Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0ihMNKUsS9GdSEt1aCfmAa02aeA.roa
File:                     0ihMNKUsS9GdSEt1aCfmAa02aeA.roa (raw, json)
Hash identifier:          gPi8a/T1TPrYredkF0QDnqd+oZBFxTybEedX9Y5bMyM=
Subject key identifier:   D2:28:4C:34:A5:2C:4B:D1:9D:48:4B:75:68:27:E6:01:AD:36:69:E0
Certificate issuer:       /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial:       13FEB550
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0ihMNKUsS9GdSEt1aCfmAa02aeA.roa
Signing time:             Sat 01 Jan 2022 11:55:35 +0000
ROA not before:           Sat 01 Jan 2022 11:55:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213252
IP address blocks:        213.238.183.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 335459664 (0x13feb550)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
        Validity
            Not Before: Jan  1 11:55:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d2284c34a52c4bd19d484b756827e601ad3669e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:80:3f:4b:7c:15:1c:c5:f7:17:1b:97:b5:b9:
                    33:3c:0a:3c:49:30:5e:d0:a1:67:84:c5:c8:d4:71:
                    f2:c5:8f:8e:e8:c3:4f:9f:af:1b:07:7c:1c:f3:01:
                    01:5a:d8:e7:14:33:ed:5d:dc:f9:1c:cc:9a:cd:58:
                    f0:52:de:e6:03:7f:13:91:2e:3e:a0:78:f6:ab:53:
                    6f:00:e5:03:6d:cd:d3:23:18:52:a3:e1:95:64:c5:
                    c8:ce:65:9a:ed:f7:92:95:18:e8:30:bf:93:0e:6c:
                    23:f4:66:05:b6:17:1f:1e:0b:1e:19:7f:53:52:d5:
                    0c:b7:d5:af:62:14:a8:aa:98:10:58:28:f1:2d:11:
                    5d:cb:59:5b:25:a5:27:35:bf:7b:d3:c5:20:50:ba:
                    cc:43:90:83:59:0c:82:b0:67:1e:dc:3d:d5:69:0a:
                    65:58:8a:bf:86:f5:b0:d2:e0:7f:ea:73:c9:30:1a:
                    c8:ca:6c:95:7c:24:08:4c:97:bd:94:5e:dd:ba:4f:
                    70:cd:b4:86:8e:e4:02:68:ca:d7:08:64:d3:f7:1b:
                    ad:69:25:4f:15:eb:7c:b9:1b:fc:a2:b6:e6:98:33:
                    b1:22:63:31:ef:c4:6b:c3:96:b3:b3:7a:ac:3f:db:
                    5d:15:8b:2d:82:ba:1d:ba:f4:38:ea:b8:af:a4:1b:
                    85:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:28:4C:34:A5:2C:4B:D1:9D:48:4B:75:68:27:E6:01:AD:36:69:E0
            X509v3 Authority Key Identifier:
                keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0ihMNKUsS9GdSEt1aCfmAa02aeA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.238.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:17:fc:7b:de:ee:d7:d0:99:46:c1:d3:ba:2c:5c:87:4f:0d:
         1f:f5:fc:fd:01:49:59:fe:7b:4d:e7:aa:54:89:6a:4c:26:d1:
         cd:55:01:32:12:e4:f5:77:fa:74:e3:f5:ea:0a:d7:ed:dc:00:
         52:62:fa:2f:db:07:32:30:1b:0d:c3:ee:25:87:ad:28:98:84:
         d6:52:d0:ed:d7:6b:07:b4:8a:e7:c0:f8:05:13:fb:e3:11:37:
         ad:b2:34:47:88:b2:6f:d1:0a:44:c4:fa:4f:e1:58:db:89:8b:
         45:ab:af:3d:0f:0e:af:13:d7:3d:40:b3:01:17:10:39:e2:39:
         a5:e5:03:73:6a:f8:d0:60:26:2c:50:64:56:cb:96:28:c9:86:
         50:aa:2f:98:8b:2a:fb:b9:26:9f:b6:07:2b:35:ca:41:c8:5c:
         5f:f4:0e:ba:38:3a:54:80:35:38:d9:72:ba:3c:37:c1:63:63:
         13:7e:58:0e:e1:7c:b9:03:dd:24:d9:c6:81:69:12:c4:42:e6:
         ca:12:3e:eb:4f:7c:55:2d:2a:2e:b7:57:b8:f0:0a:57:be:03:
         d3:03:9c:ce:a8:b6:b0:80:91:4b:e1:24:aa:91:70:ce:8b:2d:
         35:89:1c:c1:5b:42:f7:92:f1:2c:8c:cd:4d:a7:16:4b:19:bf:
         04:3f:a6:8a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE/61UDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGNiZGE3OGIxZDFiNjEzZGY1NjVmZjk5NzAwYjZhZWU5NDBkZTNmMB4XDTIyMDEw
MTExNTUzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDIyODRjMzRhNTJj
NGJkMTlkNDg0Yjc1NjgyN2U2MDFhZDM2NjllMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJSAP0t8FRzF9xcbl7W5MzwKPEkwXtChZ4TFyNRx8sWPjujD
T5+vGwd8HPMBAVrY5xQz7V3c+RzMms1Y8FLe5gN/E5EuPqB49qtTbwDlA23N0yMY
UqPhlWTFyM5lmu33kpUY6DC/kw5sI/RmBbYXHx4LHhl/U1LVDLfVr2IUqKqYEFgo
8S0RXctZWyWlJzW/e9PFIFC6zEOQg1kMgrBnHtw91WkKZViKv4b1sNLgf+pzyTAa
yMpslXwkCEyXvZRe3bpPcM20ho7kAmjK1whk0/cbrWklTxXrfLkb/KK25pgzsSJj
Me/Ea8OWs7N6rD/bXRWLLYK6Hbr0OOq4r6QbhYsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTSKEw0pSxL0Z1IS3VoJ+YBrTZp4DAfBgNVHSMEGDAWgBRUy9p4sdG2E99W
X/mXALau6UDePzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZNdmFlTEhSdGhQZlZsXzVsd0MycnVsQTNqOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8x
LzBpaE1OS1VzUzlHZFNFdDFhQ2ZtQWEwMmFlQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8xL1ZNdmFlTEhSdGhQ
ZlZsXzVsd0MycnVsQTNqOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXutzANBgkqhkiG9w0BAQsFAAOC
AQEADxf8e97u19CZRsHTuixch08NH/X8/QFJWf57TeeqVIlqTCbRzVUBMhLk9Xf6
dOP16grX7dwAUmL6L9sHMjAbDcPuJYetKJiE1lLQ7ddrB7SK58D4BRP74xE3rbI0
R4iyb9EKRMT6T+FY24mLRauvPQ8OrxPXPUCzARcQOeI5peUDc2r40GAmLFBkVsuW
KMmGUKovmIsq+7kmn7YHKzXKQchcX/QOujg6VIA1ONlyujw3wWNjE35YDuF8uQPd
JNnGgWkSxELmyhI+6098VS0qLrdXuPAKV74D0wOczqi2sICRS+EkqpFwzostNYkc
wVtC95LxLIzNTacWSxm/BD+mig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:36 2024 by rpki-client on console-ams.rpki-client.org