Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/jedtNSGbJymFs6-y-QyHkzUrkRI.roa
File:                     jedtNSGbJymFs6-y-QyHkzUrkRI.roa (raw, json)
Hash identifier:          ngfxxFanpk2fm7/60M8uHKsn8dSBXVL/PbT71CQQUK4=
Subject key identifier:   8D:E7:6D:35:21:9B:27:29:85:B3:AF:B2:F9:0C:87:93:35:2B:91:12
Certificate issuer:       /CN=bbba8eccd97e96189ff6e33cf110a6c9a477459c
Certificate serial:       028113E3
Authority key identifier: BB:BA:8E:CC:D9:7E:96:18:9F:F6:E3:3C:F1:10:A6:C9:A4:77:45:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/jedtNSGbJymFs6-y-QyHkzUrkRI.roa
Signing time:             Sat 01 Jan 2022 08:01:30 +0000
ROA not before:           Sat 01 Jan 2022 08:01:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9121
IP address blocks:        77.72.184.0/24 maxlen: 24
                          77.72.185.0/24 maxlen: 24
                          77.72.186.0/24 maxlen: 24
                          77.72.187.0/24 maxlen: 24
                          77.72.188.0/24 maxlen: 24
                          77.72.189.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 42013667 (0x28113e3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbba8eccd97e96189ff6e33cf110a6c9a477459c
        Validity
            Not Before: Jan  1 08:01:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8de76d35219b272985b3afb2f90c8793352b9112
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:fe:72:62:a2:56:68:d0:56:b8:cf:95:87:18:
                    72:08:14:a8:e3:7f:3f:99:24:3c:76:33:c8:e0:1c:
                    4f:f1:19:f5:c7:98:21:e8:4c:94:25:16:81:bd:ea:
                    47:de:72:e4:dd:80:3f:11:3a:52:2e:34:e6:11:11:
                    c3:01:48:95:ec:02:3b:8f:db:b4:90:94:5a:77:ef:
                    00:59:cf:85:ae:e1:e3:b4:a9:9f:30:40:cb:e4:25:
                    a7:ba:75:bb:f3:b1:02:45:2b:2b:5a:1a:70:b0:38:
                    68:e8:4f:78:df:ae:10:4c:1f:77:28:c9:fd:94:23:
                    c0:2f:ff:31:8e:9d:29:14:5e:8e:c5:fc:40:b9:20:
                    3c:8f:b7:3a:cd:68:6d:b0:13:de:52:d5:df:26:e1:
                    4e:f8:93:50:18:7b:eb:fb:69:ce:1e:70:99:3b:7c:
                    c2:71:ff:06:e8:9b:92:d4:fe:fb:5a:39:da:85:7b:
                    d7:02:7e:dc:42:1b:5f:00:f8:3c:5d:7e:c5:d2:81:
                    2f:75:f8:01:cf:bf:85:0d:e9:ff:3e:d8:9f:e3:e8:
                    da:1f:d7:2d:9e:2a:8d:13:c4:b2:86:f8:9a:a6:61:
                    76:e3:ae:1f:a1:29:bf:0d:b9:90:c8:22:6e:fa:3c:
                    e5:2a:46:77:cc:33:2b:78:bd:4f:d8:b9:1c:98:23:
                    41:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:E7:6D:35:21:9B:27:29:85:B3:AF:B2:F9:0C:87:93:35:2B:91:12
            X509v3 Authority Key Identifier:
                keyid:BB:BA:8E:CC:D9:7E:96:18:9F:F6:E3:3C:F1:10:A6:C9:A4:77:45:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/jedtNSGbJymFs6-y-QyHkzUrkRI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.72.184.0-77.72.189.255

