Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/uWxcbmboHGdX4MOMz-dOH7D1XuA.roa
File:                     uWxcbmboHGdX4MOMz-dOH7D1XuA.roa (raw, json)
Hash identifier:          vyrEmhQjhnjUR3Bfka5cTiLPrv78Hi2Z2WLRdyKBgoI=
Subject key identifier:   B9:6C:5C:6E:66:E8:1C:67:57:E0:C3:8C:CF:E7:4E:1F:B0:F5:5E:E0
Certificate issuer:       /CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Certificate serial:       01817032
Authority key identifier: A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/uWxcbmboHGdX4MOMz-dOH7D1XuA.roa
Signing time:             Sat 01 Jan 2022 00:52:48 +0000
ROA not before:           Sat 01 Jan 2022 00:52:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47796
IP address blocks:        178.21.163.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25260082 (0x1817032)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
        Validity
            Not Before: Jan  1 00:52:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b96c5c6e66e81c6757e0c38ccfe74e1fb0f55ee0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:af:f6:0b:6e:49:1a:dc:91:b9:40:fd:1a:2a:
                    47:7f:73:2e:c8:43:18:e0:79:4f:c7:47:78:c3:d7:
                    67:5d:2d:b9:c0:c1:16:dd:7f:ce:87:eb:e6:9a:10:
                    90:21:25:e1:63:6a:76:cd:ae:68:f3:59:18:f3:28:
                    1c:7d:d5:f3:2a:5e:02:76:7b:f9:96:1a:04:65:4f:
                    4d:21:1a:79:3a:fb:a9:63:00:fe:f1:a0:3e:e9:03:
                    8a:0b:3f:c0:e7:93:64:f0:b0:0d:d2:8a:e1:02:95:
                    3a:41:3b:94:ac:21:29:a5:c6:19:6b:9d:ca:51:a6:
                    75:2c:93:92:75:62:9d:c4:89:67:b9:31:ca:8d:30:
                    c2:61:99:cc:3a:95:1b:0e:d5:ba:9d:e2:b4:eb:dc:
                    81:77:31:10:33:91:df:78:f5:76:8e:f1:ad:26:c2:
                    b7:d7:de:e8:36:31:64:db:b0:b0:e7:af:41:25:ac:
                    e3:1b:eb:19:40:32:58:3c:af:d0:6a:0d:eb:19:cd:
                    fc:d6:53:e7:dd:d9:51:c6:aa:0f:1c:db:64:2e:ba:
                    14:00:b1:b8:82:ed:f9:63:88:c1:e3:83:bd:ea:6c:
                    4c:3a:47:aa:95:36:f4:5a:d7:55:2b:1c:45:7a:88:
                    17:a7:96:40:62:e7:cb:1e:38:e5:00:58:df:e4:ee:
                    60:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:6C:5C:6E:66:E8:1C:67:57:E0:C3:8C:CF:E7:4E:1F:B0:F5:5E:E0
            X509v3 Authority Key Identifier:
                keyid:A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/uWxcbmboHGdX4MOMz-dOH7D1XuA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.21.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:39:1b:76:28:af:85:04:e3:94:85:4b:ee:2c:97:6f:7a:55:
         2e:b0:ba:86:ae:c6:da:cd:cd:4c:0b:5a:b5:aa:59:32:ee:d1:
         44:97:52:d9:b9:9d:4c:67:2d:48:9d:84:a1:ad:7c:ec:ca:05:
         05:c1:be:bb:b6:5b:be:15:94:53:e8:7f:cd:e8:80:4e:dd:56:
         1d:f2:6f:f0:1d:1c:81:17:ed:38:f9:ce:ab:fc:a4:65:cf:8a:
         e1:1f:dd:49:bd:f2:1f:1a:96:3f:3a:7d:67:4b:30:5e:0d:cd:
         91:c4:55:23:ea:06:8d:f7:98:cc:49:2e:2f:de:c5:85:82:3e:
         ba:51:e0:9b:3a:8e:1f:c0:33:00:ca:b9:0b:f8:fd:ce:f0:10:
         63:31:17:93:b9:97:6e:60:06:9d:3d:93:f5:da:f5:4c:ec:cd:
         f5:9a:39:b5:ba:da:83:14:e1:4e:f0:1c:8e:f0:b4:1c:7f:3f:
         a8:a8:a6:e5:39:b4:40:a4:7c:97:11:1c:e4:7d:c4:3b:40:49:
         de:c7:80:56:4b:99:80:bd:85:0b:86:d2:be:63:f2:e1:ab:47:
         1f:74:a8:6d:c4:92:a9:e0:1e:82:56:95:87:89:b5:97:93:16:
         27:e1:e8:49:2a:70:6f:ed:0a:26:d1:34:22:56:4b:78:94:98:
         90:cc:75:5d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYFwMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDljZDhjNzFhNmUzMzI4MmMwNDVkOGY4OGMzYjM3OGFjZjQxYmQ5MB4XDTIyMDEw
MTAwNTI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjk2YzVjNmU2NmU4
MWM2NzU3ZTBjMzhjY2ZlNzRlMWZiMGY1NWVlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiv9gtuSRrckblA/RoqR39zLshDGOB5T8dHeMPXZ10tucDB
Ft1/zofr5poQkCEl4WNqds2uaPNZGPMoHH3V8ypeAnZ7+ZYaBGVPTSEaeTr7qWMA
/vGgPukDigs/wOeTZPCwDdKK4QKVOkE7lKwhKaXGGWudylGmdSyTknVincSJZ7kx
yo0wwmGZzDqVGw7Vup3itOvcgXcxEDOR33j1do7xrSbCt9fe6DYxZNuwsOevQSWs
4xvrGUAyWDyv0GoN6xnN/NZT593ZUcaqDxzbZC66FACxuILt+WOIweODvepsTDpH
qpU29FrXVSscRXqIF6eWQGLnyx445QBY3+TuYKUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS5bFxuZugcZ1fgw4zP504fsPVe4DAfBgNVHSMEGDAWgBSgnNjHGm4zKCwE
XY+Iw7N4rPQb2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29Kell4eHB1TXlnc0JGMlBpTU96ZUt6MEc5ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMGQ2Mzc1LTQ3NjUtNGUwZS05MzYzLTZlOGUwN2Q2NmM5Yi8x
L3VXeGNibWJvSEdkWDRNT016LWRPSDdEMVh1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MGQ2Mzc1LTQ3NjUtNGUwZS05MzYzLTZlOGUwN2Q2NmM5Yi8xL29Kell4eHB1TXln
c0JGMlBpTU96ZUt6MEc5ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALIVozANBgkqhkiG9w0BAQsFAAOC
AQEAhjkbdiivhQTjlIVL7iyXb3pVLrC6hq7G2s3NTAtatapZMu7RRJdS2bmdTGct
SJ2Eoa187MoFBcG+u7ZbvhWUU+h/zeiATt1WHfJv8B0cgRftOPnOq/ykZc+K4R/d
Sb3yHxqWPzp9Z0swXg3NkcRVI+oGjfeYzEkuL97FhYI+ulHgmzqOH8AzAMq5C/j9
zvAQYzEXk7mXbmAGnT2T9dr1TOzN9Zo5tbragxThTvAcjvC0HH8/qKim5Tm0QKR8
lxEc5H3EO0BJ3seAVkuZgL2FC4bSvmPy4atHH3SobcSSqeAeglaVh4m1l5MWJ+Ho
SSpwb+0KJtE0IlZLeJSYkMx1XQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org