Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-jSGNwtdL1sJmNRqfPzmswdOVyk.roa
File:                     1-jSGNwtdL1sJmNRqfPzmswdOVyk.roa (raw, json)
Hash identifier:          itGLa2xnE2kbFnaXJkEJilAWapUpyh/OP+fwA8Y79xA=
Subject key identifier:   FA:34:86:37:0B:5D:2F:5B:09:98:D4:6A:7C:FC:E6:B3:07:4E:57:29
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       38C55AD3
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-jSGNwtdL1sJmNRqfPzmswdOVyk.roa
Signing time:             Tue 17 May 2022 05:30:33 +0000
ROA not before:           Tue 17 May 2022 05:30:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209736
IP address blocks:        78.83.140.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 952457939 (0x38c55ad3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: May 17 05:30:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa3486370b5d2f5b0998d46a7cfce6b3074e5729
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:96:2d:de:f4:5f:f2:68:80:63:ed:12:b0:83:
                    9e:0d:8b:4f:46:c7:41:3f:27:1f:e8:76:44:f3:ec:
                    ff:83:5b:e5:ab:c5:29:d2:8b:08:5b:d4:95:dd:61:
                    9a:cd:7f:a8:aa:c7:2a:aa:7c:78:2a:95:1c:5f:14:
                    a1:31:b2:b4:86:eb:78:f3:45:7b:0f:47:f8:95:59:
                    87:03:40:3b:a3:1d:24:be:86:33:50:b2:17:20:77:
                    c9:a0:25:8c:9a:37:85:75:0b:6f:c9:da:cf:b7:c9:
                    8a:4b:98:5b:35:9e:c9:5a:02:c5:79:32:3f:6b:d7:
                    37:f3:28:59:1b:18:0b:1a:1e:20:48:05:41:46:af:
                    b6:d6:00:be:ba:ad:35:5b:f8:67:c9:78:53:19:4b:
                    d3:5b:72:2a:b5:a9:10:13:85:3d:db:55:86:cc:44:
                    01:68:d5:9d:66:47:e5:f4:02:64:92:83:59:21:1a:
                    d3:88:ae:bc:17:f4:57:8f:70:cf:4e:c3:0f:0f:b0:
                    24:e8:5f:1e:83:4f:24:3d:db:7f:f2:b8:ce:f8:ba:
                    44:b3:65:3b:71:d5:75:b4:dc:ac:c3:93:b4:ed:a4:
                    43:13:d2:75:ea:dd:0e:23:2d:e2:78:25:32:19:81:
                    da:9a:5a:0d:98:37:c0:b5:13:38:35:4d:85:ef:96:
                    02:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:34:86:37:0B:5D:2F:5B:09:98:D4:6A:7C:FC:E6:B3:07:4E:57:29
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-jSGNwtdL1sJmNRqfPzmswdOVyk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.83.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:10:24:50:a6:b7:93:1f:f9:b4:1f:75:31:74:2d:46:d2:83:
         11:9b:92:26:a2:be:a4:b3:a4:8c:9c:da:dc:e6:3b:65:b7:e7:
         77:0f:91:ed:96:69:fe:bc:1e:3a:ef:6a:b5:6c:a6:bb:fa:fc:
         90:10:ca:90:3d:bf:f9:0a:39:64:c9:94:09:9d:20:b7:07:c2:
         5c:6b:42:29:5d:d1:4e:6f:c2:08:76:57:d0:77:0e:35:f6:71:
         01:b6:99:d5:40:b6:c4:c5:fd:ef:82:93:ba:c2:9c:d4:bd:ea:
         40:88:28:c6:f9:30:4c:6c:2b:0c:a0:2f:c8:bf:d8:e0:6d:8d:
         13:33:bd:8b:fb:31:58:d4:64:c3:13:23:a4:ad:43:4f:5a:d6:
         cd:64:8c:22:c5:ac:dd:19:9f:fe:68:f0:1f:8d:8f:d0:22:96:
         36:a9:5e:df:2e:ad:b1:3a:78:a3:88:04:7b:8b:fb:bc:27:52:
         4d:11:a3:11:51:37:f8:34:d0:16:b9:df:13:bf:7a:2d:15:f3:
         a6:a0:29:f6:c9:10:da:8c:c5:37:db:03:bd:d4:66:54:e5:79:
         ac:34:ff:f4:b4:25:80:e5:ab:d5:5b:d4:7d:b9:b7:51:43:de:
         bc:78:14:d2:1c:64:9c:e2:ae:74:01:1f:22:4a:ac:47:c6:1a:
         a4:75:39:69
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEOMVa0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
NzA1MzAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmEzNDg2MzcwYjVk
MmY1YjA5OThkNDZhN2NmY2U2YjMwNzRlNTcyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2WLd70X/JogGPtErCDng2LT0bHQT8nH+h2RPPs/4Nb5avF
KdKLCFvUld1hms1/qKrHKqp8eCqVHF8UoTGytIbrePNFew9H+JVZhwNAO6MdJL6G
M1CyFyB3yaAljJo3hXULb8naz7fJikuYWzWeyVoCxXkyP2vXN/MoWRsYCxoeIEgF
QUavttYAvrqtNVv4Z8l4UxlL01tyKrWpEBOFPdtVhsxEAWjVnWZH5fQCZJKDWSEa
04iuvBf0V49wz07DDw+wJOhfHoNPJD3bf/K4zvi6RLNlO3HVdbTcrMOTtO2kQxPS
derdDiMt4nglMhmB2ppaDZg3wLUTODVNhe+WApcCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6NIY3C10vWwmY1Gp8/OazB05XKTAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
LzEtalNHTnd0ZEwxc0ptTlJxZlB6bXN3ZE9WeWsucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5
LzU0MWMwNS04ZDdkLTQyYjgtYWIwMC03ZmJiYWU2Zjk0MzcvMS9CVWpPM3hjQ250
bUtFSUVUeHNFSjdLek5ndXcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABOU4wwDQYJKoZIhvcNAQELBQAD
ggEBAHIQJFCmt5Mf+bQfdTF0LUbSgxGbkiaivqSzpIyc2tzmO2W353cPke2Waf68
HjrvarVsprv6/JAQypA9v/kKOWTJlAmdILcHwlxrQild0U5vwgh2V9B3DjX2cQG2
mdVAtsTF/e+Ck7rCnNS96kCIKMb5MExsKwygL8i/2OBtjRMzvYv7MVjUZMMTI6St
Q09a1s1kjCLFrN0Zn/5o8B+Nj9AiljapXt8urbE6eKOIBHuL+7wnUk0RoxFRN/g0
0Ba53xO/ei0V86agKfbJENqMxTfbA73UZlTleaw0//S0JYDlq9Vb1H25t1FD3rx4
FNIcZJzirnQBHyJKrEfGGqR1OWk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:06 2024 by rpki-client on console-fra.rpki-client.org