Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/4ipn5lvOY9RoE8uNbvMx4lXoLkE.roa
File:                     4ipn5lvOY9RoE8uNbvMx4lXoLkE.roa (raw, json)
Hash identifier:          8hl4/vDljAN1YbUecdq5mX95kM6mFe3Vf1XcVEtDEe4=
Subject key identifier:   E2:2A:67:E6:5B:CE:63:D4:68:13:CB:8D:6E:F3:31:E2:55:E8:2E:41
Certificate issuer:       /CN=e8f99cd884fb5cbab3f3b34e17a80a48adec3fe5
Certificate serial:       02E32A
Authority key identifier: E8:F9:9C:D8:84:FB:5C:BA:B3:F3:B3:4E:17:A8:0A:48:AD:EC:3F:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6Pmc2IT7XLqz87NOF6gKSK3sP-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/4ipn5lvOY9RoE8uNbvMx4lXoLkE.roa
Signing time:             Fri 03 Jun 2022 13:08:23 +0000
ROA not before:           Fri 03 Jun 2022 13:08:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        178.175.182.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 189226 (0x2e32a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8f99cd884fb5cbab3f3b34e17a80a48adec3fe5
        Validity
            Not Before: Jun  3 13:08:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e22a67e65bce63d46813cb8d6ef331e255e82e41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f2:3f:09:1f:18:11:b8:3c:e1:d7:97:da:f0:
                    5b:19:6d:35:1e:cd:ba:75:51:12:e7:cc:80:7c:5e:
                    11:2f:b8:82:3e:d2:87:14:3b:0c:a0:c5:a8:b3:87:
                    c1:69:96:7f:cc:6b:35:35:25:08:61:56:dd:d2:02:
                    00:c4:c4:c0:38:2c:f3:6b:a8:31:86:8d:c8:eb:b9:
                    3a:9a:c1:e8:6e:ee:ba:39:bc:f4:a8:f4:e4:10:d7:
                    46:43:a8:6e:a1:8a:b1:37:f7:3e:4b:fd:92:2e:0c:
                    c2:88:c5:5f:da:57:77:9b:21:21:7e:90:2d:28:62:
                    c2:6d:a3:33:27:51:42:25:ee:d3:ba:9d:63:df:2d:
                    9f:15:74:7a:3a:6a:c0:77:49:bd:b0:16:e8:33:90:
                    08:eb:b2:17:90:44:8f:a9:bb:d9:9f:33:52:a0:df:
                    4d:8d:a5:1f:12:cb:f6:13:78:cb:2b:c8:04:cd:fd:
                    32:57:74:84:a4:8b:dd:00:a5:d7:5b:6b:6d:61:df:
                    ce:5d:11:d1:37:66:90:1c:70:c3:c2:e7:18:e3:0d:
                    27:cf:60:9c:15:cd:a9:79:ae:c1:da:0a:f9:33:9d:
                    9d:c7:f3:15:6d:31:29:43:63:94:bb:9e:e4:c2:4c:
                    84:e4:04:02:38:a7:e9:23:69:45:dd:65:cf:1e:9e:
                    09:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:2A:67:E6:5B:CE:63:D4:68:13:CB:8D:6E:F3:31:E2:55:E8:2E:41
            X509v3 Authority Key Identifier:
                keyid:E8:F9:9C:D8:84:FB:5C:BA:B3:F3:B3:4E:17:A8:0A:48:AD:EC:3F:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Pmc2IT7XLqz87NOF6gKSK3sP-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/4ipn5lvOY9RoE8uNbvMx4lXoLkE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/6Pmc2IT7XLqz87NOF6gKSK3sP-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.175.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         f4:83:cc:77:f5:34:66:4e:c4:b7:e6:51:b7:b9:28:f3:40:f7:
