Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/DGGXADdyoGZLpdaxwi4j-OpPfhE.roa
File:                     DGGXADdyoGZLpdaxwi4j-OpPfhE.roa (raw, json)
Hash identifier:          Z0pmyD7gvK2+9OKfawOQnNMEtw55mivnFDAzGvVEpcI=
Subject key identifier:   0C:61:97:00:37:72:A0:66:4B:A5:D6:B1:C2:2E:23:F8:EA:4F:7E:11
Certificate issuer:       /CN=7b8254253dc0213fe58a7aff4b82463e47978063
Certificate serial:       0184142139AE8E77331C25D093AF9DA08E9F
Authority key identifier: 7B:82:54:25:3D:C0:21:3F:E5:8A:7A:FF:4B:82:46:3E:47:97:80:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e4JUJT3AIT_linr_S4JGPkeXgGM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/DGGXADdyoGZLpdaxwi4j-OpPfhE.roa
Signing time:             Wed 26 Oct 2022 11:50:32 +0000
ROA not before:           Wed 26 Oct 2022 11:50:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     33808
IP address blocks:        178.213.74.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:14:21:39:ae:8e:77:33:1c:25:d0:93:af:9d:a0:8e:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b8254253dc0213fe58a7aff4b82463e47978063
        Validity
            Not Before: Oct 26 11:50:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0c6197003772a0664ba5d6b1c22e23f8ea4f7e11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:e2:b8:fb:de:d3:bb:79:69:83:07:bb:10:6a:
                    d6:ac:3b:9c:1a:8c:dc:65:55:e0:87:eb:ab:eb:42:
                    48:cd:3a:73:0f:0d:f4:f6:1f:e4:2b:bf:80:86:d7:
                    99:f1:4f:2c:30:ec:6f:d9:90:70:06:dd:2e:9a:ba:
                    ca:70:af:b5:0c:12:97:60:19:f8:48:e5:df:24:5a:
                    1f:12:eb:71:a8:7c:3f:d0:33:09:30:0a:e5:94:74:
                    d4:3a:67:8f:13:c1:55:5b:1c:36:15:c3:ce:02:bb:
                    7c:ca:ca:6e:3d:5a:3c:15:6b:e6:f6:db:97:78:c4:
                    80:ae:a4:1b:51:ad:6d:3d:ca:51:cd:52:93:b2:a4:
                    53:1e:00:14:ed:fd:0a:3d:cd:65:76:dd:80:4c:fd:
                    a1:c7:97:36:26:d8:f9:b9:8a:f2:d5:81:07:d7:54:
                    a5:66:65:5c:36:e7:d5:bc:e1:6b:3a:90:b4:08:b5:
                    b6:5b:61:a7:34:64:af:35:1b:77:89:21:70:5f:18:
                    9d:c9:fd:49:ee:98:d2:f0:53:44:b7:83:cc:f4:a7:
                    9a:ea:e6:ba:bc:2f:dc:ce:1e:f2:f8:d6:69:76:f4:
                    fa:7d:0b:89:87:47:f1:10:1c:6b:fe:55:04:dc:0d:
                    d5:29:eb:47:ad:ff:06:b9:e9:1c:0e:76:04:8f:b4:
                    d5:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:61:97:00:37:72:A0:66:4B:A5:D6:B1:C2:2E:23:F8:EA:4F:7E:11
            X509v3 Authority Key Identifier:
                keyid:7B:82:54:25:3D:C0:21:3F:E5:8A:7A:FF:4B:82:46:3E:47:97:80:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4JUJT3AIT_linr_S4JGPkeXgGM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/DGGXADdyoGZLpdaxwi4j-OpPfhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/e4JUJT3AIT_linr_S4JGPkeXgGM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.213.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:d9:3a:9a:25:ad:9b:da:98:77:3c:df:18:40:4f:f7:33:0c:
