Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/poL98pT8JblahuSdqK5ckqnuk94.roa
File:                     poL98pT8JblahuSdqK5ckqnuk94.roa (raw, json)
Hash identifier:          2EthLafOlDfEj9W8llPI0RdM86zFFwPAOw0X223WPmw=
Subject key identifier:   A6:82:FD:F2:94:FC:25:B9:5A:86:E4:9D:A8:AE:5C:92:A9:EE:93:DE
Certificate issuer:       /CN=7373c1ff55403d4792346493f769f8d033bef02c
Certificate serial:       17EE47C8
Authority key identifier: 73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/poL98pT8JblahuSdqK5ckqnuk94.roa
Signing time:             Sat 01 Jan 2022 03:55:01 +0000
ROA not before:           Sat 01 Jan 2022 03:55:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        213.230.203.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 401491912 (0x17ee47c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7373c1ff55403d4792346493f769f8d033bef02c
        Validity
            Not Before: Jan  1 03:55:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a682fdf294fc25b95a86e49da8ae5c92a9ee93de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:20:05:91:a6:8c:a3:9e:9a:64:32:79:3d:54:
                    5a:02:2c:40:24:64:5c:92:84:6f:66:97:b7:ba:89:
                    55:f6:44:ad:4c:e0:9c:cb:0b:52:dc:76:57:14:4f:
                    03:45:ac:22:2a:5f:50:54:c2:34:d8:31:6c:e7:a9:
                    30:7a:ca:8f:41:aa:07:18:d4:55:b8:05:78:0d:8e:
                    af:8f:f0:a3:00:5e:ad:6f:a4:8e:a1:43:7d:61:0f:
                    03:0a:78:6d:a6:51:af:56:17:79:1a:45:a7:91:49:
                    24:56:be:dc:59:70:ed:d3:43:91:d9:7e:1a:52:b1:
                    9c:f4:0c:ee:7e:9b:d3:61:7c:e1:8b:b4:5a:05:80:
                    a6:d0:a8:20:02:4a:4a:f0:0b:b9:88:44:1c:bb:07:
                    88:cb:a6:e5:66:b6:b6:ac:34:b9:b2:68:ab:83:e0:
                    11:45:36:c5:ae:93:0e:5a:c6:f8:22:a5:d4:41:22:
                    25:a7:cc:be:04:c4:6c:31:6a:51:39:c6:ae:5f:ca:
                    d9:bd:8a:f1:81:88:e0:5b:81:d4:ea:c8:8f:18:6f:
                    c4:97:98:31:c0:65:40:b9:53:c0:5b:c4:a3:fe:07:
                    33:f5:2c:5a:59:5d:03:5a:1f:1f:cc:44:7c:58:03:
                    3d:02:08:59:8a:a3:64:62:d9:ba:6c:dd:14:15:c5:
                    25:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:82:FD:F2:94:FC:25:B9:5A:86:E4:9D:A8:AE:5C:92:A9:EE:93:DE
            X509v3 Authority Key Identifier:
                keyid:73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/poL98pT8JblahuSdqK5ckqnuk94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/c3PB_1VAPUeSNGST92n40DO-8Cw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.230.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:78:75:a8:97:a1:c3:69:29:a6:97:bf:8d:44:2a:9c:a1:b1:
         ff:47:43:89:14:39:b3:f6:7e:7a:83:69:bc:63:39:39:db:d6:
         de:4c:25:62:21:5d:ef:95:f8:42:15:82:2a:91:dc:85:5e:ea:
         8e:a9:f1:22:59:30:3a:77:1a:92:64:a3:b4:35:15:ce:c1:89:
         71:68:e9:1e:46:03:27:d7:72:97:d8:57:35:23:3b:1a:42:f6:
         c5:32:e3:e4:4e:d9:dc:6f:dd:ba:2c:1c:df:0c:14:41:eb:26:
         2d:dd:e0:6a:90:bb:fc:ab:03:02:a5:f1:d4:c9:5e:0a:c2:5b:
         94:3e:52:5a:a1:3e:44:62:9f:4a:70:b7:82:af:51:3d:4b:cc:
         3d:8f:27:89:d0:8d:c3:25:5f:7b:f8:78:36:02:46:76:55:85:
         69:5c:9f:00:b7:36:33:b1:3f:85:1e:3a:ab:dc:f9:99:44:1d:
         58:63:4f:54:45:cf:a9:c4:33:59:26:51:57:b0:35:e8:9b:d7:
         a7:a5:32:20:78:75:cb:e0:c2:13:ab:a9:6c:5f:bc:35:eb:ec:
         7f:18:98:d9:af:23:f7:95:19:39:92:c5:28:27:58:9a:b8:0b:
         7b:c9:a7:a4:c1:3d:7b:67:53:db:b2:c8:96:4b:46:ee:cc:16:
         d1:f1:7f:21
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF+5HyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzczYzFmZjU1NDAzZDQ3OTIzNDY0OTNmNzY5ZjhkMDMzYmVmMDJjMB4XDTIyMDEw
MTAzNTUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY4MmZkZjI5NGZj
MjViOTVhODZlNDlkYThhZTVjOTJhOWVlOTNkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsgBZGmjKOemmQyeT1UWgIsQCRkXJKEb2aXt7qJVfZErUzg
nMsLUtx2VxRPA0WsIipfUFTCNNgxbOepMHrKj0GqBxjUVbgFeA2Or4/wowBerW+k
jqFDfWEPAwp4baZRr1YXeRpFp5FJJFa+3Flw7dNDkdl+GlKxnPQM7n6b02F84Yu0
WgWAptCoIAJKSvALuYhEHLsHiMum5Wa2tqw0ubJoq4PgEUU2xa6TDlrG+CKl1EEi
JafMvgTEbDFqUTnGrl/K2b2K8YGI4FuB1OrIjxhvxJeYMcBlQLlTwFvEo/4HM/Us
WlldA1ofH8xEfFgDPQIIWYqjZGLZumzdFBXFJR8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSmgv3ylPwluVqG5J2orlySqe6T3jAfBgNVHSMEGDAWgBRzc8H/VUA9R5I0
ZJP3afjQM77wLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2MzUEJfMVZBUFVlU05HU1Q5Mm40MERPLThDdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvMWFmZjEwLWRkMjktNDM5Zi04ZDIzLWJjOWE1ZjY2MDVmYy8x
L3BvTDk4cFQ4SmJsYWh1U2RxSzVja3FudWs5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
MWFmZjEwLWRkMjktNDM5Zi04ZDIzLWJjOWE1ZjY2MDVmYy8xL2MzUEJfMVZBUFVl
U05HU1Q5Mm40MERPLThDdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXmyzANBgkqhkiG9w0BAQsFAAOC
AQEAUHh1qJehw2kpppe/jUQqnKGx/0dDiRQ5s/Z+eoNpvGM5OdvW3kwlYiFd75X4
QhWCKpHchV7qjqnxIlkwOncakmSjtDUVzsGJcWjpHkYDJ9dyl9hXNSM7GkL2xTLj
5E7Z3G/duiwc3wwUQesmLd3gapC7/KsDAqXx1MleCsJblD5SWqE+RGKfSnC3gq9R
PUvMPY8nidCNwyVfe/h4NgJGdlWFaVyfALc2M7E/hR46q9z5mUQdWGNPVEXPqcQz
WSZRV7A16JvXp6UyIHh1y+DCE6upbF+8NevsfxiY2a8j95UZOZLFKCdYmrgLe8mn
pME9e2dT27LIlktG7swW0fF/IQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:29 2024 by rpki-client on console-ams.rpki-client.org