         47:02:80:c8:05:e9:02:9f:ff:bb:86:b2:71:23:2f:c2:05:34:
         ca:60:50:89:f1:61:7a:68:7a:75:e9:64:52:54:c3:df:e8:57:
         a0:9a:a8:f1:9d:65:8c:f5:ca:07:c8:18:14:e5:91:4c:01:4c:
         e4:2c:f1:4e:8a:0e:bc:6f:d0:80:96:15:2b:da:5e:cb:de:35:
         2b:ac:9e:e1:61:c3:50:4d:52:33:b3:92:84:18:5f:88:53:f8:
         cc:2c:1f:34:4e:09:88:36:b4:25:2e:53:5c:8a:bd:56:72:d2:
         f4:77:14:10:88:3a:a0:8b:52:1b:e3:f3:1c:dc:0c:e7:09:ea:
         c1:44:3c:4a:20:10:84:36:66:d4:49:6f:2e:c9:af:fd:9e:1a:
         69:12:d6:88:2b:5d:70:25:5c:71:5f:05:9b:b3:c0:1e:4b:05:
         ad:7c:5e:0d:dd:f7:a1:4f:18:20:58:6d:52:95:03:98:6c:ad:
         78:20:26:1e:0e:38:5f:d4:cc:e6:1d:6e:c8:03:53:c4:92:68:
         95:a6:61:91:95:a0:56:46:8f:7c:d1:5c:81:ac:5d:16:5d:29:
         b1:66:4b:35:66:e1:37:68:9a:74:9f:e3:7f:58:d5:fc:8d:d2:
         6c:9b:92:c4
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAuMqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU4
Zjk5Y2Q4ODRmYjVjYmFiM2YzYjM0ZTE3YTgwYTQ4YWRlYzNmZTUwHhcNMjIwNjAz
MTMwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlMjJhNjdlNjViY2U2
M2Q0NjgxM2NiOGQ2ZWYzMzFlMjU1ZTgyZTQxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoPI/CR8YEbg84deX2vBbGW01Hs26dVES58yAfF4RL7iCPtKH
FDsMoMWos4fBaZZ/zGs1NSUIYVbd0gIAxMTAOCzza6gxho3I67k6msHobu66Obz0
qPTkENdGQ6huoYqxN/c+S/2SLgzCiMVf2ld3myEhfpAtKGLCbaMzJ1FCJe7Tup1j
3y2fFXR6OmrAd0m9sBboM5AI67IXkESPqbvZnzNSoN9NjaUfEsv2E3jLK8gEzf0y
V3SEpIvdAKXXW2ttYd/OXRHRN2aQHHDDwucY4w0nz2CcFc2pea7B2gr5M52dx/MV
bTEpQ2OUu57kwkyE5AQCOKfpI2lF3WXPHp4JpQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFOIqZ+ZbzmPUaBPLjW7zMeJV6C5BMB8GA1UdIwQYMBaAFOj5nNiE+1y6s/Oz
TheoCkit7D/lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NlBtYzJJVDdYTHF6ODdOT0Y2Z0tTSzNzUC1VLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy9kODViYzctNThhNi00MDdhLThhY2ItNzUwOWY3ZjRjNWE2LzEv
NGlwbjVsdk9ZOVJvRTh1TmJ2TXg0bFhvTGtFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9k
ODViYzctNThhNi00MDdhLThhY2ItNzUwOWY3ZjRjNWE2LzEvNlBtYzJJVDdYTHF6
ODdOT0Y2Z0tTSzNzUC1VLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsq+2MA0GCSqGSIb3DQEBCwUAA4IB
AQD0g8x39TRmTsS35lG3uSjzQPdHAoDIBekCn/+7hrJxIy/CBTTKYFCJ8WF6aHp1
6WRSVMPf6FegmqjxnWWM9coHyBgU5ZFMAUzkLPFOig68b9CAlhUr2l7L3jUrrJ7h
YcNQTVIzs5KEGF+IU/jMLB80TgmINrQlLlNcir1WctL0dxQQiDqgi1Ib4/Mc3Azn
CerBRDxKIBCENmbUSW8uya/9nhppEtaIK11wJVxxXwWbs8AeSwWtfF4N3fehTxgg
WG1SlQOYbK14ICYeDjhf1MzmHW7IA1PEkmiVpmGRlaBWRo980VyBrF0WXSmxZks1
ZuE3aJp0n+N/WNX8jdJsm5LE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:16 2024 by rpki-client on console-ams.rpki-client.org