Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/mgQ4IwfgfjA4lVKgKmz1UOP1G-I.roa
File:                     mgQ4IwfgfjA4lVKgKmz1UOP1G-I.roa (raw, json)
Hash identifier:          DWu11GV7LD/FMrpAhv4qFn8NgFDvpNqkfw05tCOkklE=
Subject key identifier:   9A:04:38:23:07:E0:7E:30:38:95:52:A0:2A:6C:F5:50:E3:F5:1B:E2
Certificate issuer:       /CN=1ed55d23579c64127155aef650696e79531d508d
Certificate serial:       031132BE
Authority key identifier: 1E:D5:5D:23:57:9C:64:12:71:55:AE:F6:50:69:6E:79:53:1D:50:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HtVdI1ecZBJxVa72UGlueVMdUI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/mgQ4IwfgfjA4lVKgKmz1UOP1G-I.roa
Signing time:             Sat 01 Jan 2022 02:00:23 +0000
ROA not before:           Sat 01 Jan 2022 02:00:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205325
IP address blocks:        178.216.245.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51458750 (0x31132be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ed55d23579c64127155aef650696e79531d508d
        Validity
            Not Before: Jan  1 02:00:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9a04382307e07e30389552a02a6cf550e3f51be2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:95:ce:5c:a9:98:8f:e0:db:50:54:7b:35:97:
                    1b:f0:a7:51:05:92:a7:80:70:ff:8f:d6:d7:e0:2d:
                    33:c1:1d:07:fe:ae:50:bb:93:10:66:c2:f1:75:c7:
                    db:84:f2:66:40:22:3a:fd:ee:ec:c1:99:63:e8:75:
                    66:2b:6f:0f:95:dd:c5:75:fd:6a:2f:2f:e9:a0:76:
                    ca:7c:09:0c:c9:59:7e:b4:93:1f:d9:10:9a:c4:e0:
                    c7:e6:bd:6a:23:45:17:39:3c:1f:2d:25:73:ce:7c:
                    3f:67:8a:ad:8c:41:84:bd:60:35:a0:0c:66:39:d7:
                    dd:5c:15:93:f3:62:8e:31:a6:b1:a4:44:10:24:5b:
                    61:7a:58:e2:62:fc:35:79:d5:9d:2e:96:50:ee:5c:
                    b4:e6:61:3a:64:80:e6:46:d8:6b:e0:e9:86:b1:fc:
                    99:8a:8d:99:a8:4e:b1:4f:06:05:5a:3c:0b:63:ef:
                    69:42:6c:d0:ab:c8:72:2d:f1:90:3a:d0:51:0e:09:
                    52:a1:3e:08:6b:73:7c:09:ac:94:ad:d0:6e:40:b7:
                    6a:6b:88:9c:e9:2a:f1:46:9a:e1:a1:8d:23:08:d6:
                    1f:2b:1f:4c:6d:af:2e:2a:b2:46:d1:e9:1f:bb:f4:
                    18:42:53:5a:b0:70:7a:fe:b7:25:c1:35:be:63:64:
                    e2:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:04:38:23:07:E0:7E:30:38:95:52:A0:2A:6C:F5:50:E3:F5:1B:E2
            X509v3 Authority Key Identifier:
                keyid:1E:D5:5D:23:57:9C:64:12:71:55:AE:F6:50:69:6E:79:53:1D:50:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtVdI1ecZBJxVa72UGlueVMdUI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/mgQ4IwfgfjA4lVKgKmz1UOP1G-I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.216.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:6e:09:c1:d3:27:4c:89:79:25:15:0b:e5:81:23:10:bb:e6:
