Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/7YxjQAhFU8QXvVkoOkgYb6NxRW4.roa
File:                     7YxjQAhFU8QXvVkoOkgYb6NxRW4.roa (raw, json)
Hash identifier:          7ku0O4ugsVUHhGiBXxh1FI6rA5Z0z0PmIBTwl1NcNz8=
Subject key identifier:   ED:8C:63:40:08:45:53:C4:17:BD:59:28:3A:48:18:6F:A3:71:45:6E
Certificate issuer:       /CN=4f0e77d9c6ff68dca68f05df8f4675ee7bdcb0bc
Certificate serial:       34050B1B
Authority key identifier: 4F:0E:77:D9:C6:FF:68:DC:A6:8F:05:DF:8F:46:75:EE:7B:DC:B0:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/7YxjQAhFU8QXvVkoOkgYb6NxRW4.roa
Signing time:             Sat 01 Jan 2022 02:52:47 +0000
ROA not before:           Sat 01 Jan 2022 02:52:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20912
IP address blocks:        212.66.96.0/19 maxlen: 24
                          77.39.216.0/22 maxlen: 24
                          185.109.188.0/22 maxlen: 24
                          85.119.176.0/21 maxlen: 24
                          77.39.192.0/20 maxlen: 24
                          2001:40d0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 872745755 (0x34050b1b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f0e77d9c6ff68dca68f05df8f4675ee7bdcb0bc
        Validity
            Not Before: Jan  1 02:52:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ed8c6340084553c417bd59283a48186fa371456e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:20:51:e9:41:ff:d2:8c:9f:44:47:5c:5d:7b:
                    bf:d4:b9:e8:fd:bc:b8:9e:30:bc:3a:9d:f4:9e:13:
                    f2:d5:3b:58:2c:dd:12:30:e9:9d:25:31:00:2b:07:
                    df:d5:f7:ee:53:2b:75:00:5b:49:6a:ee:78:4c:84:
                    68:33:c7:1e:02:37:15:cb:78:02:bf:15:24:a3:85:
                    39:77:86:0a:9a:f2:09:ae:30:13:e5:c9:f0:b7:09:
                    4c:14:b6:03:6d:75:27:f7:e6:aa:1e:a5:76:40:79:
                    ec:5e:08:91:bb:c7:d1:e0:32:e7:0c:73:9c:ce:ab:
                    03:3b:18:ac:25:a4:12:67:34:35:3f:27:55:e4:d2:
                    61:c5:00:30:11:83:dc:a0:02:df:31:f9:5b:f0:a2:
                    93:17:24:78:b7:5e:ed:84:a8:ca:d1:3e:fb:a0:73:
                    bf:c3:6e:74:f1:92:89:14:3a:4e:b2:6b:9b:10:27:
                    81:c8:8f:4d:1e:5c:f0:21:14:5c:0c:fc:05:17:40:
                    79:62:b8:0e:49:74:32:5e:7e:a3:9b:b2:62:50:48:
                    59:ec:90:5a:c8:f2:c0:d3:db:99:4a:22:2e:f4:9a:
                    cf:b1:1e:4d:fc:27:10:95:32:ad:e6:66:84:10:57:
                    b1:88:84:2d:9c:32:e6:00:f7:6f:05:25:a9:71:71:
                    7e:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:8C:63:40:08:45:53:C4:17:BD:59:28:3A:48:18:6F:A3:71:45:6E
            X509v3 Authority Key Identifier:
                keyid:4F:0E:77:D9:C6:FF:68:DC:A6:8F:05:DF:8F:46:75:EE:7B:DC:B0:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/7YxjQAhFU8QXvVkoOkgYb6NxRW4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/Tw532cb_aNymjwXfj0Z17nvcsLw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.39.192.0/20
