Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jV0PtRPBE2j6jgMEtb4U-1cU1wI.roa
File:                     jV0PtRPBE2j6jgMEtb4U-1cU1wI.roa (raw, json)
Hash identifier:          8F8xju7Bmd4LB1i1O3QZ+CHr1shEcc8u5rA+wLKalAY=
Subject key identifier:   8D:5D:0F:B5:13:C1:13:68:FA:8E:03:04:B5:BE:14:FB:57:14:D7:02
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0182EA1870A52607B82BF234B74CA116337C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jV0PtRPBE2j6jgMEtb4U-1cU1wI.roa
Signing time:             Mon 29 Aug 2022 14:54:06 +0000
ROA not before:           Mon 29 Aug 2022 14:54:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        83.219.96.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ea:18:70:a5:26:07:b8:2b:f2:34:b7:4c:a1:16:33:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Aug 29 14:54:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8d5d0fb513c11368fa8e0304b5be14fb5714d702
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e9:be:6f:ea:6b:e1:79:c3:d3:34:54:c1:39:
                    9f:50:99:c6:b6:99:a4:0c:b9:6a:5a:18:dc:af:22:
                    7e:f4:57:cf:17:b5:71:c1:db:bd:a9:a7:21:b9:23:
                    6f:0a:a0:e0:3c:bf:bd:35:d2:76:c6:38:bd:9a:f8:
                    77:f7:a0:a8:3f:4b:5d:90:7e:fc:fe:12:53:c6:27:
                    99:bb:7b:57:f0:2e:0e:5c:03:91:ca:40:4c:43:5b:
                    1e:24:6c:1f:84:9e:c6:df:09:c0:23:62:ed:9d:b3:
                    5c:10:41:13:29:b4:2a:ce:d2:68:9f:1d:af:aa:4d:
                    fd:fe:bf:0a:e6:cb:77:fe:1b:33:c2:73:6a:66:0a:
                    e3:aa:0d:27:02:7b:22:54:c2:c4:18:65:73:3f:b8:
                    09:be:b4:29:20:7d:0f:c2:3c:1c:53:01:48:69:13:
                    c7:7c:41:41:25:0c:48:74:83:67:21:da:ad:1d:9e:
                    52:bc:55:9a:c9:88:f1:01:2b:6a:26:4a:c3:98:48:
                    30:c9:07:18:66:6e:b2:60:b7:48:51:1a:96:f8:8e:
                    35:c5:44:20:e6:63:5d:41:fb:8b:f1:33:b6:c0:d6:
                    80:c4:7a:70:1f:35:47:16:4a:d7:86:a5:e2:21:a5:
                    88:23:54:85:ab:9e:5e:7a:dd:b7:2b:3b:13:c8:53:
                    bd:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:5D:0F:B5:13:C1:13:68:FA:8E:03:04:B5:BE:14:FB:57:14:D7:02
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jV0PtRPBE2j6jgMEtb4U-1cU1wI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.219.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:79:e8:b1:46:07:5f:8a:ee:6d:ab:44:f8:63:de:73:b4:34:
         80:39:9d:39:6c:be:c7:c5:ad:8c:98:51:c2:c0:15:16:62:5a:
         fa:b5:b3:af:92:46:4f:1a:88:3a:03:f3:8f:b7:1c:8b:fb:e7:
         71:d5:c2:6d:7b:9d:a0:5d:c5:73:cf:7a:aa:fa:79:e8:bc:15:
         dd:69:43:62:c9:3f:d7:3e:cb:ad:ff:9f:0c:d7:82:99:62:92:
         e6:bd:a3:59:ea:b0:c9:be:10:b1:6c:69:7b:59:88:04:bb:48:
         b0:e3:2b:4c:fb:9a:01:15:77:75:3f:be:a9:52:10:f8:49:9a:
         f1:15:25:42:a0:36:8e:db:47:5f:3b:0e:ec:10:68:01:3b:e9:
         c4:e2:38:f9:10:04:bc:5d:39:91:fa:89:30:ac:1a:31:95:20:
         b2:d9:cd:6a:ce:d2:5c:b5:70:17:5e:41:51:a7:26:2b:98:09:
         7f:61:d0:1e:fc:d5:08:28:85:e4:90:e0:f4:24:14:07:1b:0f:
         73:61:58:cf:db:7e:73:77:33:cc:b0:e8:82:95:5e:45:4f:31:
         d9:86:55:fc:69:7a:9c:13:6d:b6:f8:f4:79:45:ce:e2:6f:b6:
         64:d7:85:89:18:d1:cd:a1:32:f7:95:a2:c2:9c:19:b4:15:28:
         ff:7c:a1:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLqGHClJge4K/I0t0yhFjN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODI5MTQ1NDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDVkMGZiNTEzYzExMzY4ZmE4ZTAzMDRiNWJlMTRmYjU3MTRkNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArem+b+pr4XnD0zRUwTmfUJnGtpmk
DLlqWhjcryJ+9FfPF7Vxwdu9qachuSNvCqDgPL+9NdJ2xji9mvh396CoP0tdkH78
/hJTxieZu3tX8C4OXAORykBMQ1seJGwfhJ7G3wnAI2LtnbNcEEETKbQqztJonx2v
qk39/r8K5st3/hszwnNqZgrjqg0nAnsiVMLEGGVzP7gJvrQpIH0PwjwcUwFIaRPH
fEFBJQxIdINnIdqtHZ5SvFWayYjxAStqJkrDmEgwyQcYZm6yYLdIURqW+I41xUQg
5mNdQfuL8TO2wNaAxHpwHzVHFkrXhqXiIaWII1SFq55eet23KzsTyFO92wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI1dD7UTwRNo+o4DBLW+FPtXFNcCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvalYwUHRSUEJFMmo2amdNRXRiNFUtMWNVMXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU9tgMA0G
CSqGSIb3DQEBCwUAA4IBAQBWeeixRgdfiu5tq0T4Y95ztDSAOZ05bL7Hxa2MmFHC
wBUWYlr6tbOvkkZPGog6A/OPtxyL++dx1cJte52gXcVzz3qq+nnovBXdaUNiyT/X
Psut/58M14KZYpLmvaNZ6rDJvhCxbGl7WYgEu0iw4ytM+5oBFXd1P76pUhD4SZrx
FSVCoDaO20dfOw7sEGgBO+nE4jj5EAS8XTmR+okwrBoxlSCy2c1qztJctXAXXkFR
pyYrmAl/YdAe/NUIKIXkkOD0JBQHGw9zYVjP235zdzPMsOiClV5FTzHZhlX8aXqc
E222+PR5Rc7ib7Zk14WJGNHNoTL3laLCnBm0FSj/fKH8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:17 2024 by rpki-client on console-fra.rpki-client.org