Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/iEHVP1VzbBpZdtD99bpt_S7seoY.roa
File:                     iEHVP1VzbBpZdtD99bpt_S7seoY.roa (raw, json)
Hash identifier:          l1oUIHr3ciT+IguDU0UF3z/JIlrfB40gj1Wv9zxqisE=
Subject key identifier:   88:41:D5:3F:55:73:6C:1A:59:76:D0:FD:F5:BA:6D:FD:2E:EC:7A:86
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       0184ED5D8A5F1268EA6A9903C8DE75937937
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/iEHVP1VzbBpZdtD99bpt_S7seoY.roa
Signing time:             Wed 07 Dec 2022 16:14:01 +0000
ROA not before:           Wed 07 Dec 2022 16:14:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212609
IP address blocks:        89.42.215.0/24 maxlen: 24
                          77.81.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ed:5d:8a:5f:12:68:ea:6a:99:03:c8:de:75:93:79:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Dec  7 16:14:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8841d53f55736c1a5976d0fdf5ba6dfd2eec7a86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:71:f9:32:2c:a2:0f:87:9f:14:3f:8d:08:ad:
                    4e:f2:b6:a2:ee:6f:9a:2d:b9:2b:44:2c:f6:8a:05:
                    ba:2b:50:b6:23:93:7e:94:93:ba:27:b9:38:fc:7b:
                    4c:5f:00:36:d8:e7:21:2e:af:f6:7d:87:4f:d1:86:
                    50:59:b1:1e:97:02:1c:e3:43:70:f7:43:99:49:4b:
                    43:d2:e8:bf:60:88:fd:44:c1:d9:bc:f8:ec:f9:13:
                    32:eb:16:43:37:e1:bb:f6:d7:f5:27:55:a3:f6:f1:
                    19:92:d7:c0:4a:7b:5b:2a:ea:6b:67:5f:ab:c8:e6:
                    3f:70:f4:e3:4a:8b:d9:d1:7f:bc:d8:b8:58:15:ae:
                    db:d4:f1:ca:d4:31:3a:70:1e:26:6a:d3:19:18:c3:
                    ff:24:b6:d3:0c:93:c9:63:5f:f4:0f:11:1f:ff:56:
                    b6:c0:e8:5c:8d:b5:13:af:31:ce:89:96:10:8b:91:
                    8a:55:48:ee:50:f3:3f:e0:53:e2:8d:8d:30:c7:5a:
                    c0:05:31:07:9f:35:a7:d7:e9:59:61:20:54:6d:1b:
                    12:5b:94:ea:e5:82:09:80:ad:3b:f0:5f:8f:eb:f1:
                    27:6f:0f:82:49:31:12:9a:66:5f:d2:f9:82:fa:b9:
                    d2:00:a3:8a:c1:f4:36:77:6c:58:1f:ce:29:d8:1a:
                    1d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:41:D5:3F:55:73:6C:1A:59:76:D0:FD:F5:BA:6D:FD:2E:EC:7A:86
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/iEHVP1VzbBpZdtD99bpt_S7seoY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.1.0/24
                  89.42.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:13:e7:59:d3:2f:b8:8a:ec:f1:b5:73:b5:c8:3b:24:a9:c3:
         1e:3c:cd:ca:c8:38:15:75:19:27:10:75:90:95:6d:15:5e:e4:
         a9:31:20:3b:b0:4a:d7:23:02:9d:75:77:2c:6e:7a:ed:ef:c2:
         41:13:d9:80:9e:08:4e:8f:bb:55:9b:d5:e2:a8:88:7a:9c:ec:
         89:ed:9c:f0:6a:6a:25:b0:61:a3:f7:75:4d:63:fe:69:a0:16:
         dc:48:fc:28:c1:54:04:8c:0c:45:53:5d:f4:14:b2:fe:08:f6:
         09:17:68:ba:b4:8b:9f:c0:20:dc:42:e4:2b:81:c5:80:d8:c8:
         18:b5:0a:54:86:16:38:03:38:44:91:db:c9:cd:95:09:1b:fb:
         70:4f:1b:f1:a1:92:af:ad:68:aa:97:82:c1:12:67:bd:0c:f0:
         cc:f8:5d:53:b0:fe:c6:05:07:a3:c7:f6:78:f8:d7:ce:52:da:
         f4:5b:50:fe:c7:df:81:7a:96:64:ee:ee:4e:39:ce:52:0a:19:
         cf:83:1e:75:c0:35:03:19:7c:89:6d:fb:33:3f:1e:96:43:2e:
         99:d9:6e:26:a9:fb:2f:9a:dd:98:95:5a:9c:00:16:57:9f:58:
         9c:4f:df:bf:2e:d1:0b:64:e9:15:c5:98:e9:b1:15:58:d9:a7:
         bf:81:8c:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTtXYpfEmjqapkDyN51k3k3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjIxMjA3MTYxNDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODQxZDUzZjU1NzM2YzFhNTk3NmQwZmRmNWJhNmRmZDJlZWM3YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXH5MiyiD4efFD+NCK1O8rai7m+a
LbkrRCz2igW6K1C2I5N+lJO6J7k4/HtMXwA22OchLq/2fYdP0YZQWbEelwIc40Nw
90OZSUtD0ui/YIj9RMHZvPjs+RMy6xZDN+G79tf1J1Wj9vEZktfASntbKuprZ1+r
yOY/cPTjSovZ0X+82LhYFa7b1PHK1DE6cB4matMZGMP/JLbTDJPJY1/0DxEf/1a2
wOhcjbUTrzHOiZYQi5GKVUjuUPM/4FPijY0wx1rABTEHnzWn1+lZYSBUbRsSW5Tq
5YIJgK078F+P6/Enbw+CSTESmmZf0vmC+rnSAKOKwfQ2d2xYH84p2Bod4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIhB1T9Vc2waWXbQ/fW6bf0u7HqGMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvaUVIVlAxVnpiQnBaZHREOTlicHRfUzdzZW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVEBAwQA
WSrXMA0GCSqGSIb3DQEBCwUAA4IBAQByE+dZ0y+4iuzxtXO1yDskqcMePM3KyDgV
dRknEHWQlW0VXuSpMSA7sErXIwKddXcsbnrt78JBE9mAnghOj7tVm9XiqIh6nOyJ
7ZzwamolsGGj93VNY/5poBbcSPwowVQEjAxFU130FLL+CPYJF2i6tIufwCDcQuQr
gcWA2MgYtQpUhhY4AzhEkdvJzZUJG/twTxvxoZKvrWiql4LBEme9DPDM+F1TsP7G
BQejx/Z4+NfOUtr0W1D+x9+BepZk7u5OOc5SChnPgx51wDUDGXyJbfszPx6WQy6Z
2W4mqfsvmt2YlVqcABZXn1icT9+/LtELZOkVxZjpsRVY2ae/gYyK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org