Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/52e0bc-9629-4a20-a002-909209356b2f/1/JzVcfsNHlwKQpldJr_M1_xdToyM.roa
File:                     JzVcfsNHlwKQpldJr_M1_xdToyM.roa (raw, json)
Hash identifier:          yjFakFkXU62VKLa+Sbt2qEIqgQ00VTCkxzC5YUDL4KI=
Subject key identifier:   27:35:5C:7E:C3:47:97:02:90:A6:57:49:AF:F3:35:FF:17:53:A3:23
Certificate issuer:       /CN=700002e9cd2c74a0ef8b51b40d44d141a932d283
Certificate serial:       01FD0F
Authority key identifier: 70:00:02:E9:CD:2C:74:A0:EF:8B:51:B4:0D:44:D1:41:A9:32:D2:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cAAC6c0sdKDvi1G0DUTRQaky0oM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/52e0bc-9629-4a20-a002-909209356b2f/1/JzVcfsNHlwKQpldJr_M1_xdToyM.roa
Signing time:             Thu 24 Feb 2022 13:50:38 +0000
ROA not before:           Thu 24 Feb 2022 13:50:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13070
IP address blocks:        77.241.160.0/22 maxlen: 22
                          217.145.208.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 130319 (0x1fd0f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=700002e9cd2c74a0ef8b51b40d44d141a932d283
        Validity
            Not Before: Feb 24 13:50:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=27355c7ec347970290a65749aff335ff1753a323
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:61:50:1a:47:c4:e1:33:66:52:ba:ba:43:a3:
                    b8:98:64:e3:15:b3:2b:5a:fe:b0:be:d8:66:7c:f8:
                    c7:c1:db:dd:41:1b:72:a7:f7:eb:e8:62:d7:15:00:
                    01:77:d4:ff:b3:ad:43:04:0d:af:7a:46:7b:23:70:
                    2c:59:86:d6:a3:08:64:38:20:e7:0c:e7:be:7d:42:
                    9d:b4:53:90:3f:fc:06:46:cf:e4:12:d2:54:a4:04:
                    a1:2f:c1:14:be:fc:5d:cc:e2:ec:60:fd:50:e1:44:
                    13:10:67:b9:a2:71:bd:f7:63:9b:8c:ee:73:c0:0d:
                    77:35:fd:dc:fe:09:e5:f8:09:9e:80:a4:78:99:aa:
                    0a:8d:54:c3:2d:69:e9:88:b8:15:e8:ed:18:15:df:
                    f9:84:21:7a:f1:7a:20:97:cd:2b:9a:33:b0:a6:d1:
                    1c:ae:b7:4d:8d:d1:32:f5:66:5e:d0:ea:d9:e6:9a:
                    d1:41:fb:c6:d6:61:90:e1:10:26:15:43:88:68:6a:
                    ee:cb:f2:fb:2f:77:92:98:5a:09:c6:d7:1b:ed:ab:
                    63:0f:99:35:c7:c1:a5:80:70:91:f7:6c:45:db:8b:
                    37:c0:f9:f6:bf:bf:b1:04:bf:48:69:a2:8c:65:6f:
                    5c:2c:63:02:a2:62:6e:4c:e1:b6:42:eb:92:7f:ed:
                    ee:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:35:5C:7E:C3:47:97:02:90:A6:57:49:AF:F3:35:FF:17:53:A3:23
            X509v3 Authority Key Identifier:
                keyid:70:00:02:E9:CD:2C:74:A0:EF:8B:51:B4:0D:44:D1:41:A9:32:D2:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAAC6c0sdKDvi1G0DUTRQaky0oM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/52e0bc-9629-4a20-a002-909209356b2f/1/JzVcfsNHlwKQpldJr_M1_xdToyM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/52e0bc-9629-4a20-a002-909209356b2f/1/cAAC6c0sdKDvi1G0DUTRQaky0oM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.241.160.0/22
