Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/575172-f7a2-4e43-962c-edc5ab995dbf/1/gEmWN6ybBSAVjGYVnq2dnSm-LPw.roa
File:                     gEmWN6ybBSAVjGYVnq2dnSm-LPw.roa (raw, json)
Hash identifier:          S57eB4Ym3oKCn2CAwoh/7ROCPgZ9Gh/th4Zo5Q7GgL4=
Subject key identifier:   80:49:96:37:AC:9B:05:20:15:8C:66:15:9E:AD:9D:9D:29:BE:2C:FC
Certificate issuer:       /CN=f0150b3a9419627fdbcdb6580e878a1c9fa0cc58
Certificate serial:       014A5B
Authority key identifier: F0:15:0B:3A:94:19:62:7F:DB:CD:B6:58:0E:87:8A:1C:9F:A0:CC:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8BULOpQZYn_bzbZYDoeKHJ-gzFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/575172-f7a2-4e43-962c-edc5ab995dbf/1/gEmWN6ybBSAVjGYVnq2dnSm-LPw.roa
Signing time:             Wed 13 Apr 2022 14:28:14 +0000
ROA not before:           Wed 13 Apr 2022 14:28:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42451
IP address blocks:        77.242.1.0/24 maxlen: 24
                          77.242.4.0/24 maxlen: 24
                          77.242.2.0/24 maxlen: 24
                          77.242.3.0/24 maxlen: 24
                          77.242.0.0/24 maxlen: 24
                          77.242.8.0/24 maxlen: 24
                          77.242.5.0/24 maxlen: 24
                          77.242.6.0/24 maxlen: 24
                          77.242.7.0/24 maxlen: 24
                          2a02:5c40::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 84571 (0x14a5b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0150b3a9419627fdbcdb6580e878a1c9fa0cc58
        Validity
            Not Before: Apr 13 14:28:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=80499637ac9b0520158c66159ead9d9d29be2cfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:21:1b:f6:f5:31:dc:fc:b6:2a:93:f1:2e:4b:
                    61:2e:f1:37:ee:29:5b:a4:df:d5:77:66:ab:1c:0c:
                    cb:17:3c:36:1e:37:07:d5:5f:82:81:10:93:76:b4:
                    66:b8:f5:36:93:d9:62:d3:7e:9b:b5:6e:c6:0c:bb:
                    2f:20:6c:33:71:ea:61:06:86:78:4e:41:61:15:32:
                    83:ad:86:fa:9e:a9:40:53:e1:5f:98:fa:49:bc:a0:
                    b8:9f:bf:a1:78:55:e3:a1:0f:c9:a0:f5:88:de:29:
                    db:b7:d8:fd:c2:89:80:cd:2b:ae:92:84:17:e7:f0:
                    e6:af:38:2c:b4:96:98:fb:3c:f9:a5:61:e1:0c:0c:
                    dc:c5:df:76:e7:0e:ea:78:f2:df:a6:6a:0c:78:de:
                    64:46:79:0f:fe:1b:8b:97:0b:7a:4f:96:69:99:26:
                    42:b8:5d:b7:4b:53:da:05:7a:90:9b:b0:4f:3e:80:
                    e5:cd:40:7a:69:01:ed:80:4d:a6:7c:88:87:ba:95:
                    93:28:fe:3e:e6:bb:76:6c:0f:07:d7:df:72:7b:12:
                    6f:19:cf:ce:ca:45:20:26:b4:04:6a:49:f5:aa:a5:
                    ff:f4:d8:36:74:43:5f:30:56:1f:91:b2:b7:9a:25:
                    5a:61:fe:41:d8:67:2e:f0:99:a6:a7:85:cc:45:c0:
                    f9:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:49:96:37:AC:9B:05:20:15:8C:66:15:9E:AD:9D:9D:29:BE:2C:FC
            X509v3 Authority Key Identifier:
