Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/yEl0z8JMvv5PO_3IkDWrMylzjME.roa
File:                     yEl0z8JMvv5PO_3IkDWrMylzjME.roa (raw, json)
Hash identifier:          YO8SHCvxAAsHUoJSRwOfhY2+0dzPx2azBDxHbhfvX1U=
Subject key identifier:   C8:49:74:CF:C2:4C:BE:FE:4F:3B:FD:C8:90:35:AB:33:29:73:8C:C1
Certificate issuer:       /CN=374e2729b17369890a1512f643cd08e4ba2ff414
Certificate serial:       018281C621DE44E9AFBDA426E1255E95740E
Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/yEl0z8JMvv5PO_3IkDWrMylzjME.roa
Signing time:             Tue 09 Aug 2022 08:43:41 +0000
ROA not before:           Tue 09 Aug 2022 08:43:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     26548
IP address blocks:        178.20.212.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:81:c6:21:de:44:e9:af:bd:a4:26:e1:25:5e:95:74:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414
        Validity
            Not Before: Aug  9 08:43:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c84974cfc24cbefe4f3bfdc89035ab3329738cc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:7d:05:08:5f:3e:7c:a0:be:de:c4:24:54:b2:
                    99:dc:fb:f4:a9:0b:b3:86:31:c1:38:e9:e3:64:56:
                    cc:6d:56:ff:ee:63:92:56:81:61:e4:0e:2b:0b:07:
                    48:94:d0:9e:8c:1b:72:03:4f:72:73:19:e3:fe:2c:
                    32:dd:70:b0:97:aa:4e:5b:61:ea:de:93:f8:9b:2f:
                    4b:d5:92:9c:7e:0c:b1:46:84:d7:cc:be:9d:2b:72:
                    9e:42:ee:57:ee:e1:9a:b7:e3:14:e3:96:d4:ae:2b:
                    64:72:a8:c6:3d:ae:7d:a2:bb:14:97:64:3e:31:42:
                    ce:f9:4d:60:74:e2:60:8a:2b:61:f8:b6:98:cf:8e:
                    67:52:d2:ee:ec:cc:59:0e:c7:b4:13:ae:1e:e6:3d:
                    f2:93:1e:17:74:f0:a4:42:2b:6c:50:01:84:58:5b:
                    8d:7c:8e:21:aa:b0:cc:50:72:50:bf:70:79:3c:ad:
                    97:f9:98:32:16:42:0c:db:1b:a9:ee:ab:cf:04:bc:
                    0c:23:ce:f4:cb:07:66:6d:e9:fb:68:4e:05:00:5b:
                    1e:99:d2:5b:5e:8c:df:fe:7d:02:d6:b2:de:16:6b:
                    73:89:6a:eb:79:11:d8:ba:e4:23:91:1f:f7:da:c4:
                    7b:80:63:61:5a:e4:07:21:38:3d:ea:c4:81:b1:47:
                    0e:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:49:74:CF:C2:4C:BE:FE:4F:3B:FD:C8:90:35:AB:33:29:73:8C:C1
            X509v3 Authority Key Identifier:
                keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/yEl0z8JMvv5PO_3IkDWrMylzjME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.20.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:6a:25:39:c5:35:6d:40:94:69:59:44:26:bb:80:f0:b7:95:
         0a:9a:ae:33:d2:b0:97:47:53:dc:1f:95:21:85:e5:93:45:2f:
         6a:3d:9d:97:0c:2d:7e:09:88:5e:b1:ee:e8:c1:5a:ff:12:f5:
         3b:22:36:7b:80:4a:d3:10:a0:36:0b:29:7e:e8:8e:e3:89:56:
         1a:a3:82:c2:8a:d6:2e:34:06:c9:52:bf:51:e0:18:67:51:b2:
         61:58:1e:62:2e:8c:84:03:70:da:76:f6:19:88:5f:47:ec:cc:
         3a:4d:d2:00:1f:06:4a:ba:ac:6e:1c:56:0f:e0:e6:f7:c4:74:
         b7:5a:ac:f2:e4:ad:9d:4d:a6:85:17:df:56:e2:c3:4d:02:81:
         4f:cb:f5:c7:0f:b4:e8:a3:e6:87:d8:f3:a1:d8:99:83:9d:17:
         b7:80:46:85:32:9e:41:03:81:dc:35:aa:9c:e4:da:21:8f:7c:
         88:92:81:19:8a:6e:fb:98:d9:d2:42:42:29:c6:76:6b:83:4c:
         42:9c:68:4f:d8:c3:2e:61:b1:41:9c:fe:ea:be:1a:43:02:fa:
         ba:55:44:af:cf:d8:a6:31:de:b4:df:87:a6:ce:63:cf:45:46:
         cc:72:e6:59:ae:07:97:58:98:43:ae:80:c7:ef:d6:af:b1:ea:
         80:0a:42:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKBxiHeROmvvaQm4SVelXQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy
ZmY0MTQwHhcNMjIwODA5MDg0MzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQ5NzRjZmMyNGNiZWZlNGYzYmZkYzg5MDM1YWIzMzI5NzM4Y2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3X0FCF8+fKC+3sQkVLKZ3Pv0qQuz
hjHBOOnjZFbMbVb/7mOSVoFh5A4rCwdIlNCejBtyA09ycxnj/iwy3XCwl6pOW2Hq
3pP4my9L1ZKcfgyxRoTXzL6dK3KeQu5X7uGat+MU45bUritkcqjGPa59orsUl2Q+
MULO+U1gdOJgiith+LaYz45nUtLu7MxZDse0E64e5j3ykx4XdPCkQitsUAGEWFuN
fI4hqrDMUHJQv3B5PK2X+ZgyFkIM2xup7qvPBLwMI870ywdmben7aE4FAFsemdJb
Xozf/n0C1rLeFmtziWrreRHYuuQjkR/32sR7gGNhWuQHITg96sSBsUcOBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhJdM/CTL7+Tzv9yJA1qzMpc4zBMB8GA1UdIwQY
MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt
Y2ZjNDZhNzZlYzc4LzEveUVsMHo4Sk12djVQT18zSWtEV3JNeWx6ak1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4
LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshTUMA0G
CSqGSIb3DQEBCwUAA4IBAQANaiU5xTVtQJRpWUQmu4Dwt5UKmq4z0rCXR1PcH5Uh
heWTRS9qPZ2XDC1+CYhese7owVr/EvU7IjZ7gErTEKA2Cyl+6I7jiVYao4LCitYu
NAbJUr9R4BhnUbJhWB5iLoyEA3DadvYZiF9H7Mw6TdIAHwZKuqxuHFYP4Ob3xHS3
Wqzy5K2dTaaFF99W4sNNAoFPy/XHD7Too+aH2POh2JmDnRe3gEaFMp5BA4HcNaqc
5Nohj3yIkoEZim77mNnSQkIpxnZrg0xCnGhP2MMuYbFBnP7qvhpDAvq6VUSvz9im
Md6034emzmPPRUbMcuZZrgeXWJhDroDH79avseqACkIw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:41 2024 by rpki-client on console-fra.rpki-client.org