                  77.39.216.0/22
                  85.119.176.0/21
                  185.109.188.0/22
                  212.66.96.0/19
                IPv6:
                  2001:40d0::/32

    Signature Algorithm: sha256WithRSAEncryption
         5d:0f:d1:30:e7:25:b3:b0:22:d2:8c:a8:f8:0b:41:c7:32:2a:
         92:b4:56:8c:5a:3a:e1:c8:b5:a5:48:c1:e9:a4:93:6d:ea:18:
         c3:6f:42:41:c0:f3:e5:08:7a:01:27:03:8f:c1:63:34:a3:b2:
         b6:0f:73:ed:65:e3:d7:df:90:59:e8:13:7b:4a:dc:85:6e:ed:
         b2:a1:18:ff:b4:16:55:28:72:91:d6:fb:e7:93:27:87:42:91:
         7a:87:c4:5d:18:4f:d9:3a:18:fe:2e:23:36:cd:bc:d2:de:9d:
         7e:01:60:76:7a:fa:7a:e6:2f:27:ab:3b:53:9c:d0:fa:fd:25:
         d0:66:6e:00:39:c3:9e:2c:41:62:cd:f8:fd:2a:71:97:b4:3c:
         bf:0e:94:45:5a:c2:f6:3d:b8:48:66:a8:ff:ec:83:bd:c0:0a:
         f5:8b:9b:14:60:00:83:23:7f:95:ec:bb:36:7c:f9:3f:80:e5:
         03:f5:ce:4e:1c:a7:f9:4f:5e:d4:ff:08:6e:2d:b2:d0:1f:62:
         46:11:1a:8e:a1:17:b9:9c:e2:5d:11:ff:fe:24:6a:31:74:be:
         c2:b4:dc:68:da:cf:92:f4:54:54:3f:ad:b2:d1:be:83:65:fa:
         81:2d:20:1e:5e:4d:cd:18:84:62:16:cd:05:cf:55:30:bd:c4:
         95:d4:d3:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIENAULGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjBlNzdkOWM2ZmY2OGRjYTY4ZjA1ZGY4ZjQ2NzVlZTdiZGNiMGJjMB4XDTIyMDEw
MTAyNTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQ4YzYzNDAwODQ1
NTNjNDE3YmQ1OTI4M2E0ODE4NmZhMzcxNDU2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKIgUelB/9KMn0RHXF17v9S56P28uJ4wvDqd9J4T8tU7WCzd
EjDpnSUxACsH39X37lMrdQBbSWrueEyEaDPHHgI3Fct4Ar8VJKOFOXeGCpryCa4w
E+XJ8LcJTBS2A211J/fmqh6ldkB57F4IkbvH0eAy5wxznM6rAzsYrCWkEmc0NT8n
VeTSYcUAMBGD3KAC3zH5W/CikxckeLde7YSoytE++6Bzv8NudPGSiRQ6TrJrmxAn
gciPTR5c8CEUXAz8BRdAeWK4Dkl0Ml5+o5uyYlBIWeyQWsjywNPbmUoiLvSaz7Ee
TfwnEJUyreZmhBBXsYiELZwy5gD3bwUlqXFxfqkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTtjGNACEVTxBe9WSg6SBhvo3FFbjAfBgNVHSMEGDAWgBRPDnfZxv9o3KaP
Bd+PRnXue9ywvDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R3NTMyY2JfYU55bWp3WGZqMFoxN252Y3NMdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvM2RjMjIyLTEyMDYtNDkyMi04ODkwLTQ1NWIxOWY3NjZjYy8x
LzdZeGpRQWhGVThRWHZWa29Pa2dZYjZOeFJXNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
M2RjMjIyLTEyMDYtNDkyMi04ODkwLTQ1NWIxOWY3NjZjYy8xL1R3NTMyY2JfYU55
bWp3WGZqMFoxN252Y3NMdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBE0nwAMEAk0n2AMEA1V3sAMEArlt
vAMEBdRCYDANBAIAAjAHAwUAIAFA0DANBgkqhkiG9w0BAQsFAAOCAQEAXQ/RMOcl
s7Ai0oyo+AtBxzIqkrRWjFo64ci1pUjB6aSTbeoYw29CQcDz5Qh6AScDj8FjNKOy
tg9z7WXj19+QWegTe0rchW7tsqEY/7QWVShykdb755Mnh0KReofEXRhP2ToY/i4j
Ns280t6dfgFgdnr6euYvJ6s7U5zQ+v0l0GZuADnDnixBYs34/Spxl7Q8vw6URVrC
9j24SGao/+yDvcAK9YubFGAAgyN/ley7Nnz5P4DlA/XOThyn+U9e1P8Ibi2y0B9i
RhEajqEXuZziXRH//iRqMXS+wrTcaNrPkvRUVD+tstG+g2X6gS0gHl5NzRiEYhbN
Bc9VML3EldTTRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:16 2024 by rpki-client on console-fra.rpki-client.org