Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/bd6b11-c523-43d1-af58-f679bd812747/1/exaCiOy4guoCQxvm71xN80ciEro.roa
File:                     exaCiOy4guoCQxvm71xN80ciEro.roa (raw, json)
Hash identifier:          nM31Xne40z6fJnhZx829IX6OW71Mkj1rUGKvAWMnXU4=
Subject key identifier:   7B:16:82:88:EC:B8:82:EA:02:43:1B:E6:EF:5C:4D:F3:47:22:12:BA
Certificate issuer:       /CN=3cb78e7191bc7639e287f516a6f4019e1a418dd7
Certificate serial:       D458
Authority key identifier: 3C:B7:8E:71:91:BC:76:39:E2:87:F5:16:A6:F4:01:9E:1A:41:8D:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PLeOcZG8djnih_UWpvQBnhpBjdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/bd6b11-c523-43d1-af58-f679bd812747/1/exaCiOy4guoCQxvm71xN80ciEro.roa
Signing time:             Thu 12 May 2022 10:43:36 +0000
ROA not before:           Thu 12 May 2022 10:43:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41106
IP address blocks:        89.200.176.0/24 maxlen: 24
                          89.200.177.0/24 maxlen: 24
                          89.200.178.0/23 maxlen: 23
                          89.200.180.0/23 maxlen: 23
                          89.200.182.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54360 (0xd458)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cb78e7191bc7639e287f516a6f4019e1a418dd7
        Validity
            Not Before: May 12 10:43:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7b168288ecb882ea02431be6ef5c4df3472212ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:8d:dc:a3:0d:de:d7:ae:e6:44:90:3a:4d:1b:
                    af:83:4b:e5:77:9d:3b:31:8c:23:8f:cc:dc:1c:16:
                    1a:67:ca:f8:0c:9f:08:cd:8d:1a:5f:d8:b3:37:8f:
                    3f:08:ac:e5:69:11:42:90:e1:9d:29:8f:99:7b:de:
                    05:15:0c:10:ae:37:fa:db:f1:ac:48:7e:f5:8b:7e:
                    17:d5:ed:a1:74:f8:55:71:dd:11:35:69:7d:45:3c:
                    35:98:5f:ae:d9:76:ee:cb:09:9e:2a:68:72:84:11:
                    f3:15:dd:79:d2:a0:ee:6f:0a:70:de:50:c0:7c:ab:
                    24:63:63:99:8d:f3:1c:d8:fa:82:eb:53:53:39:07:
                    f4:a1:20:9b:d1:70:60:d9:6d:b4:78:fb:04:28:40:
                    7b:00:61:81:41:e6:11:1a:14:73:be:19:ff:5b:31:
                    9f:12:16:06:f4:e7:5f:bf:cd:e3:d9:78:e2:28:22:
                    2d:01:b6:5c:e6:fe:4e:d5:7a:30:58:d8:c1:07:7b:
                    54:9a:1b:10:d4:eb:21:11:bf:aa:26:fb:4c:34:96:
                    93:91:bd:dc:ea:d4:c7:f8:5a:ff:87:45:02:3b:70:
                    dc:f2:2a:db:56:0f:1a:2e:88:4a:4b:c6:f6:0a:38:
                    a6:40:07:22:b6:be:95:be:b7:67:0b:31:52:53:0c:
                    17:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:16:82:88:EC:B8:82:EA:02:43:1B:E6:EF:5C:4D:F3:47:22:12:BA
            X509v3 Authority Key Identifier:
