Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/MlxVPf-Lrfq8kmU6j1QLc6MWbgQ.roa
File:                     MlxVPf-Lrfq8kmU6j1QLc6MWbgQ.roa (raw, json)
Hash identifier:          kxqKLrOfFMWyel6INjnFo1K8i7w2CfDG7SUQ9UBJgKs=
Subject key identifier:   32:5C:55:3D:FF:8B:AD:FA:BC:92:65:3A:8F:54:0B:73:A3:16:6E:04
Certificate issuer:       /CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Certificate serial:       0180218E
Authority key identifier: A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/MlxVPf-Lrfq8kmU6j1QLc6MWbgQ.roa
Signing time:             Sat 01 Jan 2022 00:52:47 +0000
ROA not before:           Sat 01 Jan 2022 00:52:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21005
IP address blocks:        178.21.163.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25174414 (0x180218e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
        Validity
            Not Before: Jan  1 00:52:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=325c553dff8badfabc92653a8f540b73a3166e04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:fa:93:d0:dc:26:01:12:51:46:53:a5:e6:06:
                    df:69:65:66:ac:73:b5:53:ad:bf:97:98:e4:50:e1:
                    53:6f:6d:a1:ac:3b:b4:58:15:55:37:f1:1d:0d:e0:
                    f8:d1:cc:69:a4:c8:cd:52:20:32:29:b7:4f:2d:c1:
                    9b:0f:89:09:13:41:54:fa:18:4e:b6:f7:76:01:64:
                    40:89:bf:df:0b:98:5f:87:8d:ac:9a:10:3c:8b:6a:
                    e8:55:bd:87:dd:f2:ac:46:45:88:a7:e2:a1:32:78:
                    e2:5c:e3:bd:a0:d3:ed:84:8b:ff:9c:77:d2:12:ac:
                    f2:c3:8c:ce:c6:88:89:3b:8e:42:a8:02:15:3b:76:
                    5e:a0:22:8c:e2:aa:1e:ef:8a:30:42:f4:22:42:e1:
                    cf:a4:07:e2:da:3d:4d:bd:8c:b5:47:da:1f:15:f0:
                    d8:6d:32:0a:a7:2f:83:71:1d:c1:e7:4b:73:98:e4:
                    54:e9:17:fb:43:4d:20:4b:e1:db:9f:18:53:0b:b4:
                    f8:b4:d9:2d:f7:f5:ee:8f:7f:45:78:06:63:3f:4f:
                    7b:93:fe:f2:45:d7:2b:9a:c2:50:a0:a8:51:6d:25:
                    f8:85:9a:f6:0b:a8:09:49:61:90:52:45:b3:22:56:
                    9e:c6:f5:b5:41:98:d3:5d:ae:2b:42:01:3f:45:44:
                    2a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:5C:55:3D:FF:8B:AD:FA:BC:92:65:3A:8F:54:0B:73:A3:16:6E:04
            X509v3 Authority Key Identifier:
                keyid:A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/MlxVPf-Lrfq8kmU6j1QLc6MWbgQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.21.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:81:5a:a5:8f:fd:5b:b8:5b:c5:14:16:bf:d0:52:35:cc:3f:
         80:13:a5:47:2f:6f:12:68:bf:26:07:0c:b1:6f:e6:a5:45:02:
         e0:c2:39:cd:3c:fa:df:18:90:7c:7d:8c:a0:ad:1e:7f:7c:e2:
         ed:b5:7f:2c:38:1a:21:35:65:6a:b3:9b:e7:95:78:31:8a:a6:
         3a:c0:44:3a:97:6e:68:87:58:3f:6d:38:7d:01:f6:a6:26:5d:
         0e:9d:94:89:f6:33:eb:27:ca:1e:a7:0d:38:1b:f7:00:96:d0:
         23:14:8f:41:5b:df:28:5b:3a:95:3f:39:f9:bc:58:d1:05:3c:
         98:08:05:a4:2d:bd:5e:ed:43:70:87:e2:c7:d3:20:ce:79:84:
         62:ac:aa:02:23:ef:97:dd:9e:6b:0e:58:bd:b2:95:ac:c0:c4:
         de:a3:f7:84:ea:0f:fb:ea:ae:e3:2e:26:c7:eb:ee:f3:43:29:
         7a:45:bd:05:63:9c:f5:4d:13:70:a0:f8:a5:51:fd:0c:db:d9:
         66:7d:d4:eb:60:34:b0:5b:71:fc:36:fd:b3:18:e2:eb:b6:6f:
         eb:4f:47:1b:69:5a:50:b4:57:8b:6b:9a:cb:1e:3c:d2:60:46:
         a9:b5:7f:75:c7:ce:05:c3:c8:fd:95:4e:6b:37:49:7a:0b:5b:
         0e:46:22:1c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYAhjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDljZDhjNzFhNmUzMzI4MmMwNDVkOGY4OGMzYjM3OGFjZjQxYmQ5MB4XDTIyMDEw
MTAwNTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI1YzU1M2RmZjhi
YWRmYWJjOTI2NTNhOGY1NDBiNzNhMzE2NmUwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKL6k9DcJgESUUZTpeYG32llZqxztVOtv5eY5FDhU29toaw7
tFgVVTfxHQ3g+NHMaaTIzVIgMim3Ty3Bmw+JCRNBVPoYTrb3dgFkQIm/3wuYX4eN
rJoQPItq6FW9h93yrEZFiKfioTJ44lzjvaDT7YSL/5x30hKs8sOMzsaIiTuOQqgC
FTt2XqAijOKqHu+KMEL0IkLhz6QH4to9Tb2MtUfaHxXw2G0yCqcvg3EdwedLc5jk
VOkX+0NNIEvh258YUwu0+LTZLff17o9/RXgGYz9Pe5P+8kXXK5rCUKCoUW0l+IWa
9guoCUlhkFJFsyJWnsb1tUGY012uK0IBP0VEKlkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQyXFU9/4ut+rySZTqPVAtzoxZuBDAfBgNVHSMEGDAWgBSgnNjHGm4zKCwE
XY+Iw7N4rPQb2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29Kell4eHB1TXlnc0JGMlBpTU96ZUt6MEc5ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMGQ2Mzc1LTQ3NjUtNGUwZS05MzYzLTZlOGUwN2Q2NmM5Yi8x
L01seFZQZi1McmZxOGttVTZqMVFMYzZNV2JnUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MGQ2Mzc1LTQ3NjUtNGUwZS05MzYzLTZlOGUwN2Q2NmM5Yi8xL29Kell4eHB1TXln
c0JGMlBpTU96ZUt6MEc5ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALIVozANBgkqhkiG9w0BAQsFAAOC
AQEACIFapY/9W7hbxRQWv9BSNcw/gBOlRy9vEmi/JgcMsW/mpUUC4MI5zTz63xiQ
fH2MoK0ef3zi7bV/LDgaITVlarOb55V4MYqmOsBEOpduaIdYP204fQH2piZdDp2U
ifYz6yfKHqcNOBv3AJbQIxSPQVvfKFs6lT85+bxY0QU8mAgFpC29Xu1DcIfix9Mg
znmEYqyqAiPvl92eaw5YvbKVrMDE3qP3hOoP++qu4y4mx+vu80MpekW9BWOc9U0T
cKD4pVH9DNvZZn3U62A0sFtx/Db9sxji67Zv609HG2laULRXi2uayx480mBGqbV/
dcfOBcPI/ZVOazdJegtbDkYiHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:57 2024 by rpki-client on console-ams.rpki-client.org