Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/1b78cd-d005-492c-9167-1bf868a03538/1/ERgoJ6aqvKHMF6WmAUGaaEAQmQQ.roa
File:                     ERgoJ6aqvKHMF6WmAUGaaEAQmQQ.roa (raw, json)
Hash identifier:          R7aBRnk/q9WVyyZGxRUTezA0BxywF69+9vrcq8i5Ux4=
Subject key identifier:   11:18:28:27:A6:AA:BC:A1:CC:17:A5:A6:01:41:9A:68:40:10:99:04
Certificate issuer:       /CN=0148d2ca8a2b43b6cad25b22265354fe303911a0
Certificate serial:       04FC28F1
Authority key identifier: 01:48:D2:CA:8A:2B:43:B6:CA:D2:5B:22:26:53:54:FE:30:39:11:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AUjSyoorQ7bK0lsiJlNU_jA5EaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/1b78cd-d005-492c-9167-1bf868a03538/1/ERgoJ6aqvKHMF6WmAUGaaEAQmQQ.roa
Signing time:             Sat 01 Jan 2022 11:01:52 +0000
ROA not before:           Sat 01 Jan 2022 11:01:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28924
IP address blocks:        193.178.119.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83634417 (0x4fc28f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0148d2ca8a2b43b6cad25b22265354fe303911a0
        Validity
            Not Before: Jan  1 11:01:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=11182827a6aabca1cc17a5a601419a6840109904
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b7:ef:4c:fd:da:44:da:e3:77:58:ca:db:77:
                    e3:ba:62:d0:fc:af:e4:40:fe:08:51:ba:9d:17:dc:
                    45:84:13:72:ae:ca:91:c8:58:00:ed:2b:4f:41:6f:
                    04:ac:af:bb:a8:32:9c:0e:ae:59:8e:3c:ab:4f:99:
                    ae:b5:6c:74:ec:8c:05:4a:6b:1e:14:bb:83:69:c5:
                    14:6a:35:d5:5a:82:dd:ca:2f:76:39:2e:3e:92:80:
                    f0:78:0a:cd:58:ce:c8:62:41:9c:c6:80:af:04:9f:
                    74:06:24:37:83:9e:ad:33:f4:91:09:fc:9e:47:31:
                    e8:67:a5:d5:26:85:ff:61:6b:8c:40:e7:d2:08:c9:
                    99:2e:f4:0c:3b:55:e1:00:3a:d6:e0:d1:3b:ef:9e:
                    4b:d0:b1:29:d5:f0:73:f1:71:b3:60:d4:3f:a2:4f:
                    f7:0c:38:5e:65:2f:0f:6c:97:5e:62:5c:2f:03:4b:
                    c2:b7:ef:71:31:c2:d5:07:34:01:87:b5:cc:4a:94:
                    fb:58:0e:38:79:08:da:38:40:e4:dc:d3:6a:9e:1b:
                    40:0f:37:ef:ac:d8:27:da:70:54:f0:63:0e:de:76:
                    eb:1e:59:6b:ef:87:6b:e7:a5:55:a5:6b:77:94:e8:
                    bd:79:2a:d1:20:fb:de:3b:0f:af:a4:36:b8:52:bf:
                    11:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:18:28:27:A6:AA:BC:A1:CC:17:A5:A6:01:41:9A:68:40:10:99:04
            X509v3 Authority Key Identifier:
