Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Pcw44GlIU-aWeV-0D0-NgslPorU.roa
File:                     Pcw44GlIU-aWeV-0D0-NgslPorU.roa (raw, json)
Hash identifier:          8ydZ5DsPWi23wDNG1NiAQTyL2pXWZgtetEn2jPoS8LY=
Subject key identifier:   3D:CC:38:E0:69:48:53:E6:96:79:5F:B4:0F:4F:8D:82:C9:4F:A2:B5
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       2AE9C871
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Pcw44GlIU-aWeV-0D0-NgslPorU.roa
Signing time:             Sat 01 Jan 2022 13:57:47 +0000
ROA not before:           Sat 01 Jan 2022 13:57:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15503
IP address blocks:        213.216.65.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 719964273 (0x2ae9c871)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 13:57:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3dcc38e0694853e696795fb40f4f8d82c94fa2b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e1:76:57:ad:fe:9e:c7:54:a4:72:e7:4d:99:
                    c4:e1:84:12:62:cc:11:25:af:03:65:f1:48:e8:c1:
                    e1:5a:5a:85:55:11:ca:2f:9f:85:3b:28:03:b8:e3:
                    de:00:4e:16:0b:4c:88:28:45:d5:3b:3e:20:17:d5:
                    dc:17:1d:37:90:78:21:0a:89:7d:24:44:7d:fb:d1:
                    83:7e:f4:a6:b3:ea:2b:dc:fa:27:09:86:61:32:b9:
                    25:8e:dc:90:23:ed:4b:f3:f5:f0:ae:b5:7c:5f:56:
                    47:fb:c4:ea:92:cf:7a:30:40:56:a3:2d:7d:b7:c7:
                    e9:c9:a4:8b:0d:06:45:5a:cf:d3:8e:04:6f:ba:e9:
                    ab:12:31:9f:05:56:05:d5:86:d2:51:07:07:58:4c:
                    a5:b2:04:f0:50:a2:99:d4:33:76:42:b8:e6:2c:46:
                    30:bc:02:3f:a5:45:04:2a:0c:6f:c1:1f:0c:13:ab:
                    6c:1f:a1:cf:a5:01:55:1f:41:cc:a6:0b:a2:5a:6d:
                    42:a2:50:f1:8e:b4:4a:35:97:e5:d8:91:29:83:a5:
                    ce:79:80:9c:e5:fb:b7:47:e9:45:f1:4a:45:86:b1:
                    71:8a:89:08:14:f1:20:aa:da:a5:bb:89:07:cd:84:
                    fe:97:5a:7e:90:6a:8f:2a:6a:f3:76:0a:d4:5f:7d:
                    95:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:CC:38:E0:69:48:53:E6:96:79:5F:B4:0F:4F:8D:82:C9:4F:A2:B5
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Pcw44GlIU-aWeV-0D0-NgslPorU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.216.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:32:2f:eb:f2:70:50:00:60:be:e8:a1:63:f6:0a:f4:80:10:
         3e:5c:79:66:2d:07:34:71:49:bc:5c:20:eb:f0:cb:b4:f2:cf:
         30:76:aa:ce:46:e1:af:bf:7c:c1:36:ec:fc:c7:db:af:d7:d8:
         70:a2:41:9a:6f:8f:87:08:fa:f7:1f:19:93:f9:b1:8f:29:a7:
         a9:e6:63:05:45:ad:77:0c:d6:2f:a8:9e:e5:04:3a:96:e1:c9:
         bf:b5:7e:d7:bb:2a:e8:73:bb:59:88:cd:d4:b0:58:0e:a8:93:
         05:58:cb:76:1b:31:f9:81:bf:8c:a0:ae:27:25:c7:fd:d2:08:
         2e:03:9f:dc:94:ad:50:69:bc:ad:23:a1:40:8e:6f:7a:6f:ac:
         72:fb:a8:82:37:f5:89:b8:97:68:1a:13:18:ed:86:8d:3a:87:
         0c:cc:23:a5:b2:b5:50:9a:77:4a:8c:98:32:19:87:d5:c8:13:
         0a:35:72:54:2f:5f:6b:76:a9:f9:71:22:27:77:59:95:9b:40:
         aa:9b:f9:88:d3:af:82:9d:3f:4c:05:88:7f:7f:66:c5:68:09:
         77:18:43:32:a5:c0:2e:1e:d8:67:1c:79:20:19:cb:c5:21:5c:
         a3:e1:6e:80:17:09:ac:4b:11:aa:1c:8b:c2:bd:59:56:57:94:
         5c:61:a3:cc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKunIcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2RjYzM4ZTA2OTQ4
NTNlNjk2Nzk1ZmI0MGY0ZjhkODJjOTRmYTJiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXhdlet/p7HVKRy502ZxOGEEmLMESWvA2XxSOjB4VpahVUR
yi+fhTsoA7jj3gBOFgtMiChF1Ts+IBfV3BcdN5B4IQqJfSREffvRg370prPqK9z6
JwmGYTK5JY7ckCPtS/P18K61fF9WR/vE6pLPejBAVqMtfbfH6cmkiw0GRVrP044E
b7rpqxIxnwVWBdWG0lEHB1hMpbIE8FCimdQzdkK45ixGMLwCP6VFBCoMb8EfDBOr
bB+hz6UBVR9BzKYLolptQqJQ8Y60SjWX5diRKYOlznmAnOX7t0fpRfFKRYaxcYqJ
CBTxIKrapbuJB82E/pdafpBqjypq83YK1F99lTsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ9zDjgaUhT5pZ5X7QPT42CyU+itTAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L1BjdzQ0R2xJVS1hV2VWLTBEMC1OZ3NsUG9yVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXYQTANBgkqhkiG9w0BAQsFAAOC
AQEAlTIv6/JwUABgvuihY/YK9IAQPlx5Zi0HNHFJvFwg6/DLtPLPMHaqzkbhr798
wTbs/Mfbr9fYcKJBmm+Phwj69x8Zk/mxjymnqeZjBUWtdwzWL6ie5QQ6luHJv7V+
17sq6HO7WYjN1LBYDqiTBVjLdhsx+YG/jKCuJyXH/dIILgOf3JStUGm8rSOhQI5v
em+scvuogjf1ibiXaBoTGO2GjTqHDMwjpbK1UJp3SoyYMhmH1cgTCjVyVC9fa3ap
+XEiJ3dZlZtAqpv5iNOvgp0/TAWIf39mxWgJdxhDMqXALh7YZxx5IBnLxSFco+Fu
gBcJrEsRqhyLwr1ZVleUXGGjzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org