Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/kEpSYEhiLnrM9SwbmNcoh_QgaBo.roa
File:                     kEpSYEhiLnrM9SwbmNcoh_QgaBo.roa (raw, json)
Hash identifier:          2kti/FkXV9bWj0usz8SV9waizxxBzpXMdAuZPOuDtxg=
Subject key identifier:   90:4A:52:60:48:62:2E:7A:CC:F5:2C:1B:98:D7:28:87:F4:20:68:1A
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       38AFC982
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/kEpSYEhiLnrM9SwbmNcoh_QgaBo.roa
Signing time:             Tue 17 May 2022 05:30:21 +0000
ROA not before:           Tue 17 May 2022 05:30:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56539
IP address blocks:        78.83.236.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 951044482 (0x38afc982)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: May 17 05:30:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=904a526048622e7accf52c1b98d72887f420681a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:3f:dd:ab:d3:96:57:a5:bf:2d:ac:82:f1:75:
                    bf:e6:c9:6b:12:3d:86:c6:b7:eb:91:d4:59:7d:a0:
                    f2:77:25:3e:c3:37:ad:f6:7f:07:37:19:6d:89:a5:
                    51:0e:1a:1b:7c:f4:7c:c1:46:7a:87:51:02:1e:88:
                    37:8a:0c:94:31:7f:9e:d3:d1:3a:c5:8f:7c:3e:a6:
                    54:4e:ce:55:71:0b:33:d2:8c:1a:93:09:39:32:3e:
                    14:87:73:57:5b:b0:fc:c8:e7:32:a3:fc:18:15:2a:
                    ad:3c:e1:17:15:f9:d9:b6:2d:6e:b1:d7:d3:89:0a:
                    40:14:bf:89:e4:86:cb:47:77:ba:4b:5b:bc:25:e2:
                    3c:ea:2e:79:dd:8d:0a:34:9e:74:00:9a:64:c2:df:
                    7f:93:4b:2b:23:fb:b3:b5:9e:d9:2a:75:bb:93:d4:
                    16:d7:51:c9:db:45:d6:0a:6e:c8:dc:f0:00:14:d2:
                    d1:ca:d4:ce:4e:dc:58:cb:9b:47:70:13:b9:7a:44:
                    a9:eb:02:7e:83:67:bf:fe:70:4a:77:c9:50:23:e0:
                    ec:b8:8f:33:bd:78:07:be:76:d6:b5:8d:4b:fb:a2:
                    98:55:15:11:33:c3:f7:aa:fc:88:64:a9:a0:55:5a:
                    b0:76:af:94:78:89:8e:53:71:7e:3c:2e:3e:32:37:
                    4b:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:4A:52:60:48:62:2E:7A:CC:F5:2C:1B:98:D7:28:87:F4:20:68:1A
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/kEpSYEhiLnrM9SwbmNcoh_QgaBo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.83.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:c1:ac:cd:9a:69:e7:56:3d:e7:97:51:09:f7:c8:f7:17:ec:
         b9:cc:51:c1:8e:cc:ab:cb:06:5b:a0:a8:d1:be:f5:26:5a:23:
         b6:48:68:83:a4:f6:d0:cc:23:f8:9a:37:de:b8:69:a9:8d:b6:
         bb:af:09:65:3e:a0:26:87:87:8b:e7:62:aa:88:95:3e:e8:4c:
         81:21:e0:6c:79:61:44:55:29:9a:d8:44:78:e6:40:85:2a:77:
         c4:ff:04:68:3f:eb:17:e9:ef:e2:30:c9:d1:33:47:c8:d2:dd:
         b5:e5:d2:80:e5:e5:cb:fc:4f:b1:ce:ad:e7:4b:82:b8:1f:7f:
         a6:8f:f5:fe:77:2c:61:a9:fb:b1:97:e7:72:c5:25:4f:1c:bb:
         1d:23:92:5a:1e:74:c7:c0:be:fa:09:f9:2e:b3:a3:1d:6d:5c:
         97:8b:35:ba:87:cf:a5:40:09:71:cc:a4:f4:7b:e3:a4:57:9a:
         77:33:14:fe:8d:34:6d:29:94:72:cf:02:03:b4:ff:54:fc:ab:
         2a:87:ef:84:f5:ca:76:da:0a:42:42:91:83:1f:4f:ce:70:88:
         b7:f4:18:0d:35:8e:e3:97:68:91:3a:f3:3c:70:45:33:a6:e4:
         ec:89:4e:92:55:a2:d7:6e:58:2f:53:e1:19:1e:2d:22:40:5e:
         16:88:68:fc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOK/JgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
NzA1MzAyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA0YTUyNjA0ODYy
MmU3YWNjZjUyYzFiOThkNzI4ODdmNDIwNjgxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0/3avTllelvy2sgvF1v+bJaxI9hsa365HUWX2g8nclPsM3
rfZ/BzcZbYmlUQ4aG3z0fMFGeodRAh6IN4oMlDF/ntPROsWPfD6mVE7OVXELM9KM
GpMJOTI+FIdzV1uw/MjnMqP8GBUqrTzhFxX52bYtbrHX04kKQBS/ieSGy0d3uktb
vCXiPOoued2NCjSedACaZMLff5NLKyP7s7We2Sp1u5PUFtdRydtF1gpuyNzwABTS
0crUzk7cWMubR3ATuXpEqesCfoNnv/5wSnfJUCPg7LiPM714B7521rWNS/uimFUV
ETPD96r8iGSpoFVasHavlHiJjlNxfjwuPjI3S0kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSQSlJgSGIuesz1LBuY1yiH9CBoGjAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
L2tFcFNZRWhpTG5yTTlTd2JtTmNvaF9RZ2FCby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRt
S0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE5T7DANBgkqhkiG9w0BAQsFAAOC
AQEAi8GszZpp51Y955dRCffI9xfsucxRwY7Mq8sGW6Co0b71Jlojtkhog6T20Mwj
+Jo33rhpqY22u68JZT6gJoeHi+diqoiVPuhMgSHgbHlhRFUpmthEeOZAhSp3xP8E
aD/rF+nv4jDJ0TNHyNLdteXSgOXly/xPsc6t50uCuB9/po/1/ncsYan7sZfncsUl
Txy7HSOSWh50x8C++gn5LrOjHW1cl4s1uofPpUAJccyk9HvjpFeadzMU/o00bSmU
cs8CA7T/VPyrKofvhPXKdtoKQkKRgx9PznCIt/QYDTWO45dokTrzPHBFM6bk7IlO
klWi125YL1PhGR4tIkBeFoho/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:07 2024 by rpki-client on console-fra.rpki-client.org