Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/pziYS1uDxtNh4QzB-oN3LjO-pLs.roa
File:                     pziYS1uDxtNh4QzB-oN3LjO-pLs.roa (raw, json)
Hash identifier:          587MbRu0n+MuJRlRDlGSl+Tq69V3qGEGLzfTvt+Tdu0=
Subject key identifier:   A7:38:98:4B:5B:83:C6:D3:61:E1:0C:C1:FA:83:77:2E:33:BE:A4:BB
Certificate issuer:       /CN=8b82433ffe94bf3536fec327543d396158202072
Certificate serial:       0183C6F2D1E7453010324CFE10031600DEF9
Authority key identifier: 8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/pziYS1uDxtNh4QzB-oN3LjO-pLs.roa
Signing time:             Tue 11 Oct 2022 12:09:05 +0000
ROA not before:           Tue 11 Oct 2022 12:09:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     33902
IP address blocks:        217.172.16.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c6:f2:d1:e7:45:30:10:32:4c:fe:10:03:16:00:de:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b82433ffe94bf3536fec327543d396158202072
        Validity
            Not Before: Oct 11 12:09:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a738984b5b83c6d361e10cc1fa83772e33bea4bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:fa:5d:bc:75:d4:1d:5a:95:1e:42:b2:80:3a:
                    25:b0:63:36:da:e7:7f:aa:a7:b1:a9:71:1d:33:5e:
                    8e:c6:4a:b0:49:d6:5a:2d:00:6d:16:94:f8:db:9b:
                    3b:8d:6c:1a:c6:82:27:b1:f7:70:a4:d1:86:e3:6c:
                    26:4d:35:cd:d0:9d:73:d6:b3:c2:5c:66:ea:bb:7b:
                    31:3d:97:9d:89:13:a6:37:59:ff:97:23:cf:c0:27:
                    f9:df:1b:ab:26:88:58:f2:1e:e7:e1:39:38:37:0c:
                    2e:a1:57:37:c3:ba:7e:27:93:34:62:92:4e:a3:dc:
                    67:0b:20:c7:2e:1b:d7:c7:ae:32:ef:17:ea:99:55:
                    bd:33:1d:57:86:e5:10:d6:27:5e:42:63:5f:01:e5:
                    35:86:d3:a5:fb:ee:f2:b4:72:54:e6:ed:7a:3d:c5:
                    17:a7:86:c6:bd:74:ab:2a:10:57:d5:24:9f:6a:1b:
                    07:11:25:d4:be:41:18:16:87:88:0b:b3:4b:1d:10:
                    04:fc:6d:10:57:0d:40:7e:64:17:f5:8c:dc:89:ca:
                    0d:a7:3b:29:9b:fc:e2:31:af:f0:d1:37:1a:2a:0f:
                    ec:b9:60:da:61:bb:d9:d7:a5:7a:0a:bf:08:7e:3f:
                    f0:08:6f:91:28:04:fd:d5:31:c9:9f:24:55:42:30:
                    71:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:38:98:4B:5B:83:C6:D3:61:E1:0C:C1:FA:83:77:2E:33:BE:A4:BB
            X509v3 Authority Key Identifier:
                keyid:8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/pziYS1uDxtNh4QzB-oN3LjO-pLs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.172.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         97:d2:42:0d:ad:13:46:9f:a1:19:ba:5e:b0:ab:e6:9d:e5:3b:
         a9:5e:85:01:8c:b6:d6:70:c1:3f:e2:52:b2:b9:53:e8:c9:5b:
         9d:9b:07:81:7b:e9:7d:c6:a0:11:d6:00:e1:ec:02:5e:f3:73:
         e5:f8:fa:b3:d4:d0:4c:95:dd:0a:15:20:c7:5e:95:7c:46:c0:
         48:bf:fa:51:ec:f8:56:d1:82:2c:cd:49:de:b5:64:d5:24:5c:
         06:06:90:f1:e4:2d:48:9a:d9:1a:b8:42:cf:8d:95:ac:b6:e6:
         a1:b6:93:39:16:0d:c7:44:59:9d:75:e0:ef:a1:ed:6c:c5:28:
         78:68:71:ab:56:da:4c:cc:cf:9c:60:27:1a:63:b1:b4:80:84:
         b7:9f:a4:69:af:7f:9b:25:69:68:36:56:9d:f3:d4:0b:e7:26:
         07:ed:9d:dc:33:83:a3:53:f3:0b:a1:0d:57:83:04:1e:22:f8:
         4f:cd:45:d7:c4:43:8c:08:9a:29:0c:fc:8e:f7:4c:af:70:95:
         3a:e2:be:d7:11:b9:ae:2d:e2:44:1e:ca:ab:ef:76:9a:90:92:
         42:e2:e8:5d:59:93:5e:e0:0b:11:11:cb:99:fa:b0:a7:44:45:
         b5:33:b4:90:e0:70:73:4b:0e:6c:ff:fc:3e:ea:56:52:c2:ab:
         65:6c:99:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPG8tHnRTAQMkz+EAMWAN75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODI0MzNmZmU5NGJmMzUzNmZlYzMyNzU0M2QzOTYxNTgy
MDIwNzIwHhcNMjIxMDExMTIwOTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzM4OTg0YjViODNjNmQzNjFlMTBjYzFmYTgzNzcyZTMzYmVhNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvpdvHXUHVqVHkKygDolsGM22ud/
qqexqXEdM16OxkqwSdZaLQBtFpT425s7jWwaxoInsfdwpNGG42wmTTXN0J1z1rPC
XGbqu3sxPZediROmN1n/lyPPwCf53xurJohY8h7n4Tk4NwwuoVc3w7p+J5M0YpJO
o9xnCyDHLhvXx64y7xfqmVW9Mx1XhuUQ1ideQmNfAeU1htOl++7ytHJU5u16PcUX
p4bGvXSrKhBX1SSfahsHESXUvkEYFoeIC7NLHRAE/G0QVw1AfmQX9YzcicoNpzsp
m/ziMa/w0TcaKg/suWDaYbvZ16V6Cr8Ifj/wCG+RKAT91THJnyRVQjBx0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKc4mEtbg8bTYeEMwfqDdy4zvqS7MB8GA1UdIwQY
MBaAFIuCQz/+lL81Nv7DJ1Q9OWFYICByMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYt
MmRkNzg5MGRjNjg5LzEvcHppWVMxdUR4dE5oNFF6Qi1vTjNMak8tcExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYtMmRkNzg5MGRjNjg5
LzEvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2awQMA0G
CSqGSIb3DQEBCwUAA4IBAQCX0kINrRNGn6EZul6wq+ad5TupXoUBjLbWcME/4lKy
uVPoyVudmweBe+l9xqAR1gDh7AJe83Pl+Pqz1NBMld0KFSDHXpV8RsBIv/pR7PhW
0YIszUnetWTVJFwGBpDx5C1ImtkauELPjZWstuahtpM5Fg3HRFmddeDvoe1sxSh4
aHGrVtpMzM+cYCcaY7G0gIS3n6Rpr3+bJWloNlad89QL5yYH7Z3cM4OjU/MLoQ1X
gwQeIvhPzUXXxEOMCJopDPyO90yvcJU64r7XEbmuLeJEHsqr73aakJJC4uhdWZNe
4AsREcuZ+rCnREW1M7SQ4HBzSw5s//w+6lZSwqtlbJlP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:44 2024 by rpki-client on console-ams.rpki-client.org