:8E
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       37ACD466
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/uy2pOkZb0wugirWov40-5fg3TY4.roa
Signing time:             Sat 01 Jan 2022 08:55:51 +0000
ROA not before:           Sat 01 Jan 2022 08:55:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200370
IP address blocks:        87.107.130.0/23 maxlen: 23
                          87.107.130.0/24 maxlen: 24
                          87.107.131.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 934073446 (0x37acd466)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Jan  1 08:55:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bb2da93a465bd30ba08ab5a8bf8d3ee5f8374d8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:8f:2a:e0:a7:9e:46:1c:74:8a:05:7b:a4:aa:
                    96:e5:55:d6:4e:e8:b5:5a:53:85:4b:aa:32:d4:dc:
                    f9:3a:c3:f0:e2:67:e8:a8:71:88:e8:a2:57:c3:63:
                    72:6b:a2:fe:1a:56:55:f1:b8:11:43:75:9c:cf:cc:
                    61:57:2a:c6:e7:29:41:6f:75:6a:c1:40:49:e4:57:
                    ad:6a:0e:62:5a:24:7a:5d:66:f3:7d:0a:5f:90:40:
                    bf:68:c8:03:f9:93:ba:43:03:83:cd:68:45:9f:63:
                    9a:ab:17:9c:01:7d:a6:20:37:61:1e:bd:99:c7:0c:
                    92:fa:5f:be:a2:8c:b8:92:3a:fd:b1:44:51:13:60:
                    1a:ad:1e:1f:6d:ee:60:12:72:e0:5b:2f:eb:16:9d:
                    71:55:2f:44:a3:1d:9d:26:4a:af:cf:1f:fb:5b:15:
                    ed:d6:f6:6b:d5:21:72:00:6d:ad:a5:b1:13:6b:83:
                    9e:8e:78:56:8f:ab:e6:06:e2:0a:56:4f:6c:25:29:
                    0f:e2:6f:64:64:f8:4c:42:d8:22:8c:07:c6:37:a6:
                    5f:74:fc:b5:07:7e:e4:34:6b:88:5b:16:08:04:91:
                    26:df:34:de:e6:ed:a1:19:62:8a:33:ac:0b:ba:39:
                    db:22:f2:41:f0:68:c2:25:ae:a0:2a:ed:a0:de:d8:
                    1b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:2D:A9:3A:46:5B:D3:0B:A0:8A:B5:A8:BF:8D:3E:E5:F8:37:4D:8E
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/uy2pOkZb0wugirWov40-5fg3TY4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.107.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         97:fb:3d:15:22:87:02:39:f5:4a:b7:b9:94:8c:d1:33:b6:81:
         3e:c6:7f:0f:8b:08:b1:e2:65:ae:eb:e7:6c:a0:62:22:f9:e3:
         ca:2f:79:28:35:03:ed:8f:b9:db:fc:5d:35:43:c6:95:85:e0:
         b0:8d:ab:f4:af:43:ee:cb:07:02:e4:ae:62:4d:4e:67:a4:90:
         cf:72:b2:40:5e:0a:6c:f6:9e:93:60:25:fa:61:a9:ea:30:ff:
         ce:c0:31:f2:1b:36:7f:b2:8c:ba:96:2f:7a:8d:98:9c:68:aa:
         c8:56:dd:64:90:85:6b:46:23:24:28:56:ba:ab:15:ad:d5:64:
         25:b0:f5:77:d7:4a:e5:3a:74:bf:58:b4:f8:b7:82:ad:32:3f:
         5b:db:9e:74:a7:01:28:10:89:b6:ee:0e:c4:11:51:cd:e5:dd:
         fd:48:f5:0a:f2:ca:6a:00:24:0a:2b:b7:b1:03:31:d4:1c:c0:
         94:59:9f:b5:9a:d0:32:ba:a5:14:56:1f:42:ee:46:2d:e1:85:
         84:7d:5d:0d:55:be:d5:3e:9f:54:c9:61:f3:41:d0:20:ff:c3:
         f9:e3:5f:42:78:84:1c:9c:73:ed:3e:de:64:24:58:d2:ba:17:
         6f:09:06:a4:5a:dc:86:fc:b1:2c:7a:ad:d5:4f:71:d5:a2:26:
         dd:62:2d:81
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN6zUZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDc3NWQ5NDcxYjg1ZDk2M2ZlZjZkMjgzNTkwZTJkOTQyZGQ1YzIxMB4XDTIyMDEw
MTA4NTU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmIyZGE5M2E0NjVi
ZDMwYmEwOGFiNWE4YmY4ZDNlZTVmODM3NGQ4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJePKuCnnkYcdIoFe6SqluVV1k7otVpThUuqMtTc+TrD8OJn
6KhxiOiiV8Njcmui/hpWVfG4EUN1nM/MYVcqxucpQW91asFASeRXrWoOYlokel1m
830KX5BAv2jIA/mTukMDg81oRZ9jmqsXnAF9piA3YR69mccMkvpfvqKMuJI6/bFE
URNgGq0eH23uYBJy4Fsv6xadcVUvRKMdnSZKr88f+1sV7db2a9UhcgBtraWxE2uD
no54Vo+r5gbiClZPbCUpD+JvZGT4TELYIowHxjemX3T8tQd+5DRriFsWCASRJt80
3ubtoRliijOsC7o52yLyQfBowiWuoCrtoN7YG9ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS7Lak6RlvTC6CKtai/jT7l+DdNjjAfBgNVHSMEGDAWgBQAd12Ucbhdlj/v
bSg1kOLZQt1cITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FIZGRsSEc0WFpZXzcyMG9OWkRpMlVMZFhDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8x
L3V5MnBPa1piMHd1Z2lyV292NDAtNWZnM1RZNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NjM3NjBjLWUyMWItNGJhZi1hOWE0LTc2YjMzZTRjZTgyMS8xL0FIZGRsSEc0WFpZ
XzcyMG9OWkRpMlVMZFhDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVdrgjANBgkqhkiG9w0BAQsFAAOC
AQEAl/s9FSKHAjn1Sre5lIzRM7aBPsZ/D4sIseJlruvnbKBiIvnjyi95KDUD7Y+5
2/xdNUPGlYXgsI2r9K9D7ssHAuSuYk1OZ6SQz3KyQF4KbPaek2Al+mGp6jD/zsAx
8hs2f7KMupYveo2YnGiqyFbdZJCFa0YjJChWuqsVrdVkJbD1d9dK5Tp0v1i0+LeC
rTI/W9uedKcBKBCJtu4OxBFRzeXd/Uj1CvLKagAkCiu3sQMx1BzAlFmftZrQMrql
FFYfQu5GLeGFhH1dDVW+1T6fVMlh80HQIP/D+eNfQniEHJxz7T7eZCRY0roXbwkG
pFrchvyxLHqt1U9x1aIm3WItgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org