Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/S9LAtRDfIbGhvmPWjqzxctk3xTQ.roa
File:                     S9LAtRDfIbGhvmPWjqzxctk3xTQ.roa (raw, json)
Hash identifier:          mQIM2zB53Vp40Qalwcdt78707oiLwzx1wjnoFYvAkss=
Subject key identifier:   4B:D2:C0:B5:10:DF:21:B1:A1:BE:63:D6:8E:AC:F1:72:D9:37:C5:34
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       057589C0
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/S9LAtRDfIbGhvmPWjqzxctk3xTQ.roa
Signing time:             Fri 28 Jan 2022 01:24:01 +0000
ROA not before:           Fri 28 Jan 2022 01:24:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        77.81.79.0/24 maxlen: 24
                          188.214.232.0/23 maxlen: 24
                          188.214.234.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91589056 (0x57589c0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Jan 28 01:24:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4bd2c0b510df21b1a1be63d68eacf172d937c534
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f9:c3:8b:bf:9e:9f:69:14:01:e5:65:17:25:
                    ee:db:8c:be:9f:f3:dc:f3:3e:b2:30:77:ea:be:93:
                    4a:f5:82:fb:a4:be:79:20:f8:f2:83:f2:3f:7d:f6:
                    5e:87:9b:3d:cd:6e:17:a4:0d:a2:4c:45:63:ed:c1:
                    81:b0:d7:26:c0:6c:8e:c7:ff:87:a1:0a:00:94:f6:
                    40:bb:21:d8:b3:f4:11:5c:5f:fa:9d:c1:7c:d1:67:
                    ba:41:60:56:69:06:b1:8e:6a:ca:1b:10:9f:3b:c3:
                    59:7d:a7:52:73:25:12:31:7d:ea:3b:dd:67:5a:63:
                    c3:95:f1:9b:f5:bf:2e:73:64:ee:05:6c:61:09:b4:
                    29:43:21:4c:66:76:df:58:de:d1:b0:8c:a1:57:32:
                    a1:6a:7b:92:10:87:13:55:1e:80:e1:c2:d6:38:26:
                    f2:62:63:c4:4c:17:c5:37:28:b7:9f:55:a6:c9:48:
                    bd:e0:3d:f8:30:9b:49:4e:9b:10:b1:3d:de:90:0d:
                    26:c5:26:bb:3e:b8:07:57:ea:41:d8:22:21:c9:ff:
                    93:98:76:e0:ed:22:c3:1a:1e:d5:27:92:e7:f9:d9:
                    f0:9b:f4:19:fe:fe:cd:f2:af:63:14:ea:7a:8d:68:
                    e8:90:a7:50:5c:ec:eb:45:9a:d7:0c:29:47:f5:d0:
                    91:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:D2:C0:B5:10:DF:21:B1:A1:BE:63:D6:8E:AC:F1:72:D9:37:C5:34
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/S9LAtRDfIbGhvmPWjqzxctk3xTQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.79.0/24
                  188.214.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5f:ec:28:a5:b8:31:c8:70:52:53:4a:7d:b9:1e:a4:da:f5:20:
         d4:81:49:a3:8c:7f:61:79:99:38:4b:65:65:a1:58:fc:25:2d:
         05:b6:11:08:94:26:ee:76:55:de:00:34:8b:c3:21:3b:7c:e9:
         e4:a0:28:80:17:ea:e0:dc:bb:f8:a0:eb:6b:51:e0:9e:89:4f:
         37:fb:c9:82:e9:05:0a:be:ad:9b:7d:e0:d0:31:c0:e5:b1:a5:
         a8:d8:16:d8:4a:8c:e1:f7:85:bd:95:ee:71:66:7c:c0:00:11:
         b3:b3:14:a1:bb:9e:16:be:aa:4a:c4:3c:09:b1:99:e5:42:67:
         21:41:b5:50:ed:4f:a5:6b:2c:af:63:8b:06:bc:63:2e:38:ae:
         d6:0e:b0:e2:12:72:e7:c9:a4:df:d5:31:1e:5d:b5:0a:5d:88:
         e1:fa:ac:82:4c:ab:bb:2f:fd:57:0b:3a:78:34:57:bc:93:e2:
         87:68:bf:67:2a:7e:17:9a:db:e6:67:07:3d:02:45:62:5c:22:
         0c:ec:8f:70:cb:46:d1:28:30:6d:71:03:4f:48:b2:18:50:07:
         5e:06:0e:61:f3:53:b2:49:a7:03:cc:f2:32:e1:9a:2b:3d:da:
         45:e5:62:e1:8d:ff:af:4a:12:42:47:72:d1:4c:c9:f2:61:a1:
         6d:24:eb:ee
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBXWJwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjJmMmU4NmRkN2NjOTEwMTY1OGZmOGQ1YTUyNDE0NDVmY2QxZDZhMB4XDTIyMDEy
ODAxMjQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJkMmMwYjUxMGRm
MjFiMWExYmU2M2Q2OGVhY2YxNzJkOTM3YzUzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH5w4u/np9pFAHlZRcl7tuMvp/z3PM+sjB36r6TSvWC+6S+
eSD48oPyP332XoebPc1uF6QNokxFY+3BgbDXJsBsjsf/h6EKAJT2QLsh2LP0EVxf
+p3BfNFnukFgVmkGsY5qyhsQnzvDWX2nUnMlEjF96jvdZ1pjw5Xxm/W/LnNk7gVs
YQm0KUMhTGZ231je0bCMoVcyoWp7khCHE1UegOHC1jgm8mJjxEwXxTcot59VpslI
veA9+DCbSU6bELE93pANJsUmuz64B1fqQdgiIcn/k5h24O0iwxoe1SeS5/nZ8Jv0
Gf7+zfKvYxTqeo1o6JCnUFzs60Wa1wwpR/XQkUECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRL0sC1EN8hsaG+Y9aOrPFy2TfFNDAfBgNVHSMEGDAWgBSvLy6G3XzJEBZY
/41aUkFEX80dajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J5OHVodDE4eVJBV1dQLU5XbEpCUkZfTkhXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvZTA4YjhlLWJmMjItNDM1Yy04YjFmLTQ2YmI3YWVjMWYzMC8x
L1M5TEF0UkRmSWJHaHZtUFdqcXp4Y3RrM3hUUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
ZTA4YjhlLWJmMjItNDM1Yy04YjFmLTQ2YmI3YWVjMWYzMC8xL3J5OHVodDE4eVJB
V1dQLU5XbEpCUkZfTkhXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAE1RTwMEArzW6DANBgkqhkiG9w0B
AQsFAAOCAQEAX+wopbgxyHBSU0p9uR6k2vUg1IFJo4x/YXmZOEtlZaFY/CUtBbYR
CJQm7nZV3gA0i8MhO3zp5KAogBfq4Ny7+KDra1HgnolPN/vJgukFCr6tm33g0DHA
5bGlqNgW2EqM4feFvZXucWZ8wAARs7MUobueFr6qSsQ8CbGZ5UJnIUG1UO1PpWss
r2OLBrxjLjiu1g6w4hJy58mk39UxHl21Cl2I4fqsgkyruy/9Vws6eDRXvJPih2i/
Zyp+F5rb5mcHPQJFYlwiDOyPcMtG0SgwbXEDT0iyGFAHXgYOYfNTskmnA8zyMuGa
Kz3aReVi4Y3/r0oSQkdy0UzJ8mGhbSTr7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org