         49:02:7d:1c:ca:1e:80:cd:33:da:8e:80:50:8c:bb:2e:13:18:
         e1:eb:42:4f:11:53:d6:1b:7e:b8:67:42:c5:c0:65:35:40:76:
         e0:30:06:be:35:01:a1:f6:47:82:65:d5:14:e7:a4:b6:a7:e3:
         51:43:e8:59:b8:55:00:7d:61:41:1b:38:8a:e4:94:ab:e7:b4:
         32:17:af:4e:3b:cf:61:cc:dd:f6:95:cf:b9:e6:07:9f:25:27:
         ad:d6:bc:48:6f:f5:75:e8:79:7d:d6:54:5e:29:2a:6a:52:59:
         d7:a4:59:d3:00:2d:0b:32:3b:94:38:a8:0d:70:e5:b7:5e:a2:
         97:ac:99:c3:3c:43:05:10:01:03:f6:9a:c5:64:ce:cf:f0:42:
         b0:13:7e:68:72:ff:7e:50:c3:73:c2:39:76:dc:21:dd:57:28:
         a0:41:33:dd:23:49:a8:bf:68:4d:f2:0d:5a:93:40:a4:7e:c7:
         f1:a7:55:6d:e9:90:55:ef:6c:4d:3f:66:e4:8a:0a:96:0f:36:
         78:3c:a7:35:62:3b:a8:14:f5:7a:ad:0a:d7:3e:c6:bc:db:10:
         5b:e2:66:99:a6:47:a9:35:71:f8:45:36:b9:0a:2c:1b:2a:97:
         f3:00:6f:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQUITmujnczHCXQk6+doI6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODI1NDI1M2RjMDIxM2ZlNThhN2FmZjRiODI0NjNlNDc5
NzgwNjMwHhcNMjIxMDI2MTE1MDMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzYxOTcwMDM3NzJhMDY2NGJhNWQ2YjFjMjJlMjNmOGVhNGY3ZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweK4+97Tu3lpgwe7EGrWrDucGozc
ZVXgh+ur60JIzTpzDw309h/kK7+AhteZ8U8sMOxv2ZBwBt0umrrKcK+1DBKXYBn4
SOXfJFofEutxqHw/0DMJMArllHTUOmePE8FVWxw2FcPOArt8yspuPVo8FWvm9tuX
eMSArqQbUa1tPcpRzVKTsqRTHgAU7f0KPc1ldt2ATP2hx5c2Jtj5uYry1YEH11Sl
ZmVcNufVvOFrOpC0CLW2W2GnNGSvNRt3iSFwXxidyf1J7pjS8FNEt4PM9Kea6ua6
vC/czh7y+NZpdvT6fQuJh0fxEBxr/lUE3A3VKetHrf8GuekcDnYEj7TVJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxhlwA3cqBmS6XWscIuI/jqT34RMB8GA1UdIwQY
MBaAFHuCVCU9wCE/5Yp6/0uCRj5Hl4BjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRKVUpUM0FJVF9saW5yX1M0SkdQa2VYZ0dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hYjdhMDQtZmZlMS00YTA1LWE1ZWYt
OGY1MzliNjRiOGRiLzEvREdHWEFEZHlvR1pMcGRheHdpNGotT3BQZmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hYjdhMDQtZmZlMS00YTA1LWE1ZWYtOGY1MzliNjRiOGRi
LzEvZTRKVUpUM0FJVF9saW5yX1M0SkdQa2VYZ0dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstVKMA0G
CSqGSIb3DQEBCwUAA4IBAQA+2TqaJa2b2ph3PN8YQE/3MwxJAn0cyh6AzTPajoBQ
jLsuExjh60JPEVPWG364Z0LFwGU1QHbgMAa+NQGh9keCZdUU56S2p+NRQ+hZuFUA
fWFBGziK5JSr57QyF69OO89hzN32lc+55gefJSet1rxIb/V16Hl91lReKSpqUlnX
pFnTAC0LMjuUOKgNcOW3XqKXrJnDPEMFEAED9prFZM7P8EKwE35ocv9+UMNzwjl2
3CHdVyigQTPdI0mov2hN8g1ak0Ckfsfxp1Vt6ZBV72xNP2bkigqWDzZ4PKc1Yjuo
FPV6rQrXPsa82xBb4maZpkepNXH4RTa5CiwbKpfzAG8W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:04 2024 by rpki-client on console-ams.rpki-client.org