Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/UCj6vtSt-TEMceVtoUVIhRVUpC8.roa
File:                     UCj6vtSt-TEMceVtoUVIhRVUpC8.roa (raw, json)
Hash identifier:          tW0FVrsniauWXzd3KDg+DO7SEAjYztCBvbP/XWaUSuY=
Subject key identifier:   50:28:FA:BE:D4:AD:F9:31:0C:71:E5:6D:A1:45:48:85:15:54:A4:2F
Certificate issuer:       /CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Certificate serial:       011160
Authority key identifier: D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/UCj6vtSt-TEMceVtoUVIhRVUpC8.roa
Signing time:             Wed 18 May 2022 13:13:16 +0000
ROA not before:           Wed 18 May 2022 13:13:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1942
IP address blocks:        152.77.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69984 (0x11160)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
        Validity
            Not Before: May 18 13:13:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5028fabed4adf9310c71e56da14548851554a42f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:3c:d2:72:a6:10:1e:e3:2a:a4:15:b2:92:f4:
                    8a:24:8a:79:c2:c3:a0:2c:7f:06:28:03:82:b1:ae:
                    fa:a4:81:4d:b0:3f:da:f2:cf:24:2e:a8:f1:33:95:
                    32:18:d3:d2:53:14:17:25:b0:4c:cc:8a:13:a7:6e:
                    ba:04:27:36:64:65:37:2c:30:3d:07:1a:71:27:cb:
                    7d:d1:4d:16:ff:63:a9:a4:89:7c:39:15:2d:84:55:
                    57:2a:8d:cd:ed:59:78:c9:46:0c:dd:1a:81:5b:2f:
                    18:8b:18:c9:64:43:0f:00:bf:c3:ce:99:0a:c5:97:
                    bf:1e:22:64:c6:94:73:ac:cb:d0:fe:ae:c5:60:3b:
                    34:7a:c5:e8:3d:a3:52:4c:70:17:80:ec:c8:44:53:
                    5a:fd:8c:a3:19:1a:e9:ec:fc:7c:8a:40:64:ec:96:
                    7f:05:9d:47:4d:61:b7:b6:fa:99:40:22:6d:72:a5:
                    19:21:9e:69:99:28:33:83:aa:d0:b4:58:b2:b1:59:
                    35:df:ec:0c:9f:a8:5a:27:9b:d3:fb:69:3e:46:b4:
                    b4:9b:5b:01:05:db:9e:7d:58:d8:02:cc:e8:aa:f8:
                    56:86:dc:a3:ad:c5:ec:51:2b:a6:25:ff:62:ec:13:
                    19:61:2d:31:f6:15:7a:69:5b:13:58:e0:45:f8:da:
                    7f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:28:FA:BE:D4:AD:F9:31:0C:71:E5:6D:A1:45:48:85:15:54:A4:2F
            X509v3 Authority Key Identifier:
                keyid:D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/UCj6vtSt-TEMceVtoUVIhRVUpC8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/156keuFhy7Pa75d4lzDXDEy6idA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.77.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         87:5d:5d:4b:24:c8:49:23:db:79:51:a4:8a:d4:f9:c3:d8:54:
         5b:7d:90:89:fc:85:ca:7d:d1:f0:d8:d8:84:a3:1a:98:86:02:
         66:78:b9:cc:25:b5:13:3b:0f:ca:4b:de:c9:8e:ab:0d:8a:2f:
         c7:79:fc:05:dc:f3:09:fb:39:4f:3b:dd:35:3a:ba:23:2c:84:
         7a:46:24:4a:64:e7:15:40:6d:bf:ca:10:fb:b3:18:4c:ff:1a:
         b2:0f:0c:fc:f4:ab:74:ec:ed:ac:be:f8:be:ef:b3:7b:31:5c:
         00:e4:10:7f:f8:c1:d3:fb:89:48:1a:78:d7:32:a0:c2:9c:df:
         13:85:76:f3:f6:76:57:75:1b:73:d2:f1:43:88:ad:c4:7b:32:
         18:34:f6:da:d4:30:17:de:fe:9c:20:14:03:db:c1:47:e0:38:
         3f:7f:97:06:b3:5f:e6:8c:59:d5:c7:64:60:d6:8b:62:90:26:
         9f:50:94:bb:a4:d7:fb:e5:b2:72:de:13:23:c8:f6:b6:8a:56:
         25:63:bf:e9:53:56:42:27:e7:53:0a:8f:a7:89:64:9e:01:42:
         c7:74:4e:53:1d:45:0d:10:f5:69:40:85:f2:7c:7b:c9:40:23:
         06:26:af:55:e5:0d:e2:2e:f6:ee:17:fe:1c:ff:cd:a7:40:3b:
         87:8b:9e:96
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgIDARFgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ3
OWVhNDdhZTE2MWNiYjNkYWVmOTc3ODk3MzBkNzBjNGNiYTg5ZDAwHhcNMjIwNTE4
MTMxMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1MDI4ZmFiZWQ0YWRm
OTMxMGM3MWU1NmRhMTQ1NDg4NTE1NTRhNDJmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkzzScqYQHuMqpBWykvSKJIp5wsOgLH8GKAOCsa76pIFNsD/a
8s8kLqjxM5UyGNPSUxQXJbBMzIoTp266BCc2ZGU3LDA9BxpxJ8t90U0W/2OppIl8
ORUthFVXKo3N7Vl4yUYM3RqBWy8YixjJZEMPAL/DzpkKxZe/HiJkxpRzrMvQ/q7F
YDs0esXoPaNSTHAXgOzIRFNa/YyjGRrp7Px8ikBk7JZ/BZ1HTWG3tvqZQCJtcqUZ
IZ5pmSgzg6rQtFiysVk13+wMn6haJ5vT+2k+RrS0m1sBBduefVjYAszoqvhWhtyj
rcXsUSumJf9i7BMZYS0x9hV6aVsTWOBF+Np/jwIDAQABo4ICCDCCAgQwHQYDVR0O
BBYEFFAo+r7UrfkxDHHlbaFFSIUVVKQvMB8GA1UdIwQYMBaAFNeepHrhYcuz2u+X
eJcw1wxMuonQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMtM2MzZTUwZGRhNmNjLzEv
VUNqNnZ0U3QtVEVNY2VWdG9VVkloUlZVcEM4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9k
OWNiNDEtMWMzYi00NmFiLWE5OTMtM2MzZTUwZGRhNmNjLzEvMTU2a2V1Rmh5N1Bh
NzVkNGx6RFhERXk2aWRBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4G
CCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmE0wDQYJKoZIhvcNAQELBQADggEB
AIddXUskyEkj23lRpIrU+cPYVFt9kIn8hcp90fDY2ISjGpiGAmZ4ucwltRM7D8pL
3smOqw2KL8d5/AXc8wn7OU873TU6uiMshHpGJEpk5xVAbb/KEPuzGEz/GrIPDPz0
q3Ts7ay++L7vs3sxXADkEH/4wdP7iUgaeNcyoMKc3xOFdvP2dld1G3PS8UOIrcR7
Mhg09trUMBfe/pwgFAPbwUfgOD9/lwazX+aMWdXHZGDWi2KQJp9QlLuk1/vlsnLe
EyPI9raKViVjv+lTVkIn51MKj6eJZJ4BQsd0TlMdRQ0Q9WlAhfJ8e8lAIwYmr1Xl
DeIu9u4X/hz/zadAO4eLnpY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org