Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/FU42SqWiDUkjeyNsdvuUErhVguQ.roa
File:                     FU42SqWiDUkjeyNsdvuUErhVguQ.roa (raw, json)
Hash identifier:          h/oy4Y9PuE9T8jToPKhE4TgmMzSqyCWPPg8MupUDyuA=
Subject key identifier:   15:4E:36:4A:A5:A2:0D:49:23:7B:23:6C:76:FB:94:12:B8:55:82:E4
Certificate issuer:       /CN=e7f9a8a239683263e755e12c97d2d7a432d0b377
Certificate serial:       0762CD85
Authority key identifier: E7:F9:A8:A2:39:68:32:63:E7:55:E1:2C:97:D2:D7:A4:32:D0:B3:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/FU42SqWiDUkjeyNsdvuUErhVguQ.roa
Signing time:             Sat 01 Jan 2022 15:07:28 +0000
ROA not before:           Sat 01 Jan 2022 15:07:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     174
IP address blocks:        217.198.72.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123915653 (0x762cd85)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7f9a8a239683263e755e12c97d2d7a432d0b377
        Validity
            Not Before: Jan  1 15:07:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=154e364aa5a20d49237b236c76fb9412b85582e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:70:3a:b2:c2:9a:b4:e1:98:ee:c5:94:bd:22:
                    34:8d:d2:3d:05:01:65:a3:ed:a6:c1:20:42:f1:bf:
                    08:45:8d:c3:29:57:61:2b:44:cb:51:14:09:ea:06:
                    fe:09:c2:40:48:a1:fb:19:08:95:b3:2a:42:f6:c1:
                    b0:06:8e:3c:5e:95:8e:12:32:36:66:c6:a3:20:c1:
                    10:28:30:16:86:fa:bf:da:3d:0e:dd:a2:83:84:0a:
                    b1:44:e1:24:a2:6c:74:f0:1e:b3:f4:eb:9a:a0:a2:
                    2d:90:66:8c:65:02:05:6e:36:a5:29:52:e6:dd:b9:
                    45:e1:dd:18:b7:0e:4e:0a:4f:69:b8:60:c4:16:b3:
                    4c:61:97:f2:27:a6:22:09:b4:20:f1:cc:54:2f:aa:
                    72:1c:80:51:9a:15:01:d9:fc:ba:6c:0e:a9:80:4c:
                    9d:b1:07:50:61:e6:5b:df:da:d3:b0:35:e6:c0:a8:
                    af:5d:a5:a5:1b:e1:62:bd:2b:30:e9:7b:75:6e:b6:
                    c1:b4:cb:65:d8:d3:34:5a:a8:1d:5f:a9:69:78:42:
                    7a:af:0c:00:e2:ec:fa:3b:33:5a:8d:3d:d0:10:5f:
                    fc:bd:e5:5b:b2:92:f6:47:e9:1f:de:95:59:80:60:
                    7e:27:88:4a:1a:69:47:fd:aa:e9:52:e8:ce:1f:76:
                    fa:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:4E:36:4A:A5:A2:0D:49:23:7B:23:6C:76:FB:94:12:B8:55:82:E4
            X509v3 Authority Key Identifier:
                keyid:E7:F9:A8:A2:39:68:32:63:E7:55:E1:2C:97:D2:D7:A4:32:D0:B3:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/FU42SqWiDUkjeyNsdvuUErhVguQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/5_moojloMmPnVeEsl9LXpDLQs3c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.198.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         69:0c:30:67:60:ad:a7:09:24:75:d4:24:1f:e2:2c:04:95:9c:
