Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/SJsM1luW-oy9aE8Dh31I5U14wG0.roa
File:                     SJsM1luW-oy9aE8Dh31I5U14wG0.roa (raw, json)
Hash identifier:          F15p1AU3N5oxjDZzfgFEPUbEa+ICeeqx8cgTPxyAgDI=
Subject key identifier:   48:9B:0C:D6:5B:96:FA:8C:BD:68:4F:03:87:7D:48:E5:4D:78:C0:6D
Certificate issuer:       /CN=b82e7b8068c4ae9ae4ca4c3a6b2096199a741ff2
Certificate serial:       03C6FD98
Authority key identifier: B8:2E:7B:80:68:C4:AE:9A:E4:CA:4C:3A:6B:20:96:19:9A:74:1F:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/SJsM1luW-oy9aE8Dh31I5U14wG0.roa
Signing time:             Fri 11 Mar 2022 21:40:34 +0000
ROA not before:           Fri 11 Mar 2022 21:40:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49453
IP address blocks:        178.159.100.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63372696 (0x3c6fd98)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b82e7b8068c4ae9ae4ca4c3a6b2096199a741ff2
        Validity
            Not Before: Mar 11 21:40:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=489b0cd65b96fa8cbd684f03877d48e54d78c06d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ed:4e:27:a7:50:a5:ca:08:8e:d6:82:82:e1:
                    e9:e9:fd:c0:e0:92:8e:59:d1:1d:ff:d0:44:34:31:
                    46:6a:ee:8e:8f:06:e0:e7:86:8e:b4:6a:40:d9:94:
                    91:b4:9f:e4:9e:62:9e:46:a7:05:2b:87:8c:09:71:
                    c6:f8:93:93:f8:50:49:d5:87:b3:d3:02:9b:e0:a1:
                    d8:d5:dd:a8:c5:af:77:ad:0a:70:5c:25:9a:14:96:
                    1d:e0:56:ac:15:6d:d3:ff:5d:30:5b:29:d4:36:55:
                    e8:e7:4e:75:ef:78:cd:e2:16:1c:3f:fb:66:6a:4c:
                    4a:ba:b1:78:68:b8:9a:ad:9c:33:2d:b9:62:c0:f3:
                    ea:e4:d3:3a:44:b1:e1:9b:89:9c:91:33:23:76:d4:
                    eb:4c:45:d0:bf:43:9b:28:3c:5e:5a:75:13:3e:7d:
                    1c:7e:d2:55:b7:de:b3:15:69:de:2b:33:f8:13:14:
                    cf:60:66:c5:f0:90:9f:12:5a:c3:01:36:59:13:7e:
                    e3:d0:f3:c6:a5:20:9c:3d:72:b8:6d:42:4e:cd:96:
                    fb:81:ee:f2:c2:5a:77:08:b5:ef:a3:1c:65:49:4b:
                    3c:1d:98:14:71:6e:5a:97:24:14:84:71:b5:1b:67:
                    8e:59:1e:e7:ac:ce:0b:d9:0d:0e:07:22:46:a5:f2:
                    bd:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:9B:0C:D6:5B:96:FA:8C:BD:68:4F:03:87:7D:48:E5:4D:78:C0:6D
            X509v3 Authority Key Identifier:
                keyid:B8:2E:7B:80:68:C4:AE:9A:E4:CA:4C:3A:6B:20:96:19:9A:74:1F:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/SJsM1luW-oy9aE8Dh31I5U14wG0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.159.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:b1:94:07:18:39:5d:c6:48:ef:86:d3:74:50:42:5e:2a:3d:
         ab:0d:2a:cf:97:5a:28:62:50:e5:ff:8b:76:4d:2d:f1:3e:db:
         c8:34:98:37:73:3d:9a:76:94:fc:a5:72:aa:f3:4d:00:a1:ad:
         97:fa:3f:12:bc:5d:66:74:4e:9d:ef:8a:cb:6e:74:8d:85:45:
         f9:c9:42:85:f3:53:f7:f0:e0:78:62:18:f8:4e:09:1a:88:a7:
         ed:e4:b6:e0:de:24:65:06:75:af:3c:e8:7e:a8:af:a3:96:42:
         49:5b:b7:0a:db:1d:c7:08:76:67:e7:53:84:4a:c1:1d:b7:32:
         67:b4:9d:e8:b6:7d:69:f5:c2:ce:0f:c7:88:4b:15:0b:5a:d3:
         a1:eb:9b:2a:3a:9d:7b:5e:a2:89:ec:cb:4c:f7:aa:83:4e:d3:
         83:7c:3f:7b:a1:b2:8c:2b:7b:da:2c:7c:cf:67:4d:41:21:7d:
         99:ab:4f:db:82:24:af:71:fb:ae:2a:78:dd:c3:0e:aa:ba:6c:
         4a:fc:b4:bf:f6:05:3a:dc:85:b1:4f:13:83:c3:ab:8f:11:38:
         80:36:ee:1e:5a:1c:88:80:6c:52:28:d4:97:af:03:85:23:43:
         74:6e:1d:a1:c1:13:4f:30:5f:f6:26:80:62:7f:7c:31:72:62:
         59:36:a5:77
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8b9mDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODJlN2I4MDY4YzRhZTlhZTRjYTRjM2E2YjIwOTYxOTlhNzQxZmYyMB4XDTIyMDMx
MTIxNDAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg5YjBjZDY1Yjk2
ZmE4Y2JkNjg0ZjAzODc3ZDQ4ZTU0ZDc4YzA2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHtTienUKXKCI7WgoLh6en9wOCSjlnRHf/QRDQxRmrujo8G
4OeGjrRqQNmUkbSf5J5inkanBSuHjAlxxviTk/hQSdWHs9MCm+Ch2NXdqMWvd60K
cFwlmhSWHeBWrBVt0/9dMFsp1DZV6OdOde94zeIWHD/7ZmpMSrqxeGi4mq2cMy25
YsDz6uTTOkSx4ZuJnJEzI3bU60xF0L9Dmyg8Xlp1Ez59HH7SVbfesxVp3isz+BMU
z2BmxfCQnxJawwE2WRN+49DzxqUgnD1yuG1CTs2W+4Hu8sJadwi176McZUlLPB2Y
FHFuWpckFIRxtRtnjlke56zOC9kNDgciRqXyve8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRImwzWW5b6jL1oTwOHfUjlTXjAbTAfBgNVHSMEGDAWgBS4LnuAaMSumuTK
TDprIJYZmnQf8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VDNTdnR2pFcnBya3lrdzZheUNXR1pwMEhfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvMjljOTE1LTJjYmMtNDc2OC04NDBjLWFhZGZhOWMwNjc0Mi8x
L1NKc00xbHVXLW95OWFFOERoMzFJNVUxNHdHMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
MjljOTE1LTJjYmMtNDc2OC04NDBjLWFhZGZhOWMwNjc0Mi8xL3VDNTdnR2pFcnBy
a3lrdzZheUNXR1pwMEhfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALKfZDANBgkqhkiG9w0BAQsFAAOC
AQEAMLGUBxg5XcZI74bTdFBCXio9qw0qz5daKGJQ5f+Ldk0t8T7byDSYN3M9mnaU
/KVyqvNNAKGtl/o/ErxdZnROne+Ky250jYVF+clChfNT9/DgeGIY+E4JGoin7eS2
4N4kZQZ1rzzofqivo5ZCSVu3Ctsdxwh2Z+dThErBHbcyZ7Sd6LZ9afXCzg/HiEsV
C1rToeubKjqde16iiezLTPeqg07Tg3w/e6GyjCt72ix8z2dNQSF9matP24Ikr3H7
rip43cMOqrpsSvy0v/YFOtyFsU8Tg8OrjxE4gDbuHlociIBsUijUl68DhSNDdG4d
ocETTzBf9iaAYn98MXJiWTaldw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:17 2024 by rpki-client on console-ams.rpki-client.org