Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/ebGXFsrHhzaS_GCxCQws8Wmv7ac.roa
File:                     ebGXFsrHhzaS_GCxCQws8Wmv7ac.roa (raw, json)
Hash identifier:          68NoUtgDkFmt6Ap3plivPQqqtJungTYfMMg3Ep5dXig=
Subject key identifier:   79:B1:97:16:CA:C7:87:36:92:FC:60:B1:09:0C:2C:F1:69:AF:ED:A7
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       0156C01F
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/ebGXFsrHhzaS_GCxCQws8Wmv7ac.roa
Signing time:             Sat 01 Jan 2022 05:05:19 +0000
ROA not before:           Sat 01 Jan 2022 05:05:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        37.140.223.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22462495 (0x156c01f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: Jan  1 05:05:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=79b19716cac7873692fc60b1090c2cf169afeda7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:33:be:f7:22:c4:7d:d8:f3:cb:d6:14:87:c3:
                    da:25:6c:da:10:09:63:38:f4:66:27:d4:4f:8d:95:
                    a8:d8:dd:4c:c0:02:9c:16:24:ec:e3:61:3b:72:2d:
                    47:9f:63:7f:21:f4:2b:06:e4:a3:0e:df:61:ea:43:
                    af:fa:b1:b5:33:29:e5:d3:4f:42:a7:c4:c9:e8:d8:
                    7c:93:c7:ad:f2:c7:b1:64:c1:6a:22:ec:24:83:50:
                    da:91:fd:7a:3d:40:b5:1f:99:fa:7e:a7:1b:e1:66:
                    77:e6:0d:50:1c:9c:d8:fc:8c:d7:75:bd:b5:f7:f7:
                    cc:13:45:a0:18:f4:fa:da:35:0b:7b:d3:fd:cd:b0:
                    86:1e:14:b7:0c:2b:ab:07:cb:fc:e5:78:d1:6b:0a:
                    ec:92:f5:c9:7b:27:fa:27:6f:3c:36:f3:f3:3c:1b:
                    70:41:e5:7c:5c:b9:23:79:82:ef:77:db:2f:dc:89:
                    dc:54:bb:e4:e2:fb:c4:64:96:85:f0:c4:e1:52:00:
                    a7:b1:cf:d4:76:61:b3:e1:10:3c:5a:b9:0d:37:70:
                    40:e7:7a:39:a2:64:52:2f:3a:7f:b5:84:82:89:b0:
                    25:e0:e6:f3:40:3f:c1:26:13:08:b7:d8:11:ca:a6:
                    87:8a:ac:da:85:f9:60:6a:0e:57:74:3d:8d:df:00:
                    e6:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:B1:97:16:CA:C7:87:36:92:FC:60:B1:09:0C:2C:F1:69:AF:ED:A7
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/ebGXFsrHhzaS_GCxCQws8Wmv7ac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.140.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:e7:45:45:d1:01:b9:48:72:6f:66:60:47:66:a3:ba:ea:25:
         80:f6:68:66:aa:de:f1:11:23:3a:68:5c:c5:7e:3a:d5:14:15:
         29:c3:8a:a4:ed:28:7e:03:c2:a0:dc:ea:1e:56:e8:cf:61:ed:
         95:01:c5:42:bd:4d:bc:8d:c9:1a:9a:de:00:ca:bc:16:e2:be:
         24:b5:5b:fa:19:d9:d4:7b:80:fd:c5:a9:ca:ca:02:8f:11:3c:
         dd:76:4e:56:bc:48:a5:18:e4:76:4c:72:b8:07:a8:4a:6c:cb:
         6c:95:01:68:e1:83:da:e0:d1:50:00:30:b7:10:4e:f8:c5:6b:
         ac:b4:cd:d9:7e:8a:3b:63:6a:78:56:cf:6b:76:2b:3b:13:12:
         95:09:59:14:c7:35:36:b1:5f:39:9d:b2:ed:45:65:62:46:1b:
         e3:19:4d:dd:cd:77:91:e2:a1:9a:ef:a8:68:89:8b:12:13:07:
         d8:aa:fd:af:32:29:f4:e6:4d:5b:96:cf:40:ee:c4:34:2a:d0:
         fa:72:44:e9:20:2c:1f:fb:29:41:4f:18:29:c2:f4:29:f5:94:
         8e:45:02:ad:61:1b:01:f3:f5:35:53:0d:f9:f8:4d:bf:dc:84:
         3c:05:69:2d:cd:1a:c8:3b:8a:1c:2c:f6:f7:d7:9e:fa:df:f2:
         3b:74:70:93
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAVbAHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGIyMTNiZjE2Mjc1NDhlZmRmYjFiMmUyNjQ1YmFhZjFkOTgzYWEwMB4XDTIyMDEw
MTA1MDUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzliMTk3MTZjYWM3
ODczNjkyZmM2MGIxMDkwYzJjZjE2OWFmZWRhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwzvvcixH3Y88vWFIfD2iVs2hAJYzj0ZifUT42VqNjdTMAC
nBYk7ONhO3ItR59jfyH0Kwbkow7fYepDr/qxtTMp5dNPQqfEyejYfJPHrfLHsWTB
aiLsJINQ2pH9ej1AtR+Z+n6nG+Fmd+YNUByc2PyM13W9tff3zBNFoBj0+to1C3vT
/c2whh4UtwwrqwfL/OV40WsK7JL1yXsn+idvPDbz8zwbcEHlfFy5I3mC73fbL9yJ
3FS75OL7xGSWhfDE4VIAp7HP1HZhs+EQPFq5DTdwQOd6OaJkUi86f7WEgomwJeDm
80A/wSYTCLfYEcqmh4qs2oX5YGoOV3Q9jd8A5qECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR5sZcWyseHNpL8YLEJDCzxaa/tpzAfBgNVHSMEGDAWgBSIshO/FidUjv37
Gy4mRbqvHZg6oDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lMSVR2eFluVkk3OS14c3VKa1c2cngyWU9xQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvM2MwMjY5LWMxOTQtNGU2ZC1hYmNlLTcyNzM1ZTExOGQ1MS8x
L2ViR1hGc3JIaHphU19HQ3hDUXdzOFdtdjdhYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
M2MwMjY5LWMxOTQtNGU2ZC1hYmNlLTcyNzM1ZTExOGQ1MS8xL2lMSVR2eFluVkk3
OS14c3VKa1c2cngyWU9xQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACWM3zANBgkqhkiG9w0BAQsFAAOC
AQEAH+dFRdEBuUhyb2ZgR2ajuuolgPZoZqre8REjOmhcxX461RQVKcOKpO0ofgPC
oNzqHlboz2HtlQHFQr1NvI3JGpreAMq8FuK+JLVb+hnZ1HuA/cWpysoCjxE83XZO
VrxIpRjkdkxyuAeoSmzLbJUBaOGD2uDRUAAwtxBO+MVrrLTN2X6KO2NqeFbPa3Yr
OxMSlQlZFMc1NrFfOZ2y7UVlYkYb4xlN3c13keKhmu+oaImLEhMH2Kr9rzIp9OZN
W5bPQO7ENCrQ+nJE6SAsH/spQU8YKcL0KfWUjkUCrWEbAfP1NVMN+fhNv9yEPAVp
Lc0ayDuKHCz299ee+t/yO3Rwkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org