                keyid:F0:15:0B:3A:94:19:62:7F:DB:CD:B6:58:0E:87:8A:1C:9F:A0:CC:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8BULOpQZYn_bzbZYDoeKHJ-gzFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/575172-f7a2-4e43-962c-edc5ab995dbf/1/gEmWN6ybBSAVjGYVnq2dnSm-LPw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/575172-f7a2-4e43-962c-edc5ab995dbf/1/8BULOpQZYn_bzbZYDoeKHJ-gzFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.242.0.0-77.242.8.255
                IPv6:
                  2a02:5c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         37:3a:71:12:d9:86:26:60:95:a5:bc:c9:74:32:b0:16:29:d3:
         be:d0:42:49:05:14:2b:5e:2f:00:64:c8:1a:d7:92:43:8d:5c:
         93:9d:c3:86:b4:4b:0b:e2:cc:6f:81:30:9f:45:1d:1e:24:de:
         87:9c:62:6d:d1:01:3f:53:06:5a:54:d8:cf:2d:05:29:5e:df:
         4c:4f:29:de:26:05:46:48:67:ed:ab:e3:fd:3a:2a:74:13:69:
         62:e1:14:bd:f9:3f:65:63:63:71:db:ea:9c:30:e5:42:04:da:
         40:eb:4a:7e:d4:6d:ac:1b:32:78:92:c4:4f:11:ad:77:c7:b7:
         67:ea:33:b6:bf:3e:61:a4:1e:68:ae:d7:a6:07:fc:8b:d6:cb:
         bc:b1:4d:9a:3b:d5:d6:f5:46:5d:0c:5c:bb:36:8e:f8:ff:6d:
         a6:d6:d2:91:43:62:e3:41:54:40:8b:0c:37:ce:ae:f5:5d:70:
         09:d6:70:a8:e6:8a:29:4b:5a:7a:5e:b6:bb:2a:bd:52:5a:0e:
         c9:a0:e4:c6:71:70:65:a1:c2:24:64:e3:e4:3c:46:15:56:d5:
         00:56:18:81:ca:84:db:ed:f5:1f:19:0b:22:c6:a9:db:21:1c:
         46:dd:05:0e:cd:6d:e9:b5:7f:2e:e5:8a:6e:e7:f0:a4:de:fc:
         8a:ad:c6:b8
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIDAUpbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYw
MTUwYjNhOTQxOTYyN2ZkYmNkYjY1ODBlODc4YTFjOWZhMGNjNTgwHhcNMjIwNDEz
MTQyODE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MDQ5OTYzN2FjOWIw
NTIwMTU4YzY2MTU5ZWFkOWQ5ZDI5YmUyY2ZjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlCEb9vUx3Py2KpPxLkthLvE37ilbpN/Vd2arHAzLFzw2HjcH
1V+CgRCTdrRmuPU2k9li036btW7GDLsvIGwzcephBoZ4TkFhFTKDrYb6nqlAU+Ff
mPpJvKC4n7+heFXjoQ/JoPWI3inbt9j9womAzSuukoQX5/DmrzgstJaY+zz5pWHh
DAzcxd925w7qePLfpmoMeN5kRnkP/huLlwt6T5ZpmSZCuF23S1PaBXqQm7BPPoDl
zUB6aQHtgE2mfIiHupWTKP4+5rt2bA8H199yexJvGc/OykUgJrQEakn1qqX/9Ng2
dENfMFYfkbK3miVaYf5B2Gcu8Jmmp4XMRcD5NwIDAQABo4ICHzCCAhswHQYDVR0O
BBYEFIBJljesmwUgFYxmFZ6tnZ0pviz8MB8GA1UdIwQYMBaAFPAVCzqUGWJ/2822
WA6HihyfoMxYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OEJVTE9wUVpZbl9iemJaWURvZUtISi1nekZnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iOC81NzUxNzItZjdhMi00ZTQzLTk2MmMtZWRjNWFiOTk1ZGJmLzEv
Z0VtV042eWJCU0FWakdZVm5xMmRuU20tTFB3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81
NzUxNzItZjdhMi00ZTQzLTk2MmMtZWRjNWFiOTk1ZGJmLzEvOEJVTE9wUVpZbl9i
emJaWURvZUtISi1nekZnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDUG
CCsGAQUFBwEHAQH/BCYwJDATBAIAATANMAsDAwFN8gMEAE3yCDANBAIAAjAHAwUA
KgJcQDANBgkqhkiG9w0BAQsFAAOCAQEANzpxEtmGJmCVpbzJdDKwFinTvtBCSQUU
K14vAGTIGteSQ41ck53DhrRLC+LMb4Ewn0UdHiTeh5xibdEBP1MGWlTYzy0FKV7f
TE8p3iYFRkhn7avj/ToqdBNpYuEUvfk/ZWNjcdvqnDDlQgTaQOtKftRtrBsyeJLE
TxGtd8e3Z+oztr8+YaQeaK7Xpgf8i9bLvLFNmjvV1vVGXQxcuzaO+P9tptbSkUNi
40FUQIsMN86u9V1wCdZwqOaKKUtael62uyq9UloOyaDkxnFwZaHCJGTj5DxGFVbV
AFYYgcqE2+31HxkLIsap2yEcRt0FDs1t6bV/LuWKbufwpN78iq3GuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:21 2024 by rpki-client on console-ams.rpki-client.org