Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/SCg3mRZpcKznDlOvYJ2VdH14kqc.roa
File:                     SCg3mRZpcKznDlOvYJ2VdH14kqc.roa (raw, json)
Hash identifier:          tLLc/TEYAktWpQYeQkCSvrb55hb5cb40tNamNbuAva4=
Subject key identifier:   48:28:37:99:16:69:70:AC:E7:0E:53:AF:60:9D:95:74:7D:78:92:A7
Certificate issuer:       /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial:       379304CD
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/SCg3mRZpcKznDlOvYJ2VdH14kqc.roa
Signing time:             Sat 01 Jan 2022 12:57:44 +0000
ROA not before:           Sat 01 Jan 2022 12:57:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15982
IP address blocks:        213.244.231.0/24 maxlen: 24
                          213.244.230.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 932381901 (0x379304cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
        Validity
            Not Before: Jan  1 12:57:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48283799166970ace70e53af609d95747d7892a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:5f:43:9d:09:af:2e:f1:75:c2:bc:37:17:b2:
                    85:42:b2:b7:40:29:0a:48:b4:d2:a8:8e:b0:1e:46:
                    2c:2e:5e:f3:11:62:b0:cb:99:ed:fc:84:8f:20:f5:
                    3a:3d:e2:e9:33:d1:1e:2c:8e:19:71:f8:2e:bf:cf:
                    88:ef:77:86:a6:80:db:bc:82:5e:42:40:f9:b5:8e:
                    f4:48:f4:3f:4c:72:8e:5a:56:e2:5f:c5:f6:48:77:
                    85:7f:f5:59:bb:0c:e5:ba:43:f6:9b:8d:cf:70:08:
                    bf:bd:04:08:c2:91:22:e5:10:aa:8f:de:57:19:c8:
                    96:65:ef:6f:97:47:bf:be:af:61:05:25:a1:02:59:
                    62:af:89:ad:20:49:6a:0c:e6:d4:67:44:4d:22:41:
                    f8:21:96:87:8b:3c:9d:d2:c7:68:1e:13:30:e7:0d:
                    9f:01:13:c8:b0:98:7b:72:dc:22:36:82:27:11:46:
                    64:0e:80:41:69:21:fc:a3:7f:42:c2:58:f8:d5:ca:
                    b1:c4:3e:2c:4e:c1:3d:a4:e6:e2:4d:29:96:89:8d:
                    b7:2d:08:bd:2c:e9:90:82:41:14:68:60:ab:2e:23:
                    f6:ae:f2:fe:b5:fb:96:db:08:63:cd:05:52:7e:d8:
                    f8:b1:5c:b6:d7:01:ff:c1:50:20:da:fe:b5:f5:e3:
                    b3:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:28:37:99:16:69:70:AC:E7:0E:53:AF:60:9D:95:74:7D:78:92:A7
            X509v3 Authority Key Identifier:
                keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/SCg3mRZpcKznDlOvYJ2VdH14kqc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.244.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         57:30:2f:3e:e1:25:40:71:93:9a:56:0c:25:db:e9:4d:42:5f:
         49:0c:5e:89:af:4c:8f:eb:81:17:1d:d3:dd:10:99:7f:42:9a:
         74:a0:34:ff:c2:ec:77:a6:20:f8:7e:e9:ab:21:05:37:63:3f:
         c5:a1:0e:c1:7e:a6:6c:d1:72:1d:2a:5e:0a:74:da:f6:61:c0:
         68:24:52:47:00:f3:c5:dc:0e:a3:65:4d:a9:50:80:ae:d8:53:
         b7:54:a7:5c:10:af:46:d3:c5:93:d3:65:e0:ab:d2:24:cd:9c:
         37:7f:4b:e9:c8:15:79:1c:ec:22:2f:da:2f:7a:28:c2:2d:8c:
         29:d8:0e:8a:3e:49:3a:b4:a1:78:9b:b3:34:6d:66:22:e7:0b:
         ce:82:01:b7:1f:b3:19:dd:31:dc:1d:d8:aa:9b:75:6c:31:f4:
         19:aa:a1:2b:c8:6a:a6:22:b9:f0:1e:8e:38:30:6a:3b:71:45:
         d3:36:ba:ea:20:19:f3:5e:ad:00:50:c7:e1:06:4a:9f:41:f6:
         04:b1:26:52:e7:c5:cb:ac:64:f3:25:7b:76:f2:ae:14:9c:b2:
         5a:83:54:15:b0:25:ce:c7:7b:c5:ee:5b:f9:31:82:6d:62:80:
         5b:27:37:a6:0a:8c:aa:d5:7c:0e:45:98:08:8e:ad:0b:5b:0e:
         6e:b1:ff:14
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN5MEzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Mjc4YTc2OGM5MTBiYWRjZDVjNGFlZjdjMTcyYTlmMDYxNTQ3ZThjMB4XDTIyMDEw
MTEyNTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDgyODM3OTkxNjY5
NzBhY2U3MGU1M2FmNjA5ZDk1NzQ3ZDc4OTJhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFfQ50Jry7xdcK8NxeyhUKyt0ApCki00qiOsB5GLC5e8xFi
sMuZ7fyEjyD1Oj3i6TPRHiyOGXH4Lr/PiO93hqaA27yCXkJA+bWO9Ej0P0xyjlpW
4l/F9kh3hX/1WbsM5bpD9puNz3AIv70ECMKRIuUQqo/eVxnIlmXvb5dHv76vYQUl
oQJZYq+JrSBJagzm1GdETSJB+CGWh4s8ndLHaB4TMOcNnwETyLCYe3LcIjaCJxFG
ZA6AQWkh/KN/QsJY+NXKscQ+LE7BPaTm4k0plomNty0IvSzpkIJBFGhgqy4j9q7y
/rX7ltsIY80FUn7Y+LFcttcB/8FQINr+tfXjs1UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRIKDeZFmlwrOcOU69gnZV0fXiSpzAfBgNVHSMEGDAWgBRieKdoyRC63NXE
rvfBcqnwYVR+jDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1luaW5hTWtRdXR6VnhLNzN3WEtwOEdGVWZvdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvNDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8x
L1NDZzNtUlpwY0t6bkRsT3ZZSjJWZEgxNGtxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
NDJkZmMwLWE3NjQtNGQ1ZC1hNjM0LTM0NTRmNDkwZmQ5Ni8xL1luaW5hTWtRdXR6
VnhLNzN3WEtwOEdGVWZvdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdX05jANBgkqhkiG9w0BAQsFAAOC
AQEAVzAvPuElQHGTmlYMJdvpTUJfSQxeia9Mj+uBFx3T3RCZf0KadKA0/8Lsd6Yg
+H7pqyEFN2M/xaEOwX6mbNFyHSpeCnTa9mHAaCRSRwDzxdwOo2VNqVCArthTt1Sn
XBCvRtPFk9Nl4KvSJM2cN39L6cgVeRzsIi/aL3oowi2MKdgOij5JOrSheJuzNG1m
IucLzoIBtx+zGd0x3B3Yqpt1bDH0GaqhK8hqpiK58B6OODBqO3FF0za66iAZ816t
AFDH4QZKn0H2BLEmUufFy6xk8yV7dvKuFJyyWoNUFbAlzsd7xe5b+TGCbWKAWyc3
pgqMqtV8DkWYCI6tC1sObrH/FA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:19 2024 by rpki-client on console-ams.rpki-client.org