                keyid:01:48:D2:CA:8A:2B:43:B6:CA:D2:5B:22:26:53:54:FE:30:39:11:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AUjSyoorQ7bK0lsiJlNU_jA5EaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b78cd-d005-492c-9167-1bf868a03538/1/ERgoJ6aqvKHMF6WmAUGaaEAQmQQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b78cd-d005-492c-9167-1bf868a03538/1/AUjSyoorQ7bK0lsiJlNU_jA5EaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:33:c7:02:ae:b4:ed:99:8e:8f:d4:08:01:09:f1:21:c0:53:
         33:b0:0f:c6:82:2d:b5:9c:c4:98:2a:9a:96:3a:67:21:87:35:
         79:f8:e9:c8:ab:f9:18:b6:60:e9:c4:99:aa:33:8d:c6:c9:cf:
         1d:d2:7f:70:f3:dc:01:2e:11:55:cd:a2:1c:c8:29:77:95:bb:
         d0:3d:3c:4b:60:44:f0:d0:cc:1f:dc:86:73:b4:00:6f:fb:79:
         fe:00:0f:44:f1:8a:0f:f5:62:06:6a:0d:e6:d1:7e:c1:75:8a:
         4d:54:b2:99:4a:11:17:c7:57:f5:d5:e3:b2:67:a0:09:cc:d5:
         8f:24:3b:ff:b4:09:4a:e0:9a:f3:2f:c6:0c:18:5f:02:eb:b6:
         2d:fa:de:62:0f:eb:a2:5e:17:0d:66:68:85:99:fa:53:89:b9:
         a9:f8:59:d5:e9:5d:72:8e:0d:61:ae:a1:e8:51:e2:20:10:e3:
         db:95:ae:20:20:0c:fc:24:5f:09:28:20:88:ae:6f:c3:4a:28:
         e2:c4:65:2f:88:88:51:ed:c3:9a:70:39:77:3c:8a:d3:73:84:
         27:29:eb:7e:2a:00:c0:8d:af:f9:24:2e:02:5b:6e:67:14:37:
         66:fb:22:83:28:56:47:0d:e8:88:5d:73:d6:09:0e:c3:d9:f9:
         79:c0:36:d4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBPwo8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTQ4ZDJjYThhMmI0M2I2Y2FkMjViMjIyNjUzNTRmZTMwMzkxMWEwMB4XDTIyMDEw
MTExMDE1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTExODI4MjdhNmFh
YmNhMWNjMTdhNWE2MDE0MTlhNjg0MDEwOTkwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANe370z92kTa43dYytt347pi0Pyv5ED+CFG6nRfcRYQTcq7K
kchYAO0rT0FvBKyvu6gynA6uWY48q0+ZrrVsdOyMBUprHhS7g2nFFGo11VqC3cov
djkuPpKA8HgKzVjOyGJBnMaArwSfdAYkN4OerTP0kQn8nkcx6Gel1SaF/2FrjEDn
0gjJmS70DDtV4QA61uDRO++eS9CxKdXwc/Fxs2DUP6JP9ww4XmUvD2yXXmJcLwNL
wrfvcTHC1Qc0AYe1zEqU+1gOOHkI2jhA5NzTap4bQA8376zYJ9pwVPBjDt526x5Z
a++Ha+elVaVrd5TovXkq0SD73jsPr6Q2uFK/Ee0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQRGCgnpqq8ocwXpaYBQZpoQBCZBDAfBgNVHSMEGDAWgBQBSNLKiitDtsrS
WyImU1T+MDkRoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FValN5b29yUTdiSzBsc2lKbE5VX2pBNUVhQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvMWI3OGNkLWQwMDUtNDkyYy05MTY3LTFiZjg2OGEwMzUzOC8x
L0VSZ29KNmFxdktITUY2V21BVUdhYUVBUW1RUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
MWI3OGNkLWQwMDUtNDkyYy05MTY3LTFiZjg2OGEwMzUzOC8xL0FValN5b29yUTdi
SzBsc2lKbE5VX2pBNUVhQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGydzANBgkqhkiG9w0BAQsFAAOC
AQEAFjPHAq607ZmOj9QIAQnxIcBTM7APxoIttZzEmCqaljpnIYc1efjpyKv5GLZg
6cSZqjONxsnPHdJ/cPPcAS4RVc2iHMgpd5W70D08S2BE8NDMH9yGc7QAb/t5/gAP
RPGKD/ViBmoN5tF+wXWKTVSymUoRF8dX9dXjsmegCczVjyQ7/7QJSuCa8y/GDBhf
Auu2LfreYg/rol4XDWZohZn6U4m5qfhZ1eldco4NYa6h6FHiIBDj25WuICAM/CRf
CSggiK5vw0oo4sRlL4iIUe3DmnA5dzyK03OEJynrfioAwI2v+SQuAltuZxQ3Zvsi
gyhWRw3oiF1z1gkOw9n5ecA21A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:44 2024 by rpki-client on console-fra.rpki-client.org