                keyid:3C:B7:8E:71:91:BC:76:39:E2:87:F5:16:A6:F4:01:9E:1A:41:8D:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PLeOcZG8djnih_UWpvQBnhpBjdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/bd6b11-c523-43d1-af58-f679bd812747/1/exaCiOy4guoCQxvm71xN80ciEro.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/bd6b11-c523-43d1-af58-f679bd812747/1/PLeOcZG8djnih_UWpvQBnhpBjdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.200.176.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0b:32:04:43:83:0a:b7:2a:b2:18:fc:73:c0:fb:96:77:6e:e2:
         9e:aa:ff:a6:60:ec:ec:73:b8:01:8f:b8:e2:cc:18:67:95:4c:
         a9:bd:6f:5f:ab:f4:54:9f:ba:67:a6:51:63:8b:95:c5:26:ad:
         0b:ce:4d:c1:77:05:d9:62:19:7c:46:63:42:14:7a:3f:a2:a8:
         3f:03:cd:96:19:8b:23:b6:0c:4f:da:a0:0a:50:f4:dd:bf:94:
         11:0f:2b:f3:47:e3:32:c3:dc:29:7f:50:0e:57:7b:97:c5:8e:
         b5:28:0e:b3:40:fc:ca:00:c1:5d:50:1d:9f:2a:22:44:71:3c:
         a5:3e:58:8b:95:0a:d3:14:b7:0b:b0:b8:1f:1d:cd:48:65:b7:
         af:01:21:f6:ef:7a:ca:6d:ad:2a:21:ae:6d:c2:36:7f:a0:7c:
         c2:bc:62:19:a5:6b:bc:07:1c:1f:d9:6f:17:8d:84:f4:a9:d4:
         6d:c7:e1:15:f4:d0:fd:10:17:43:a8:7e:8a:d6:19:9e:ac:8a:
         57:37:12:77:06:5b:e4:75:25:a1:cd:98:c3:e9:f2:9e:35:83:
         82:37:cb:e8:11:ca:5f:77:8b:e9:70:39:b1:c7:de:6e:8e:eb:
         ac:2d:60:4a:25:20:6d:9d:51:0d:b3:7c:37:b1:e9:88:e1:df:
         80:cc:84:34
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDANRYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNj
Yjc4ZTcxOTFiYzc2MzllMjg3ZjUxNmE2ZjQwMTllMWE0MThkZDcwHhcNMjIwNTEy
MTA0MzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3YjE2ODI4OGVjYjg4
MmVhMDI0MzFiZTZlZjVjNGRmMzQ3MjIxMmJhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAt43cow3e167mRJA6TRuvg0vld507MYwjj8zcHBYaZ8r4DJ8I
zY0aX9izN48/CKzlaRFCkOGdKY+Ze94FFQwQrjf62/GsSH71i34X1e2hdPhVcd0R
NWl9RTw1mF+u2XbuywmeKmhyhBHzFd150qDubwpw3lDAfKskY2OZjfMc2PqC61NT
OQf0oSCb0XBg2W20ePsEKEB7AGGBQeYRGhRzvhn/WzGfEhYG9Odfv83j2XjiKCIt
AbZc5v5O1XowWNjBB3tUmhsQ1OshEb+qJvtMNJaTkb3c6tTH+Fr/h0UCO3Dc8irb
Vg8aLohKS8b2CjimQAcitr6VvrdnCzFSUwwXnwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFHsWgojsuILqAkMb5u9cTfNHIhK6MB8GA1UdIwQYMBaAFDy3jnGRvHY54of1
Fqb0AZ4aQY3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UExlT2NaRzhkam5paF9VV3B2UUJuaHBCamRjLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Ni9iZDZiMTEtYzUyMy00M2QxLWFmNTgtZjY3OWJkODEyNzQ3LzEv
ZXhhQ2lPeTRndW9DUXh2bTcxeE44MGNpRXJvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9i
ZDZiMTEtYzUyMy00M2QxLWFmNTgtZjY3OWJkODEyNzQ3LzEvUExlT2NaRzhkam5p
aF9VV3B2UUJuaHBCamRjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWciwMA0GCSqGSIb3DQEBCwUAA4IB
AQALMgRDgwq3KrIY/HPA+5Z3buKeqv+mYOzsc7gBj7jizBhnlUypvW9fq/RUn7pn
plFji5XFJq0Lzk3BdwXZYhl8RmNCFHo/oqg/A82WGYsjtgxP2qAKUPTdv5QRDyvz
R+Myw9wpf1AOV3uXxY61KA6zQPzKAMFdUB2fKiJEcTylPliLlQrTFLcLsLgfHc1I
ZbevASH273rKba0qIa5twjZ/oHzCvGIZpWu8Bxwf2W8XjYT0qdRtx+EV9ND9EBdD
qH6K1hmerIpXNxJ3BlvkdSWhzZjD6fKeNYOCN8voEcpfd4vpcDmxx95ujuusLWBK
JSBtnVENs3w3semI4d+AzIQ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:42 2024 by rpki-client on console-fra.rpki-client.org