Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/dKMbqTJHJoiWt9iDDEzbjLOFEbI.roa
File:                     dKMbqTJHJoiWt9iDDEzbjLOFEbI.roa (raw, json)
Hash identifier:          viqFSUH+ritoFmxmrTumEl1qHDzc7qsYeXeLtGyy+U4=
Subject key identifier:   74:A3:1B:A9:32:47:26:88:96:B7:D8:83:0C:4C:DB:8C:B3:85:11:B2
Certificate issuer:       /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial:       2C4008FB
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/dKMbqTJHJoiWt9iDDEzbjLOFEbI.roa
Signing time:             Wed 02 Mar 2022 11:58:04 +0000
ROA not before:           Wed 02 Mar 2022 11:58:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50330
IP address blocks:        213.244.121.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 742394107 (0x2c4008fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
        Validity
            Not Before: Mar  2 11:58:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=74a31ba93247268896b7d8830c4cdb8cb38511b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:6f:38:f6:d6:cf:3e:29:51:d6:fc:b0:7e:3f:
                    a9:e6:b8:fa:0c:c4:0f:54:c0:5b:b8:3e:3f:4e:84:
                    36:75:0a:59:b7:33:01:3c:62:0c:1e:4f:10:2f:c5:
                    a5:f6:f4:df:c7:34:42:aa:5e:44:36:be:ce:54:68:
                    5d:5d:3b:d3:65:37:e9:3f:aa:87:d2:df:31:70:41:
                    c8:e5:04:d7:70:ad:c9:87:08:e5:0e:27:b1:ed:c1:
                    89:5b:55:c8:a3:5a:d7:0b:ff:c2:1e:4c:e4:66:fe:
                    c2:6e:9e:a1:24:5a:5b:5d:82:2a:79:48:c4:9f:37:
                    d6:0f:80:80:de:b9:73:b4:96:33:b3:32:f5:e8:49:
                    53:33:5e:c8:d4:fa:44:1b:b0:1a:a5:59:11:43:7c:
                    d8:2c:21:5a:87:b0:d7:6c:77:a0:95:e4:82:ff:32:
                    15:23:06:f7:b1:0f:d7:c5:19:64:a4:ca:a7:74:a7:
                    9a:40:b2:80:e3:bb:e3:c3:23:14:d8:c2:02:ab:41:
                    a2:7a:bb:f2:d3:38:87:a4:6f:b9:ba:48:c5:e2:e0:
                    a8:2e:98:c0:1f:fa:4e:cf:e7:38:ee:3f:00:5a:71:
                    3f:db:84:dc:d8:50:1e:98:f4:b1:d6:b1:37:98:26:
                    42:f6:c7:fb:c6:6e:a2:2a:94:f8:53:1d:35:2a:ec:
                    02:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:A3:1B:A9:32:47:26:88:96:B7:D8:83:0C:4C:DB:8C:B3:85:11:B2
            X509v3 Authority Key Identifier:
                keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/dKMbqTJHJoiWt9iDDEzbjLOFEbI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.244.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:6b:68:bb:14:83:d9:8a:ce:88:34:53:c8:09:80:85:3b:06:
         64:13:9d:c7:86:49:85:84:0c:b7:57:62:38:53:be:4b:0a:5e:
         32:02:15:87:17:8f:f5:c3:4b:ae:82:f8:79:a1:48:49:48:21:
         73:55:3f:f8:02:7e:99:e8:e9:7d:70:29:42:df:c0:81:f1:3f:
         41:de:12:66:e3:b8:00:25:ae:b9:52:a3:22:21:c8:2a:f2:a8:
         29:05:6b:f3:d8:17:4a:59:2b:50:a3:41:e0:61:c6:f4:10:a4:
         8d:fc:50:2b:d2:07:fe:4e:85:92:cd:45:a0:ed:ca:9d:1a:38:
         3d:41:a4:ec:1f:e3:a3:6b:45:19:ef:c3:94:e2:fa:1c:7f:88:
         f6:45:d9:ba:08:46:65:b6:86:57:0c:e5:ff:95:a7:8a:27:6a:
         4d:ee:40:b9:92:87:e0:72:a9:18:48:d8:43:d2:3a:3b:b1:68:
         0c:70:e2:00:91:5d:7a:0e:e4:59:45:c7:c2:ab:3b:81:76:ac:
         af:7e:76:47:50:5b:ba:cc:d7:ef:53:a4:e7:46:11:9e:0d:61:
         ed:d3:1a:19:ff:a7:f7:b1:de:2e:58:f6:94:46:2c:89:7c:d5:
         63:fa:d6:99:ca:40:c6:2c:4d:43:c9:1a:18:b9:af:b9:ca:fc:
         ee:1e:f1:ee
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIELEAI+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzM3ZjI3ZWI0OTk3YjNiZWY5ZjI4MjY2YTM5Njk0MDUwZmU3NGY5MB4XDTIyMDMw
MjExNTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRhMzFiYTkzMjQ3
MjY4ODk2YjdkODgzMGM0Y2RiOGNiMzg1MTFiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5vOPbWzz4pUdb8sH4/qea4+gzED1TAW7g+P06ENnUKWbcz
ATxiDB5PEC/Fpfb038c0QqpeRDa+zlRoXV0702U36T+qh9LfMXBByOUE13CtyYcI
5Q4nse3BiVtVyKNa1wv/wh5M5Gb+wm6eoSRaW12CKnlIxJ831g+AgN65c7SWM7My
9ehJUzNeyNT6RBuwGqVZEUN82CwhWoew12x3oJXkgv8yFSMG97EP18UZZKTKp3Sn
mkCygOO748MjFNjCAqtBonq78tM4h6RvubpIxeLgqC6YwB/6Ts/nOO4/AFpxP9uE
3NhQHpj0sdaxN5gmQvbH+8ZuoiqU+FMdNSrsAg0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR0oxupMkcmiJa32IMMTNuMs4URsjAfBgNVHSMEGDAWgBRMN/J+tJl7O++f
KCZqOWlAUP50+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1REZnlmclNaZXp2dm55Z21hamxwUUZELWRQay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvMDljZWEwLWVmMmItNGYyMC1hMTlhLWViNWE2MjdlNzZhMy8x
L2RLTWJxVEpISm9pV3Q5aURERXpiakxPRkViSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
MDljZWEwLWVmMmItNGYyMC1hMTlhLWViNWE2MjdlNzZhMy8xL1REZnlmclNaZXp2
dm55Z21hamxwUUZELWRQay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANX0eTANBgkqhkiG9w0BAQsFAAOC
AQEAFGtouxSD2YrOiDRTyAmAhTsGZBOdx4ZJhYQMt1diOFO+SwpeMgIVhxeP9cNL
roL4eaFISUghc1U/+AJ+mejpfXApQt/AgfE/Qd4SZuO4ACWuuVKjIiHIKvKoKQVr
89gXSlkrUKNB4GHG9BCkjfxQK9IH/k6Fks1FoO3KnRo4PUGk7B/jo2tFGe/DlOL6
HH+I9kXZughGZbaGVwzl/5WniidqTe5AuZKH4HKpGEjYQ9I6O7FoDHDiAJFdeg7k
WUXHwqs7gXasr352R1BbuszX71Ok50YRng1h7dMaGf+n97HeLlj2lEYsiXzVY/rW
mcpAxixNQ8kaGLmvucr87h7x7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:20 2024 by rpki-client on console-fra.rpki-client.org