Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/d3dK5mUlSelCoxio_GQxnaM5wmk.roa
File:                     d3dK5mUlSelCoxio_GQxnaM5wmk.roa (raw, json)
Hash identifier:          Y4t2ooQnmlah3q9Ms7kaAbEOr07wF2Rgbi8Hd9gaMlo=
Subject key identifier:   77:77:4A:E6:65:25:49:E9:42:A3:18:A8:FC:64:31:9D:A3:39:C2:69
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       0181DAA0E134A1CCBC642FDDE75EE53103D9
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/d3dK5mUlSelCoxio_GQxnaM5wmk.roa
Signing time:             Thu 07 Jul 2022 21:46:25 +0000
ROA not before:           Thu 07 Jul 2022 21:46:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21294
IP address blocks:        217.156.85.0/24 maxlen: 24
                          217.156.99.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:da:a0:e1:34:a1:cc:bc:64:2f:dd:e7:5e:e5:31:03:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jul  7 21:46:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=77774ae6652549e942a318a8fc64319da339c269
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:af:2a:74:58:c1:82:82:48:57:aa:53:e4:69:
                    fc:f3:78:d9:b3:81:fa:ba:59:20:13:ac:33:83:95:
                    af:9e:fc:15:6a:38:52:44:57:83:3c:bd:78:38:57:
                    95:8b:9e:e9:32:d2:33:ec:59:05:ec:ec:dc:2b:65:
                    41:d6:ba:fc:00:44:b3:86:52:27:1b:ae:b6:cc:c2:
                    e9:34:c5:1c:0c:f6:a5:3c:87:a2:b7:f8:84:22:79:
                    c0:86:96:45:bc:a6:a3:1e:61:6d:21:2f:2c:a6:10:
                    29:9b:4f:44:5b:48:88:96:e0:86:04:7d:03:1d:98:
                    5c:59:08:fd:94:a1:e3:2e:77:8e:8d:ea:a3:9c:6e:
                    56:88:8b:c3:f4:32:55:48:22:73:d5:66:9d:ac:bc:
                    b4:ac:0e:70:9e:ca:f5:55:e2:63:54:da:4e:2d:f6:
                    5f:3b:60:7e:cc:43:61:2c:72:ba:e2:95:a3:cb:5f:
                    90:34:f5:94:6c:c8:9f:5b:0c:0a:31:3f:c2:63:40:
                    db:7b:bf:45:59:cf:7a:09:09:10:f5:67:10:56:a0:
                    8e:70:e6:ef:2d:ea:ad:ed:86:4a:bb:57:e2:01:c0:
                    e3:a4:8a:3e:9f:dd:e1:3b:09:a0:37:2d:c3:66:45:
                    da:66:57:34:e5:31:3b:1c:59:01:b2:ee:11:7a:d5:
                    bd:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:77:4A:E6:65:25:49:E9:42:A3:18:A8:FC:64:31:9D:A3:39:C2:69
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/d3dK5mUlSelCoxio_GQxnaM5wmk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.156.85.0/24
                  217.156.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:9f:b5:98:d3:4f:2d:4e:34:cf:ba:67:6d:22:b2:0f:6f:c2:
         5c:f8:8a:b8:c0:63:ed:1f:97:ab:75:79:6a:4f:16:ea:45:c3:
         f1:06:4e:e9:58:3f:94:5a:90:2c:f4:79:5a:f3:71:a0:a1:92:
         c0:18:0a:86:9f:3d:81:45:ab:05:6a:2c:23:8a:86:5e:f7:5b:
         c5:0c:70:43:a3:fd:8c:99:2e:d4:53:51:4f:1c:5b:4a:02:ab:
         cf:72:63:09:8c:ed:87:3d:c6:35:4c:b3:82:9b:a2:d7:9f:d5:
         9e:89:99:3a:ec:6b:87:a5:29:f2:1c:4d:56:f5:ce:e1:2e:c7:
         02:b9:e2:08:14:e4:bf:4c:f1:a2:14:b7:27:0a:51:6d:52:fa:
         92:1d:5c:76:1a:5a:b8:20:a3:8a:07:a6:71:d7:85:50:e7:dd:
         92:75:9c:84:65:70:1e:0e:31:26:29:10:87:9d:71:6d:03:d3:
         0f:3c:49:99:73:dd:53:d7:4a:17:06:96:c1:42:ee:94:dd:2a:
         e2:95:5a:52:25:39:a2:70:fb:c3:9e:50:e9:6b:2c:54:43:39:
         27:18:65:cb:9c:f2:35:e7:49:c1:6f:c6:67:4a:2f:81:c4:c5:
         e7:33:ae:29:0f:9e:ff:1b:ad:eb:3c:26:0c:f9:77:76:62:e4:
         f8:36:ce:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHaoOE0ocy8ZC/d517lMQPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjIwNzA3MjE0NjI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Nzc3NGFlNjY1MjU0OWU5NDJhMzE4YThmYzY0MzE5ZGEzMzljMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq8qdFjBgoJIV6pT5Gn883jZs4H6
ulkgE6wzg5WvnvwVajhSRFeDPL14OFeVi57pMtIz7FkF7OzcK2VB1rr8AESzhlIn
G662zMLpNMUcDPalPIeit/iEInnAhpZFvKajHmFtIS8sphApm09EW0iIluCGBH0D
HZhcWQj9lKHjLneOjeqjnG5WiIvD9DJVSCJz1WadrLy0rA5wnsr1VeJjVNpOLfZf
O2B+zENhLHK64pWjy1+QNPWUbMifWwwKMT/CY0Dbe79FWc96CQkQ9WcQVqCOcObv
Leqt7YZKu1fiAcDjpIo+n93hOwmgNy3DZkXaZlc05TE7HFkBsu4RetW9FwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHd3SuZlJUnpQqMYqPxkMZ2jOcJpMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvZDNkSzVtVWxTZWxDb3hpb19HUXhuYU01d21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2ZxVAwQA
2ZxjMA0GCSqGSIb3DQEBCwUAA4IBAQBLn7WY008tTjTPumdtIrIPb8Jc+Iq4wGPt
H5erdXlqTxbqRcPxBk7pWD+UWpAs9Hla83GgoZLAGAqGnz2BRasFaiwjioZe91vF
DHBDo/2MmS7UU1FPHFtKAqvPcmMJjO2HPcY1TLOCm6LXn9WeiZk67GuHpSnyHE1W
9c7hLscCueIIFOS/TPGiFLcnClFtUvqSHVx2Glq4IKOKB6Zx14VQ592SdZyEZXAe
DjEmKRCHnXFtA9MPPEmZc91T10oXBpbBQu6U3SrilVpSJTmicPvDnlDpayxUQzkn
GGXLnPI150nBb8ZnSi+BxMXnM64pD57/G63rPCYM+Xd2YuT4Ns4I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org