Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/UymOLJc6Sveqi5XtetaONHgNh3U.roa
File:                     UymOLJc6Sveqi5XtetaONHgNh3U.roa (raw, json)
Hash identifier:          W3GafCDqnHtlIU8wcj3mUGkcuUo0uH7scwzQSM3193A=
Subject key identifier:   53:29:8E:2C:97:3A:4A:F7:AA:8B:95:ED:7A:D6:8E:34:78:0D:87:75
Certificate issuer:       /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial:       0B2981F4
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/UymOLJc6Sveqi5XtetaONHgNh3U.roa
Signing time:             Sat 01 Jan 2022 05:02:33 +0000
ROA not before:           Sat 01 Jan 2022 05:02:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     65535
IP address blocks:        78.38.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 187269620 (0xb2981f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
        Validity
            Not Before: Jan  1 05:02:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=53298e2c973a4af7aa8b95ed7ad68e34780d8775
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a4:2d:51:a4:da:df:57:3d:6a:5d:47:b4:73:
                    f1:77:b8:c8:ac:53:c6:26:a6:3f:d8:72:68:7f:7d:
                    a8:ba:98:5d:86:ad:3e:aa:f8:72:1a:f3:1f:df:a4:
                    29:c6:f0:77:4a:db:4a:57:f2:7d:8e:39:cc:9b:1f:
                    5e:97:65:10:f0:2a:74:1a:e2:18:81:58:ae:3f:0f:
                    4d:9b:b6:7d:8c:69:ae:26:45:26:39:63:7f:e7:7f:
                    28:69:51:05:14:ac:27:19:fa:55:20:4f:f0:ea:4b:
                    20:f1:7f:58:33:5f:85:d3:d7:8d:e2:b4:a3:87:f2:
                    0d:c8:fe:5d:ee:f7:be:0f:2e:a6:fc:43:df:38:3c:
                    30:ac:1e:e3:37:fe:c7:a6:8a:c1:17:0e:ed:af:dc:
                    6d:c8:67:22:ab:2b:9d:58:66:b2:49:3b:96:9d:f0:
                    68:0a:40:9e:ef:69:a9:d3:bb:29:5f:bc:7b:95:79:
                    d4:be:5d:99:dc:64:92:4d:62:be:96:c0:ee:c6:81:
                    8a:e2:a5:da:2c:54:e3:2c:c6:f9:0c:bf:60:ff:31:
                    8e:47:c2:b9:43:35:52:5f:1e:ec:32:9d:19:16:cc:
                    5b:4b:79:f6:9c:a7:d5:3c:d0:6a:dc:4b:16:fe:93:
                    3f:97:1a:45:4a:39:4c:ce:67:1c:33:2c:c1:4d:86:
                    ce:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:29:8E:2C:97:3A:4A:F7:AA:8B:95:ED:7A:D6:8E:34:78:0D:87:75
            X509v3 Authority Key Identifier:
                keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/UymOLJc6Sveqi5XtetaONHgNh3U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.38.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:8e:d3:ce:1d:09:86:a8:b8:3b:b0:60:77:8a:c0:f3:0e:b9:
         d8:97:b0:3a:86:79:97:ce:e6:4c:2d:0b:fe:10:1b:8c:1d:25:
         aa:c1:e7:65:23:d3:32:f1:f4:5f:65:03:2d:fa:94:ab:a5:fd:
         b4:70:5a:67:42:6a:3c:7b:d7:70:3a:73:1c:2a:89:17:5a:b9:
         6d:93:eb:69:d9:59:20:24:83:9c:37:0e:97:c4:19:2d:2b:87:
         e2:81:2b:f3:39:25:a8:a9:39:f4:9d:27:e2:d9:63:3c:a5:42:
         8d:4d:ff:21:5c:59:79:09:b6:56:34:ac:2d:72:df:c4:90:e8:
         c1:af:16:df:c1:ca:b0:97:64:25:eb:66:98:8a:42:ef:40:33:
         77:25:3f:ac:5e:27:e3:14:1c:67:7a:75:96:c3:c3:a6:c1:21:
         8b:30:89:32:36:05:f1:03:43:f9:d3:0d:89:8e:f7:8b:ff:f7:
         67:05:46:9b:bb:8f:83:8d:fe:b5:1e:ee:8a:ab:aa:01:45:34:
         07:ac:82:9d:08:4e:f6:2c:a3:e6:2f:df:5f:e2:98:f6:28:fd:
         7b:8f:4a:d8:6f:c5:22:29:c2:9d:4b:cc:22:70:9f:92:bd:37:
         62:0a:a8:d0:75:49:53:96:ed:4b:89:87:c4:96:0b:0b:09:51:
         d5:da:e3:de
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECymB9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2EzOWU0Nzk0YzM0NjEyZTdmMjI1NjliMWE2YTgxNzEwMjYwYWU1MB4XDTIyMDEw
MTA1MDIzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTMyOThlMmM5NzNh
NGFmN2FhOGI5NWVkN2FkNjhlMzQ3ODBkODc3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+kLVGk2t9XPWpdR7Rz8Xe4yKxTxiamP9hyaH99qLqYXYat
Pqr4chrzH9+kKcbwd0rbSlfyfY45zJsfXpdlEPAqdBriGIFYrj8PTZu2fYxpriZF
Jjljf+d/KGlRBRSsJxn6VSBP8OpLIPF/WDNfhdPXjeK0o4fyDcj+Xe73vg8upvxD
3zg8MKwe4zf+x6aKwRcO7a/cbchnIqsrnVhmskk7lp3waApAnu9pqdO7KV+8e5V5
1L5dmdxkkk1ivpbA7saBiuKl2ixU4yzG+Qy/YP8xjkfCuUM1Ul8e7DKdGRbMW0t5
9pyn1TzQatxLFv6TP5caRUo5TM5nHDMswU2Gzm0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRTKY4slzpK96qLle161o40eA2HdTAfBgNVHSMEGDAWgBQno55HlMNGEufy
JWmxpqgXECYK5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2T2VSNVREUmhMbjhpVnBzYWFvRnhBbUN1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8x
L1V5bU9MSmM2U3ZlcWk1WHRldGFPTkhnTmgzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8xL0o2T2VSNVREUmhM
bjhpVnBzYWFvRnhBbUN1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE4m7jANBgkqhkiG9w0BAQsFAAOC
AQEAn47Tzh0Jhqi4O7Bgd4rA8w652JewOoZ5l87mTC0L/hAbjB0lqsHnZSPTMvH0
X2UDLfqUq6X9tHBaZ0JqPHvXcDpzHCqJF1q5bZPradlZICSDnDcOl8QZLSuH4oEr
8zklqKk59J0n4tljPKVCjU3/IVxZeQm2VjSsLXLfxJDowa8W38HKsJdkJetmmIpC
70AzdyU/rF4n4xQcZ3p1lsPDpsEhizCJMjYF8QND+dMNiY73i//3ZwVGm7uPg43+
tR7uiquqAUU0B6yCnQhO9iyj5i/fX+KY9ij9e49K2G/FIinCnUvMInCfkr03Ygqo
0HVJU5btS4mHxJYLCwlR1drj3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org