Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/9CZ368sYF9AUR0ZVrAVYBrrqA2I.roa
File:                     9CZ368sYF9AUR0ZVrAVYBrrqA2I.roa (raw, json)
Hash identifier:          sn+XKIizRxK3p9D2H35MDsgRNPRHz9wjZyUSNdmmIOs=
Subject key identifier:   F4:26:77:EB:CB:18:17:D0:14:47:46:55:AC:05:58:06:BA:EA:03:62
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018225563665C8F0A99DE7B5D018FF0778FD
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/9CZ368sYF9AUR0ZVrAVYBrrqA2I.roa
Signing time:             Fri 22 Jul 2022 09:56:23 +0000
ROA not before:           Fri 22 Jul 2022 09:56:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     64267
IP address blocks:        188.255.144.0/24 maxlen: 24
                          178.253.237.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:25:56:36:65:c8:f0:a9:9d:e7:b5:d0:18:ff:07:78:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Jul 22 09:56:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f42677ebcb1817d014474655ac055806baea0362
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:81:16:51:36:2f:96:5c:0e:74:5b:e0:fb:98:
                    17:4a:55:87:e5:db:a7:f8:cc:4a:72:12:d4:8c:c5:
                    fc:71:de:94:a0:21:95:bd:c6:66:3f:d1:d5:8a:84:
                    7b:93:21:78:a7:5e:69:07:25:d6:37:00:a6:61:20:
                    72:b9:85:53:8e:ff:45:5d:4e:d3:56:b0:cc:5c:8a:
                    11:8a:9e:4b:8b:d8:92:f1:6d:29:62:0e:8a:37:04:
                    1e:de:eb:e7:88:2b:e6:2a:a3:2d:75:55:56:26:ac:
                    d5:bb:57:d4:87:6f:6c:de:d8:80:59:22:84:54:0f:
                    03:67:df:ec:87:61:3f:85:6c:66:4f:94:62:5a:a7:
                    8b:e6:f2:61:ba:27:e1:44:19:ee:47:4a:89:03:1a:
                    bf:aa:bf:f7:bc:9f:6d:5f:51:a3:30:d4:e9:a5:b1:
                    27:80:cd:9a:38:ba:08:d5:df:6a:aa:fb:19:82:6a:
                    bf:01:b4:62:da:39:65:b3:f3:1c:90:fd:66:fe:74:
                    8a:4b:74:07:4b:37:51:c1:4a:f5:24:05:1c:6e:b9:
                    84:7a:e9:00:d0:87:1b:81:c3:a6:f4:17:47:9f:f7:
                    d7:b9:26:b9:3c:e0:02:1a:51:47:13:41:fc:dc:e5:
                    e5:8a:a3:bf:ef:11:f2:c2:87:bf:67:02:e8:6f:6b:
                    bf:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:26:77:EB:CB:18:17:D0:14:47:46:55:AC:05:58:06:BA:EA:03:62
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/9CZ368sYF9AUR0ZVrAVYBrrqA2I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.237.0/24
                  188.255.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:57:dd:1b:72:2a:6b:7c:d1:3f:5e:0f:01:77:b1:b8:46:25:
         30:cf:ce:a0:11:1a:77:45:83:b8:6d:75:a8:2d:01:c5:c1:e9:
         48:dc:c3:3d:2d:44:26:bb:b3:06:32:a0:8c:07:d5:1f:f0:c6:
         5a:6a:db:55:9c:85:34:41:0e:4b:88:b4:08:65:49:a7:7d:c6:
         34:d6:ff:75:37:a6:e8:41:eb:26:78:f4:2d:6a:15:b9:f9:c6:
         a5:9f:37:76:8b:38:53:75:dd:77:31:f4:16:92:a2:dd:b9:df:
         51:7c:38:0b:18:1b:19:8a:56:bf:74:71:36:c6:9b:9e:a6:a5:
         9c:f2:b1:94:75:68:f3:fa:87:a2:c8:cc:fc:c8:d0:e6:4f:0b:
         6a:c9:45:3f:b8:f9:14:6e:ad:67:c3:c6:45:b9:dc:6f:a8:5c:
         81:91:b3:6d:39:e1:1f:8a:5b:c0:e0:5d:3d:96:a2:44:16:df:
         3e:44:18:8a:ad:ac:e2:c9:5e:04:92:2e:06:b1:e1:65:4b:b6:
         1e:9b:a1:3e:c9:10:b0:63:55:60:12:9a:65:8a:ea:fa:d0:c3:
         f2:7b:2f:b2:c4:3c:55:5e:32:48:8a:af:05:91:d3:ea:ce:0c:
         ba:2e:6d:9a:25:9d:b2:1d:1b:54:cd:76:55:3b:6a:65:45:fb:
         d8:a1:fa:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIlVjZlyPCpnee10Bj/B3j9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIwNzIyMDk1NjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDI2NzdlYmNiMTgxN2QwMTQ0NzQ2NTVhYzA1NTgwNmJhZWEwMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIEWUTYvllwOdFvg+5gXSlWH5dun
+MxKchLUjMX8cd6UoCGVvcZmP9HVioR7kyF4p15pByXWNwCmYSByuYVTjv9FXU7T
VrDMXIoRip5Li9iS8W0pYg6KNwQe3uvniCvmKqMtdVVWJqzVu1fUh29s3tiAWSKE
VA8DZ9/sh2E/hWxmT5RiWqeL5vJhuifhRBnuR0qJAxq/qr/3vJ9tX1GjMNTppbEn
gM2aOLoI1d9qqvsZgmq/AbRi2jlls/MckP1m/nSKS3QHSzdRwUr1JAUcbrmEeukA
0IcbgcOm9BdHn/fXuSa5POACGlFHE0H83OXliqO/7xHywoe/ZwLob2u/OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPQmd+vLGBfQFEdGVawFWAa66gNiMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvOUNaMzY4c1lGOUFVUjBaVnJBVllCcnJxQTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsv3tAwQA
vP+QMA0GCSqGSIb3DQEBCwUAA4IBAQB4V90bciprfNE/Xg8Bd7G4RiUwz86gERp3
RYO4bXWoLQHFwelI3MM9LUQmu7MGMqCMB9Uf8MZaattVnIU0QQ5LiLQIZUmnfcY0
1v91N6boQesmePQtahW5+calnzd2izhTdd13MfQWkqLdud9RfDgLGBsZila/dHE2
xpuepqWc8rGUdWjz+oeiyMz8yNDmTwtqyUU/uPkUbq1nw8ZFudxvqFyBkbNtOeEf
ilvA4F09lqJEFt8+RBiKraziyV4Eki4GseFlS7Yem6E+yRCwY1VgEppliur60MPy
ey+yxDxVXjJIiq8FkdPqzgy6Lm2aJZ2yHRtUzXZVO2plRfvYofoN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:25 2024 by rpki-client on console-fra.rpki-client.org