Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/J8pX2_cDF367cuqEDp8aRoW5lAE.roa
File:                     J8pX2_cDF367cuqEDp8aRoW5lAE.roa (raw, json)
Hash identifier:          r5dAz3pKLWAAV+9chNuLFvhciBM/WYkuuTKBtNjNS74=
Subject key identifier:   27:CA:57:DB:F7:03:17:7E:BB:72:EA:84:0E:9F:1A:46:85:B9:94:01
Certificate issuer:       /CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
Certificate serial:       0121533F
Authority key identifier: D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/J8pX2_cDF367cuqEDp8aRoW5lAE.roa
Signing time:             Wed 30 Mar 2022 06:54:24 +0000
ROA not before:           Wed 30 Mar 2022 06:54:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12779
IP address blocks:        185.128.76.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18961215 (0x121533f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
        Validity
            Not Before: Mar 30 06:54:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=27ca57dbf703177ebb72ea840e9f1a4685b99401
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:2a:d3:46:f1:9f:44:37:62:65:17:a4:ae:10:
                    54:02:9b:ed:75:60:85:62:3b:10:aa:2c:6f:26:9c:
                    8b:e8:f0:c6:31:ba:03:24:d2:a0:9a:fa:ec:8a:2a:
                    81:5a:68:ea:9e:fa:7c:15:13:ac:ea:88:4f:a7:db:
                    5e:65:b1:58:a4:dd:20:2e:dd:78:9e:47:ae:c1:7b:
                    9e:90:e1:f5:97:9a:f8:3d:f7:17:26:6d:d4:1c:7c:
                    08:78:bb:50:98:48:0c:d7:20:19:20:f7:b2:cc:2b:
                    4e:0e:f2:a4:55:38:c9:a6:ec:96:a5:e7:a7:bd:76:
                    d8:3b:04:dd:92:7e:a5:40:d9:b8:f1:da:db:1c:d7:
                    1f:8a:30:c9:77:67:76:d3:b7:f7:7c:9d:7d:a0:55:
                    8d:45:16:76:04:de:bc:6b:1e:87:f7:a4:9c:ad:bd:
                    8d:37:b0:0b:b1:2e:92:20:c9:df:5f:12:9f:2f:a6:
                    87:87:9b:92:d3:8f:8a:ff:87:61:aa:bd:51:97:0b:
                    dd:29:f3:8b:3a:7c:9e:e2:0e:49:cb:84:a9:8d:84:
                    ea:22:f5:44:8d:ff:7a:0c:2b:d1:5a:33:50:4d:ba:
                    a8:c1:4b:4a:0f:5a:b4:72:eb:c6:e6:92:2a:85:cf:
                    87:62:0e:62:a1:fd:6a:d5:df:a1:58:98:8c:fe:e5:
                    73:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:CA:57:DB:F7:03:17:7E:BB:72:EA:84:0E:9F:1A:46:85:B9:94:01
            X509v3 Authority Key Identifier:
                keyid:D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/J8pX2_cDF367cuqEDp8aRoW5lAE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.128.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:ff:b8:d5:19:08:b0:41:72:30:a9:38:b6:ee:20:c1:59:20:
         30:25:10:58:1e:b8:77:90:bb:e1:45:79:ea:4f:2e:56:54:b2:
         5a:58:95:e6:dd:4c:01:fb:66:95:cc:1d:c4:d8:1c:d8:fc:e4:
         ae:d8:a0:9b:80:0a:a6:fb:5d:6b:e4:cb:4b:d3:92:be:0d:ed:
         80:06:f8:ef:7f:ca:f3:ba:7b:a6:e5:d8:c6:3c:11:be:fa:de:
         f1:83:ab:98:d5:07:e0:3f:a0:e7:cd:3e:d8:5e:6c:e4:34:f9:
         86:b6:5d:95:c1:10:70:1f:fb:b4:05:40:81:e5:5f:92:d9:7c:
         3e:9c:b9:25:c6:e9:00:7e:e2:87:30:1d:75:a6:f3:12:8a:ba:
         f8:42:0f:03:7b:7d:7d:15:6c:f1:e6:6a:d4:ec:a9:32:f3:48:
         b7:c9:b5:db:af:f4:75:47:a1:aa:09:05:45:e5:80:ff:97:69:
         b7:01:98:c8:9b:82:8a:26:10:af:f7:9e:ca:78:bd:9e:02:e5:
         8b:57:fc:be:92:01:3d:24:e4:e1:e8:a7:ba:03:31:0f:44:d1:
         c3:3c:f3:65:98:d2:6b:6b:ce:ef:47:52:69:76:04:62:2d:7d:
         f9:5e:8e:e4:ea:52:04:1a:07:bc:7d:a2:b6:99:28:a2:44:de:
         ac:6c:78:b1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASFTPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDQ2ODdhM2VlNjMyMmI3NTdkZTgxZTdmNTNjNWQzMmVlYmUzM2E2MB4XDTIyMDMz
MDA2NTQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdjYTU3ZGJmNzAz
MTc3ZWJiNzJlYTg0MGU5ZjFhNDY4NWI5OTQwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcq00bxn0Q3YmUXpK4QVAKb7XVghWI7EKosbyaci+jwxjG6
AyTSoJr67IoqgVpo6p76fBUTrOqIT6fbXmWxWKTdIC7deJ5HrsF7npDh9Zea+D33
FyZt1Bx8CHi7UJhIDNcgGSD3sswrTg7ypFU4yabslqXnp7122DsE3ZJ+pUDZuPHa
2xzXH4owyXdndtO393ydfaBVjUUWdgTevGseh/eknK29jTewC7EukiDJ318Sny+m
h4ebktOPiv+HYaq9UZcL3Snzizp8nuIOScuEqY2E6iL1RI3/egwr0VozUE26qMFL
Sg9atHLrxuaSKoXPh2IOYqH9atXfoViYjP7lc9sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQnylfb9wMXfrty6oQOnxpGhbmUATAfBgNVHSMEGDAWgBTQRoej7mMit1fe
gef1PF0y7r4zpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBFYUhvLTVqSXJkWDNvSG45VHhkTXU2LU02WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvYmZkZDE5LTZiYmEtNGRjOS1hZmM2LTk3YmU0MjZhMjMzNC8x
L0o4cFgyX2NERjM2N2N1cUVEcDhhUm9XNWxBRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
YmZkZDE5LTZiYmEtNGRjOS1hZmM2LTk3YmU0MjZhMjMzNC8xLzBFYUhvLTVqSXJk
WDNvSG45VHhkTXU2LU02WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmATDANBgkqhkiG9w0BAQsFAAOC
AQEAAv+41RkIsEFyMKk4tu4gwVkgMCUQWB64d5C74UV56k8uVlSyWliV5t1MAftm
lcwdxNgc2Pzkrtigm4AKpvtda+TLS9OSvg3tgAb473/K87p7puXYxjwRvvre8YOr
mNUH4D+g580+2F5s5DT5hrZdlcEQcB/7tAVAgeVfktl8Ppy5JcbpAH7ihzAddabz
Eoq6+EIPA3t9fRVs8eZq1OypMvNIt8m126/0dUehqgkFReWA/5dptwGYyJuCiiYQ
r/eeyni9ngLli1f8vpIBPSTk4einugMxD0TRwzzzZZjSa2vO70dSaXYEYi19+V6O
5OpSBBoHvH2itpkookTerGx4sQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:44 2024 by rpki-client on console-fra.rpki-client.org