         ea:a6:5d:48:34:d2:83:54:38:c9:fd:1a:89:68:7d:aa:3c:fd:
         c9:1b:db:41:9a:bc:7c:3c:8c:88:9c:c0:13:d7:34:59:8b:45:
         dd:19:03:ca:fc:1d:a1:ce:92:68:52:07:f5:81:15:56:bb:09:
         d9:fe:8a:5c:22:05:f9:58:bd:c5:b7:3e:6f:34:61:ba:73:cd:
         57:05:67:71:42:f5:fa:04:1b:84:3d:a8:f8:94:70:d3:32:34:
         b3:bd:b6:76:0c:59:60:23:e1:f8:19:6c:eb:57:e6:9a:69:82:
         7b:a4:ca:ce:c9:8f:bb:9d:96:27:59:ba:03:2a:43:5f:23:5d:
         6d:b8:bc:58:4b:eb:d4:db:88:2e:2e:2f:cf:6a:0b:1f:22:b7:
         29:39:b0:23:4b:5b:03:e7:9a:ac:78:94:7b:ce:af:cc:ea:a9:
         2a:8b:98:d0:95:82:8c:b4:58:ff:7e:e4:74:9f:a8:0f:cc:dd:
         4a:7d:b4:fc:69:0f:5d:3d:17:a4:ea:f0:05:f3:8f:a8:ed:ba:
         b6:4f:0d:eb:53:e3:bb:13:ea:be:7c:fb:8d:26:5e:64:1a:b6:
         db:dd:3f:d5:6f:26:3e:94:16:3e:eb:d9:11:7e:52:6c:26:51:
         b3:34:c5:ea
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAxEyvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZWQ1NWQyMzU3OWM2NDEyNzE1NWFlZjY1MDY5NmU3OTUzMWQ1MDhkMB4XDTIyMDEw
MTAyMDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWEwNDM4MjMwN2Uw
N2UzMDM4OTU1MmEwMmE2Y2Y1NTBlM2Y1MWJlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmVzlypmI/g21BUezWXG/CnUQWSp4Bw/4/W1+AtM8EdB/6u
ULuTEGbC8XXH24TyZkAiOv3u7MGZY+h1ZitvD5XdxXX9ai8v6aB2ynwJDMlZfrST
H9kQmsTgx+a9aiNFFzk8Hy0lc858P2eKrYxBhL1gNaAMZjnX3VwVk/NijjGmsaRE
ECRbYXpY4mL8NXnVnS6WUO5ctOZhOmSA5kbYa+DphrH8mYqNmahOsU8GBVo8C2Pv
aUJs0KvIci3xkDrQUQ4JUqE+CGtzfAmslK3QbkC3amuInOkq8Uaa4aGNIwjWHysf
TG2vLiqyRtHpH7v0GEJTWrBwev63JcE1vmNk4jsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSaBDgjB+B+MDiVUqAqbPVQ4/Ub4jAfBgNVHSMEGDAWgBQe1V0jV5xkEnFV
rvZQaW55Ux1QjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0h0VmRJMWVjWkJKeFZhNzJVR2x1ZVZNZFVJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvNGZiMjc0LWQ4NGYtNGZiYS05MzhlLTFlOWZmOTE4MDhjMi8x
L21nUTRJd2ZnZmpBNGxWS2dLbXoxVU9QMUctSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
NGZiMjc0LWQ4NGYtNGZiYS05MzhlLTFlOWZmOTE4MDhjMi8xL0h0VmRJMWVjWkJK
eFZhNzJVR2x1ZVZNZFVJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALLY9TANBgkqhkiG9w0BAQsFAAOC
AQEALG4JwdMnTIl5JRUL5YEjELvm6qZdSDTSg1Q4yf0aiWh9qjz9yRvbQZq8fDyM
iJzAE9c0WYtF3RkDyvwdoc6SaFIH9YEVVrsJ2f6KXCIF+Vi9xbc+bzRhunPNVwVn
cUL1+gQbhD2o+JRw0zI0s722dgxZYCPh+Bls61fmmmmCe6TKzsmPu52WJ1m6AypD
XyNdbbi8WEvr1NuILi4vz2oLHyK3KTmwI0tbA+earHiUe86vzOqpKouY0JWCjLRY
/37kdJ+oD8zdSn20/GkPXT0XpOrwBfOPqO26tk8N61PjuxPqvnz7jSZeZBq2290/
1W8mPpQWPuvZEX5SbCZRszTF6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:06 2024 by rpki-client on console-ams.rpki-client.org