Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/f-0bH2hcpx2dvkFMAunTRIXSs8A.roa
File:                     f-0bH2hcpx2dvkFMAunTRIXSs8A.roa (raw, json)
Hash identifier:          Iz9M2xFilBpw5IHd8NdwdNT2NkjDKjFhxguh87QdRwU=
Subject key identifier:   7F:ED:1B:1F:68:5C:A7:1D:9D:BE:41:4C:02:E9:D3:44:85:D2:B3:C0
Certificate issuer:       /CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0
Certificate serial:       0712BC9C
Authority key identifier: 08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/f-0bH2hcpx2dvkFMAunTRIXSs8A.roa
Signing time:             Sat 01 Jan 2022 10:57:50 +0000
ROA not before:           Sat 01 Jan 2022 10:57:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        178.213.75.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118668444 (0x712bc9c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0
        Validity
            Not Before: Jan  1 10:57:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7fed1b1f685ca71d9dbe414c02e9d34485d2b3c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:aa:ff:c3:86:da:d3:70:9b:dc:47:78:7b:72:
                    48:12:9f:5e:c1:70:fd:10:fb:90:44:77:eb:65:52:
                    71:ce:a6:f0:0c:86:fd:80:2a:51:16:26:5e:25:af:
                    c1:4b:b5:7d:b1:41:ee:9d:29:14:5b:8c:7c:f1:21:
                    24:44:99:5d:4a:e0:66:19:38:b5:52:49:fd:6c:1a:
                    dc:dd:c9:01:18:f8:76:98:3c:b4:cc:d4:68:97:01:
                    bd:51:f8:92:74:64:55:52:f8:72:f1:76:ce:4f:f3:
                    08:ce:83:a7:92:36:46:9a:11:6b:97:3d:95:c4:e4:
                    fb:28:53:eb:cd:d5:ed:37:9b:ca:d3:6d:21:36:8e:
                    cd:69:ba:c0:6c:e2:cf:c2:ec:d7:d3:79:38:a0:a3:
                    fc:7c:b9:eb:8f:c1:d1:28:b2:40:c1:b5:97:ea:73:
                    75:1d:8e:c7:2c:2b:91:78:56:06:b3:db:dd:6d:21:
                    10:9d:c4:3e:fd:02:ca:7a:90:1f:1f:3a:33:7b:a3:
                    4a:2d:fb:27:95:39:b2:e7:61:13:73:61:9b:8d:3b:
                    0e:7b:75:46:08:2f:ba:3f:b0:11:b0:32:ae:e3:a0:
                    87:df:1c:80:1a:a0:4f:d1:45:82:63:99:44:d2:c9:
                    f9:21:08:70:94:d7:c8:39:c3:10:5d:c9:82:72:32:
                    ee:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:ED:1B:1F:68:5C:A7:1D:9D:BE:41:4C:02:E9:D3:44:85:D2:B3:C0
            X509v3 Authority Key Identifier:
                keyid:08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/f-0bH2hcpx2dvkFMAunTRIXSs8A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.213.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:30:70:74:80:67:fc:db:71:6d:10:52:8c:9e:24:64:eb:61:
         6c:99:c1:b3:c9:02:25:4b:55:64:5c:a2:c3:96:9e:10:95:f5:
         51:d7:45:31:c5:c4:4a:62:64:f3:91:c2:83:47:48:e6:de:a0:
         5b:1e:18:c0:f0:12:fd:80:81:6d:b1:14:1a:93:70:18:21:fe:
         a8:fc:82:a4:22:bd:2e:29:7c:2c:70:f1:7f:6e:66:02:a0:94:
         7f:53:78:c5:08:49:b4:7f:3f:1a:64:31:f9:54:7e:37:10:c4:
         28:e7:94:c7:ed:37:52:2c:0f:9e:5a:c6:99:da:af:b7:66:67:
         2c:d1:db:e2:18:c4:5f:d5:3e:1b:f3:3a:54:37:c4:9d:7f:eb:
         83:f7:99:e6:ce:2b:a2:50:89:b1:45:5b:a1:72:cd:96:60:20:
         d4:c3:f8:da:7b:b6:b3:07:54:a0:f7:96:56:95:22:46:e9:59:
         22:5e:cb:d1:9e:0d:0b:db:22:22:49:73:34:5f:e7:e2:f8:41:
         d8:0a:ca:c4:06:bc:2e:a2:67:fd:08:68:d4:40:6b:27:e3:4c:
         74:e3:83:04:37:35:3b:80:9c:27:c3:0c:06:6a:5d:28:a7:c6:
         21:2f:b7:57:06:18:a7:9d:3a:6f:d2:4e:84:32:04:6b:06:30:
         6d:b4:1d:7f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBxK8nDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OGEyOTdmOGNmYTFjZTZkM2ZlMmM1MjY5MTFjNDY4YTlhNjMxOGQwMB4XDTIyMDEw
MTEwNTc1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZlZDFiMWY2ODVj
YTcxZDlkYmU0MTRjMDJlOWQzNDQ4NWQyYjNjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6q/8OG2tNwm9xHeHtySBKfXsFw/RD7kER362VScc6m8AyG
/YAqURYmXiWvwUu1fbFB7p0pFFuMfPEhJESZXUrgZhk4tVJJ/Wwa3N3JARj4dpg8
tMzUaJcBvVH4knRkVVL4cvF2zk/zCM6Dp5I2RpoRa5c9lcTk+yhT683V7TebytNt
ITaOzWm6wGziz8Ls19N5OKCj/Hy564/B0SiyQMG1l+pzdR2OxywrkXhWBrPb3W0h
EJ3EPv0CynqQHx86M3ujSi37J5U5sudhE3Nhm407Dnt1Rggvuj+wEbAyruOgh98c
gBqgT9FFgmOZRNLJ+SEIcJTXyDnDEF3JgnIy7tUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR/7RsfaFynHZ2+QUwC6dNEhdKzwDAfBgNVHSMEGDAWgBQIopf4z6HObT/i
xSaRHEaKmmMY0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NLS1gtTS1oem0wXzRzVW1rUnhHaXBwakdOQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvNWYxNTNkLTcxZDktNDcwYS1iYTI3LTk3MTEzOTUxNGJiMS8x
L2YtMGJIMmhjcHgyZHZrRk1BdW5UUklYU3M4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
NWYxNTNkLTcxZDktNDcwYS1iYTI3LTk3MTEzOTUxNGJiMS8xL0NLS1gtTS1oem0w
XzRzVW1rUnhHaXBwakdOQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALLVSzANBgkqhkiG9w0BAQsFAAOC
AQEAajBwdIBn/NtxbRBSjJ4kZOthbJnBs8kCJUtVZFyiw5aeEJX1UddFMcXESmJk
85HCg0dI5t6gWx4YwPAS/YCBbbEUGpNwGCH+qPyCpCK9Lil8LHDxf25mAqCUf1N4
xQhJtH8/GmQx+VR+NxDEKOeUx+03UiwPnlrGmdqvt2ZnLNHb4hjEX9U+G/M6VDfE
nX/rg/eZ5s4rolCJsUVboXLNlmAg1MP42nu2swdUoPeWVpUiRulZIl7L0Z4NC9si
IklzNF/n4vhB2ArKxAa8LqJn/Qho1EBrJ+NMdOODBDc1O4CcJ8MMBmpdKKfGIS+3
VwYYp506b9JOhDIEawYwbbQdfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:43 2024 by rpki-client on console-fra.rpki-client.org