    Signature Algorithm: sha256WithRSAEncryption
         03:a5:fb:b7:da:8a:69:cd:ee:b9:e0:f3:8f:01:18:a5:45:cc:
         38:ea:ba:24:86:74:93:3b:4c:12:32:26:4e:31:79:01:7b:cd:
         08:86:a4:4e:88:9f:c8:b9:23:27:5d:af:f9:f2:6e:db:e7:4e:
         b5:69:4e:e4:11:f1:91:70:97:95:96:a5:31:f7:bc:37:f4:04:
         ab:73:63:ea:34:67:6a:b3:96:a2:b2:c9:d8:49:4f:1b:3e:a5:
         c5:09:ac:a2:41:aa:1f:31:a4:44:41:86:d6:87:ad:a8:f2:6a:
         bd:c5:4b:a8:0a:a0:99:0e:d7:bf:c4:22:00:6f:ce:45:d7:5f:
         8b:4b:ae:11:2d:86:15:91:48:c8:e0:50:20:2d:c9:fe:45:d6:
         be:96:a7:5d:9f:ef:74:35:4e:38:27:52:de:85:52:1d:e5:1b:
         28:9a:fc:e6:9c:78:f7:f3:74:ec:ab:ef:61:84:5d:2c:2e:01:
         5b:dc:4a:60:9a:c2:1b:ec:64:a5:7d:8b:34:cc:22:d4:68:70:
         6b:8b:d5:c4:ff:36:21:32:f0:95:55:87:1b:b5:80:cc:9f:06:
         63:7c:44:f5:64:12:e5:c5:ed:37:1c:30:e5:21:a7:8d:a8:85:
         57:c6:c3:6d:6b:75:4e:3b:41:52:dd:fd:a5:d4:93:c6:cc:c7:
         ad:8c:67:0c
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAoET4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmJhOGVjY2Q5N2U5NjE4OWZmNmUzM2NmMTEwYTZjOWE0Nzc0NTljMB4XDTIyMDEw
MTA4MDEzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRlNzZkMzUyMTli
MjcyOTg1YjNhZmIyZjkwYzg3OTMzNTJiOTExMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7+cmKiVmjQVrjPlYcYcggUqON/P5kkPHYzyOAcT/EZ9ceY
IehMlCUWgb3qR95y5N2APxE6Ui405hERwwFIlewCO4/btJCUWnfvAFnPha7h47Sp
nzBAy+Qlp7p1u/OxAkUrK1oacLA4aOhPeN+uEEwfdyjJ/ZQjwC//MY6dKRRejsX8
QLkgPI+3Os1obbAT3lLV3ybhTviTUBh76/tpzh5wmTt8wnH/BuibktT++1o52oV7
1wJ+3EIbXwD4PF1+xdKBL3X4Ac+/hQ3p/z7Yn+Po2h/XLZ4qjRPEsob4mqZhduOu
H6Epvw25kMgibvo85SpGd8wzK3i9T9i5HJgjQcECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSN5201IZsnKYWzr7L5DIeTNSuREjAfBgNVHSMEGDAWgBS7uo7M2X6WGJ/2
4zzxEKbJpHdFnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U3cU96TmwtbGhpZjl1TTg4UkNteWFSM1Jady5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvYjlkYWI4LWQwODQtNGI3My05OWIyLWVlNWI1MTY4YmYyZi8x
L2plZHROU0diSnltRnM2LXktUXlIa3pVcmtSSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
YjlkYWI4LWQwODQtNGI3My05OWIyLWVlNWI1MTY4YmYyZi8xL3U3cU96TmwtbGhp
Zjl1TTg4UkNteWFSM1Jady5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDTUi4AwQBTUi8MA0GCSqGSIb3
DQEBCwUAA4IBAQADpfu32oppze654POPARilRcw46rokhnSTO0wSMiZOMXkBe80I
hqROiJ/IuSMnXa/58m7b5061aU7kEfGRcJeVlqUx97w39ASrc2PqNGdqs5aissnY
SU8bPqXFCayiQaofMaREQYbWh62o8mq9xUuoCqCZDte/xCIAb85F11+LS64RLYYV
kUjI4FAgLcn+Rda+lqddn+90NU44J1LehVId5RsomvzmnHj383Tsq+9hhF0sLgFb
3EpgmsIb7GSlfYs0zCLUaHBri9XE/zYhMvCVVYcbtYDMnwZjfET1ZBLlxe03HDDl
IaeNqIVXxsNta3VOO0FS3f2l1JPGzMetjGcM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:13 2024 by rpki-client on console-fra.rpki-client.org