         fe:7b:bf:c3:85:47:d5:33:1e:98:f6:cd:42:9a:a0:9a:1a:f6:
         21:3d:27:e1:6b:64:72:32:4b:1b:ad:f1:74:56:a9:02:3a:fc:
         40:c8:4a:70:fd:43:ef:67:ae:8f:3a:3e:7d:fe:fa:af:4a:3c:
         05:9d:5a:3d:55:bc:c8:e6:88:50:fc:a4:d3:96:9e:1f:3b:8e:
         ba:cc:44:a6:64:a2:1d:df:2d:a4:ed:cf:96:d9:74:94:04:05:
         ee:76:a6:87:9e:15:cf:0e:73:f0:c6:65:72:68:b5:9f:ec:76:
         bc:d4:54:8c:6d:06:b8:eb:94:6c:bf:94:b0:c7:cd:a9:53:33:
         0a:ff:cd:03:9b:61:c6:5a:8a:a6:91:0e:cb:43:61:80:0f:53:
         7c:37:b0:69:4f:db:e5:a1:1a:f8:d5:b5:99:ea:56:17:ef:e2:
         12:86:3c:4e:53:af:2e:bb:b2:9a:7b:53:a7:00:f0:8d:41:d5:
         c4:b6:28:01:25:b8:05:f8:e3:93:0f:b0:69:3d:92:3e:55:c9:
         bd:8c:4e:d7:c8:2f:96:3b:61:98:0c:0a:2b:7c:99:42:32:02:
         72:6d:00:ea:5f:4b:d5:b7:49:be:d1:ee:dc:27:87:e4:20:9b:
         89:42:e7:80
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB2LNhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Y5YThhMjM5NjgzMjYzZTc1NWUxMmM5N2QyZDdhNDMyZDBiMzc3MB4XDTIyMDEw
MTE1MDcyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTU0ZTM2NGFhNWEy
MGQ0OTIzN2IyMzZjNzZmYjk0MTJiODU1ODJlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhwOrLCmrThmO7FlL0iNI3SPQUBZaPtpsEgQvG/CEWNwylX
YStEy1EUCeoG/gnCQEih+xkIlbMqQvbBsAaOPF6VjhIyNmbGoyDBECgwFob6v9o9
Dt2ig4QKsUThJKJsdPAes/TrmqCiLZBmjGUCBW42pSlS5t25ReHdGLcOTgpPabhg
xBazTGGX8iemIgm0IPHMVC+qchyAUZoVAdn8umwOqYBMnbEHUGHmW9/a07A15sCo
r12lpRvhYr0rMOl7dW62wbTLZdjTNFqoHV+paXhCeq8MAOLs+jszWo090BBf/L3l
W7KS9kfpH96VWYBgfieIShppR/2q6VLozh92+isCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQVTjZKpaINSSN7I2x2+5QSuFWC5DAfBgNVHSMEGDAWgBTn+aiiOWgyY+dV
4SyX0tekMtCzdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVfbW9vamxvTW1QblZlRXNsOUxYcERMUXMzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvMjU0OGE0LTc3MTUtNDEzNC04MTMyLTJiZjBhM2JjYzRmMS8x
L0ZVNDJTcVdpRFVramV5TnNkdnVVRXJoVmd1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
MjU0OGE0LTc3MTUtNDEzNC04MTMyLTJiZjBhM2JjYzRmMS8xLzVfbW9vamxvTW1Q
blZlRXNsOUxYcERMUXMzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9nGSDANBgkqhkiG9w0BAQsFAAOC
AQEAaQwwZ2CtpwkkddQkH+IsBJWc/nu/w4VH1TMemPbNQpqgmhr2IT0n4WtkcjJL
G63xdFapAjr8QMhKcP1D72eujzo+ff76r0o8BZ1aPVW8yOaIUPyk05aeHzuOusxE
pmSiHd8tpO3Pltl0lAQF7namh54Vzw5z8MZlcmi1n+x2vNRUjG0GuOuUbL+UsMfN
qVMzCv/NA5thxlqKppEOy0NhgA9TfDewaU/b5aEa+NW1mepWF+/iEoY8TlOvLruy
mntTpwDwjUHVxLYoASW4Bfjjkw+waT2SPlXJvYxO18gvljthmAwKK3yZQjICcm0A
6l9L1bdJvtHu3CeH5CCbiULngA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:58 2024 by rpki-client on console-ams.rpki-client.org