                  217.145.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b5:ac:b7:ff:c3:36:07:9d:57:cc:46:65:b2:24:12:97:3d:ba:
         f5:a0:9d:76:9b:89:54:f9:3c:89:1b:11:d6:3f:50:80:f9:76:
         fa:cf:bb:46:14:74:ca:d8:d1:3c:e2:8c:93:50:e6:02:27:b7:
         2e:13:58:63:d8:ba:11:d7:6e:1a:d2:fe:eb:0e:9f:81:f1:f5:
         56:7d:af:8e:20:b7:6c:29:0d:1a:45:53:4b:0f:3a:de:02:25:
         47:fc:28:17:ab:5e:fc:6b:0f:52:1c:6b:f8:27:01:ef:8e:5f:
         8c:ae:f7:c0:4d:24:e9:c1:d0:7b:11:dc:4e:9b:79:9f:26:86:
         48:d2:91:a2:c0:97:4d:47:a5:86:dd:4b:48:46:e2:5d:99:4f:
         0e:00:68:53:de:e8:e2:7b:51:ca:69:f2:b6:7f:54:39:dc:95:
         bf:ac:35:c2:23:82:7d:ae:63:e5:c9:30:d9:37:dd:fc:89:bc:
         b0:dd:ae:68:f2:6e:6b:fb:c8:0e:1f:5d:58:1d:d0:ab:64:8e:
         53:85:f5:72:c0:47:a9:d9:6d:4d:42:8c:8b:8e:54:2e:2a:9d:
         35:4d:9c:3f:59:12:6c:c6:88:ed:87:60:bd:e1:ef:10:83:bf:
         41:49:c6:92:cf:b3:57:77:c1:c9:04:18:0a:79:38:0a:50:58:
         9f:f7:1e:7f
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDAf0PMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcw
MDAwMmU5Y2QyYzc0YTBlZjhiNTFiNDBkNDRkMTQxYTkzMmQyODMwHhcNMjIwMjI0
MTM1MDM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyNzM1NWM3ZWMzNDc5
NzAyOTBhNjU3NDlhZmYzMzVmZjE3NTNhMzIzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzGFQGkfE4TNmUrq6Q6O4mGTjFbMrWv6wvthmfPjHwdvdQRty
p/fr6GLXFQABd9T/s61DBA2vekZ7I3AsWYbWowhkOCDnDOe+fUKdtFOQP/wGRs/k
EtJUpAShL8EUvvxdzOLsYP1Q4UQTEGe5onG992ObjO5zwA13Nf3c/gnl+AmegKR4
maoKjVTDLWnpiLgV6O0YFd/5hCF68Xogl80rmjOwptEcrrdNjdEy9WZe0OrZ5prR
QfvG1mGQ4RAmFUOIaGruy/L7L3eSmFoJxtcb7atjD5k1x8GlgHCR92xF24s3wPn2
v7+xBL9IaaKMZW9cLGMComJuTOG2QuuSf+3u+wIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFCc1XH7DR5cCkKZXSa/zNf8XU6MjMB8GA1UdIwQYMBaAFHAAAunNLHSg74tR
tA1E0UGpMtKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Y0FBQzZjMHNkS0R2aTFHMERVVFJRYWt5MG9NLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lNi81MmUwYmMtOTYyOS00YTIwLWEwMDItOTA5MjA5MzU2YjJmLzEv
SnpWY2ZzTkhsd0tRcGxkSnJfTTFfeGRUb3lNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81
MmUwYmMtOTYyOS00YTIwLWEwMDItOTA5MjA5MzU2YjJmLzEvY0FBQzZjMHNkS0R2
aTFHMERVVFJRYWt5MG9NLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTfGgAwQE2ZHQMA0GCSqGSIb3DQEB
CwUAA4IBAQC1rLf/wzYHnVfMRmWyJBKXPbr1oJ12m4lU+TyJGxHWP1CA+Xb6z7tG
FHTK2NE84oyTUOYCJ7cuE1hj2LoR124a0v7rDp+B8fVWfa+OILdsKQ0aRVNLDzre
AiVH/CgXq178aw9SHGv4JwHvjl+MrvfATSTpwdB7EdxOm3mfJoZI0pGiwJdNR6WG
3UtIRuJdmU8OAGhT3ujie1HKafK2f1Q53JW/rDXCI4J9rmPlyTDZN938ibyw3a5o
8m5r+8gOH11YHdCrZI5ThfVywEep2W1NQoyLjlQuKp01TZw/WRJsxojth2C94e8Q
g79BScaSz7NXd8HJBBgKeTgKUFif9x5/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:41 2024 by rpki-client on console-fra.rpki-client.org