Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/NEUn1kV39DzE93f__eFth83D2MU.roa
File:                     NEUn1kV39DzE93f__eFth83D2MU.roa (raw, json)
Hash identifier:          bMgbZKjDqo2n0aVE/1mMfETUOac2WTQjBtOakgGs/z8=
Subject key identifier:   34:45:27:D6:45:77:F4:3C:C4:F7:77:FF:FD:E1:6D:87:CD:C3:D8:C5
Certificate issuer:       /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial:       03CB08B8
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/NEUn1kV39DzE93f__eFth83D2MU.roa
Signing time:             Sat 01 Jan 2022 14:04:23 +0000
ROA not before:           Sat 01 Jan 2022 14:04:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48847
IP address blocks:        147.78.44.0/24 maxlen: 24
                          147.78.45.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63637688 (0x3cb08b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
        Validity
            Not Before: Jan  1 14:04:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=344527d64577f43cc4f777fffde16d87cdc3d8c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4f:81:c1:59:f0:a3:41:ca:91:4d:72:6f:6e:
                    68:d6:c1:e0:f8:36:22:24:72:1f:7a:24:25:78:a9:
                    6a:a4:6e:2c:c3:b2:96:ce:22:ef:ef:a5:ea:fe:2e:
                    8a:fe:dc:2e:94:80:c7:24:5e:ff:b5:9a:4c:11:d4:
                    54:41:90:1f:23:ea:7c:6e:95:39:60:11:5b:b7:e3:
                    a7:32:5d:1d:bf:5f:ff:4e:45:f3:44:c8:92:7c:2e:
                    69:a1:db:de:59:8f:b1:82:7c:9d:34:12:38:90:ee:
                    14:bc:be:c8:f7:c2:d9:c8:28:07:78:ea:62:08:bd:
                    00:5f:1c:f3:02:02:9b:5e:20:cd:a1:60:77:28:03:
                    53:51:ad:5a:95:e4:bc:a2:cf:4b:c1:cd:08:a6:6b:
                    dc:fb:cc:6a:1b:73:c7:63:e1:f7:b3:4a:c4:2c:66:
                    af:38:03:44:8e:14:88:75:91:7f:45:1f:99:b8:f8:
                    50:1b:5e:89:b0:b7:42:27:28:31:4c:97:16:5b:c3:
                    50:7a:1f:df:75:b9:c3:8d:5b:36:7b:57:23:d7:c2:
                    78:7d:66:68:eb:c9:b6:27:0e:16:29:00:d3:97:dd:
                    12:13:49:f4:a3:d9:25:81:38:d3:f1:a6:61:16:92:
                    b3:75:19:da:28:33:97:7d:81:d1:90:5f:66:33:90:
                    52:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:45:27:D6:45:77:F4:3C:C4:F7:77:FF:FD:E1:6D:87:CD:C3:D8:C5
            X509v3 Authority Key Identifier:
                keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/NEUn1kV39DzE93f__eFth83D2MU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.78.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:4b:c9:e3:78:8d:ad:e9:01:0d:10:5e:26:a4:c4:96:ba:f8:
         5d:c7:89:75:d0:b0:38:2f:66:e0:c1:12:3c:ea:33:30:3e:ee:
         01:ec:2d:eb:ab:98:40:4e:23:b3:f7:b3:fc:8b:1a:0e:97:8a:
         60:8c:45:d5:7e:1a:bf:e7:64:6e:71:aa:7d:c0:18:5c:93:19:
         94:74:60:2e:0e:02:39:b7:4e:fd:c0:c7:d3:a7:72:a9:30:f5:
         7b:2b:10:f7:fc:c3:02:4b:23:dd:dd:7c:e0:68:02:c5:52:57:
         1c:61:29:6e:18:45:15:80:44:37:38:e2:96:f6:f4:da:8b:07:
         e9:92:af:bb:72:68:81:a3:bd:c9:13:42:ba:b6:0c:9e:95:3f:
         9c:bf:9e:c1:fd:21:a2:9a:02:03:2f:f5:cd:1a:f7:0f:b3:17:
         2b:80:48:6e:84:d7:ee:a3:31:e4:3d:69:5c:e6:2c:29:6b:a6:
         7c:8e:ab:41:4b:33:74:94:80:9c:a6:71:ea:7b:37:78:9e:f4:
         d0:d3:ce:1a:91:b7:6a:92:59:7a:8e:ad:0a:28:f0:ed:ec:e1:
         27:0e:b7:d0:25:cf:dd:fa:bc:f6:5f:05:0c:57:8b:02:38:0a:
         39:f1:e0:cf:d9:18:ec:b8:0c:3d:b4:b0:7d:bc:33:e4:db:f3:
         bc:77:6a:37
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8sIuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDU1ZDdmZWU0YTQ5OWVjYWYxMWQyZDNkYThlMzg5ZGUzMjM0MTJmMB4XDTIyMDEw
MTE0MDQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ0NTI3ZDY0NTc3
ZjQzY2M0Zjc3N2ZmZmRlMTZkODdjZGMzZDhjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpPgcFZ8KNBypFNcm9uaNbB4Pg2IiRyH3okJXipaqRuLMOy
ls4i7++l6v4uiv7cLpSAxyRe/7WaTBHUVEGQHyPqfG6VOWARW7fjpzJdHb9f/05F
80TIknwuaaHb3lmPsYJ8nTQSOJDuFLy+yPfC2cgoB3jqYgi9AF8c8wICm14gzaFg
dygDU1GtWpXkvKLPS8HNCKZr3PvMahtzx2Ph97NKxCxmrzgDRI4UiHWRf0Ufmbj4
UBteibC3QicoMUyXFlvDUHof33W5w41bNntXI9fCeH1maOvJticOFikA05fdEhNJ
9KPZJYE40/GmYRaSs3UZ2igzl32B0ZBfZjOQUpsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0RSfWRXf0PMT3d//94W2HzcPYxTAfBgNVHSMEGDAWgBQkVdf+5KSZ7K8R
0tPajjid4yNBLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pGWFhfdVNrbWV5dkVkTFQybzQ0bmVNalFTOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvM2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8x
L05FVW4xa1YzOUR6RTkzZl9fZUZ0aDgzRDJNVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
M2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8xL0pGWFhfdVNrbWV5
dkVkTFQybzQ0bmVNalFTOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZNOLDANBgkqhkiG9w0BAQsFAAOC
AQEAe0vJ43iNrekBDRBeJqTElrr4XceJddCwOC9m4MESPOozMD7uAewt66uYQE4j
s/ez/IsaDpeKYIxF1X4av+dkbnGqfcAYXJMZlHRgLg4CObdO/cDH06dyqTD1eysQ
9/zDAksj3d184GgCxVJXHGEpbhhFFYBENzjilvb02osH6ZKvu3JogaO9yRNCurYM
npU/nL+ewf0hopoCAy/1zRr3D7MXK4BIboTX7qMx5D1pXOYsKWumfI6rQUszdJSA
nKZx6ns3eJ700NPOGpG3apJZeo6tCijw7ezhJw630CXP3fq89l8FDFeLAjgKOfHg
z9kY7LgMPbSwfbwz5NvzvHdqNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:36 2024 by rpki-client on console-fra.rpki-client.org