Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/ePXEh-zbT3mDO_6YM3M_cvCdVqI.roa
File:                     ePXEh-zbT3mDO_6YM3M_cvCdVqI.roa (raw, json)
Hash identifier:          K4bQYtne2dL8EFTK/0WsIhlfRAAzpSK/kyl8jENGxHg=
Subject key identifier:   78:F5:C4:87:EC:DB:4F:79:83:3B:FE:98:33:73:3F:72:F0:9D:56:A2
Certificate issuer:       /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial:       353870C7
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/ePXEh-zbT3mDO_6YM3M_cvCdVqI.roa
Signing time:             Sat 18 Jun 2022 17:04:46 +0000
ROA not before:           Sat 18 Jun 2022 17:04:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2856
IP address blocks:        144.98.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 892891335 (0x353870c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
        Validity
            Not Before: Jun 18 17:04:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=78f5c487ecdb4f79833bfe9833733f72f09d56a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7b:7a:6a:73:43:17:07:c6:1b:45:4a:81:fe:
                    8b:05:46:aa:64:ea:47:03:9a:57:fe:60:24:bf:d7:
                    a5:84:bd:e0:2e:5a:60:75:dd:3b:a6:a2:66:0f:e3:
                    27:19:6b:85:73:1d:78:c4:e6:2c:69:33:55:0f:e8:
                    3e:61:c7:33:80:50:23:ee:7e:7c:e3:48:2b:a0:3b:
                    8b:8b:bb:51:1c:89:0a:a9:36:97:79:46:6f:0c:d9:
                    07:73:14:35:b2:18:b4:45:2d:d9:a4:dc:8b:66:19:
                    f7:40:b7:14:aa:d7:90:18:16:e3:9c:4c:a7:c4:4f:
                    af:a4:fe:1f:c8:da:ce:81:38:6e:d1:de:0b:8b:49:
                    75:8b:27:0b:e0:6f:c6:7f:b1:04:f4:1f:3e:fc:bd:
                    b5:de:ea:4d:82:d6:27:ce:88:04:01:e0:d2:23:d8:
                    19:a8:a5:04:84:d5:a5:b8:cb:e7:d1:a2:37:7c:64:
                    58:37:1c:db:75:91:34:b0:24:b2:3d:1a:11:c9:d9:
                    93:a4:72:b4:ba:61:d9:89:d2:72:47:2b:0b:0f:63:
                    9a:10:39:ba:23:e0:c1:bc:f5:84:d7:ee:29:c0:37:
                    c5:9a:83:5b:a9:ec:8f:ba:b5:d9:6d:01:e9:bf:ab:
                    b4:31:65:9e:81:ed:c0:dc:9c:d1:03:ff:21:b1:8c:
                    51:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:F5:C4:87:EC:DB:4F:79:83:3B:FE:98:33:73:3F:72:F0:9D:56:A2
            X509v3 Authority Key Identifier:
                keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/ePXEh-zbT3mDO_6YM3M_cvCdVqI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.98.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:88:65:f1:27:b9:0c:b7:87:06:43:85:ef:78:46:84:99:3e:
         ce:d5:83:ef:75:41:fc:f9:d1:bb:d2:2a:af:8f:ae:76:ed:7e:
         75:3b:48:d7:95:65:03:6b:bc:28:b2:c5:da:c6:28:91:20:7c:
         38:98:5c:2f:9d:e7:03:a2:cb:ad:16:63:0c:dd:96:a5:ac:66:
         d2:8a:d4:84:3b:94:c0:c4:92:8e:ce:16:96:cc:1d:60:cd:ed:
         10:a0:81:f2:ea:ff:ce:5b:da:b3:1a:21:07:45:60:50:60:01:
         d8:c4:d2:12:39:04:1e:64:87:f1:f7:44:44:b9:3e:95:8d:1b:
         a7:93:32:fb:de:98:39:81:12:c8:38:0e:0a:63:3c:d5:0e:6c:
         0d:85:cc:dd:fb:b6:a6:6a:86:ff:ca:86:41:21:3a:57:01:0d:
         8b:34:0f:35:c3:d9:34:15:4f:36:28:20:60:48:e7:1a:1f:33:
         34:ce:56:7f:02:c1:ed:a6:7a:a8:55:5b:8b:ae:dc:60:29:70:
         e3:e1:e6:fa:ce:9e:99:cf:64:77:33:ba:e3:5e:9d:ae:11:3c:
         a9:67:eb:37:a6:88:a2:36:bc:e3:c6:55:a2:b3:a9:8a:de:ae:
         75:50:7e:20:a3:53:b1:96:e0:50:10:5c:f5:ec:64:5f:ba:9a:
         ca:6a:3e:d0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENThwxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZWU4NDNhODVkZDY2NGU5ZGMwMzEwODkyYmQ3ZGQ5Y2U1MjU5MWM3MB4XDTIyMDYx
ODE3MDQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzhmNWM0ODdlY2Ri
NGY3OTgzM2JmZTk4MzM3MzNmNzJmMDlkNTZhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKt7empzQxcHxhtFSoH+iwVGqmTqRwOaV/5gJL/XpYS94C5a
YHXdO6aiZg/jJxlrhXMdeMTmLGkzVQ/oPmHHM4BQI+5+fONIK6A7i4u7URyJCqk2
l3lGbwzZB3MUNbIYtEUt2aTci2YZ90C3FKrXkBgW45xMp8RPr6T+H8jazoE4btHe
C4tJdYsnC+Bvxn+xBPQfPvy9td7qTYLWJ86IBAHg0iPYGailBITVpbjL59GiN3xk
WDcc23WRNLAksj0aEcnZk6RytLph2YnSckcrCw9jmhA5uiPgwbz1hNfuKcA3xZqD
W6nsj7q12W0B6b+rtDFlnoHtwNyc0QP/IbGMUS8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR49cSH7NtPeYM7/pgzcz9y8J1WojAfBgNVHSMEGDAWgBRO6EOoXdZk6dwD
EIkr192c5SWRxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R1aERxRjNXWk9uY0F4Q0pLOWZkbk9VbGtjYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvYWRhZDIwLWM1MTItNGZiMC1hMTI3LTQ4Y2Y0MTJiMzg3Yi8x
L2VQWEVoLXpiVDNtRE9fNllNM01fY3ZDZFZxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
YWRhZDIwLWM1MTItNGZiMC1hMTI3LTQ4Y2Y0MTJiMzg3Yi8xL1R1aERxRjNXWk9u
Y0F4Q0pLOWZkbk9VbGtjYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJBikDANBgkqhkiG9w0BAQsFAAOC
AQEAo4hl8Se5DLeHBkOF73hGhJk+ztWD73VB/PnRu9Iqr4+udu1+dTtI15VlA2u8
KLLF2sYokSB8OJhcL53nA6LLrRZjDN2Wpaxm0orUhDuUwMSSjs4WlswdYM3tEKCB
8ur/zlvasxohB0VgUGAB2MTSEjkEHmSH8fdERLk+lY0bp5My+96YOYESyDgOCmM8
1Q5sDYXM3fu2pmqG/8qGQSE6VwENizQPNcPZNBVPNiggYEjnGh8zNM5WfwLB7aZ6
qFVbi67cYClw4+Hm+s6emc9kdzO6416drhE8qWfrN6aIoja848ZVorOpit6udVB+
IKNTsZbgUBBc9exkX7qaymo+0A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:16 2023 by rpki-client on console-fra.rpki-client.org