Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/b688da-765c-4481-8eb3-730383211f25/1/h7nztI0mSn1VaLMgeRyDzpeA-u4.roa
File:                     h7nztI0mSn1VaLMgeRyDzpeA-u4.roa (raw, json)
Hash identifier:          9xDzCHgB60/+bmV7AaYCoftDZbBVLYJijonkuYBhz84=
Subject key identifier:   87:B9:F3:B4:8D:26:4A:7D:55:68:B3:20:79:1C:83:CE:97:80:FA:EE
Certificate issuer:       /CN=e3a898ba1250c8989cc76d9f8b53d1dbc62b2890
Certificate serial:       0183214FE0FB433A817A2A0A372A731CE7CD
Authority key identifier: E3:A8:98:BA:12:50:C8:98:9C:C7:6D:9F:8B:53:D1:DB:C6:2B:28:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/46iYuhJQyJicx22fi1PR28YrKJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/b688da-765c-4481-8eb3-730383211f25/1/h7nztI0mSn1VaLMgeRyDzpeA-u4.roa
Signing time:             Fri 09 Sep 2022 08:13:46 +0000
ROA not before:           Fri 09 Sep 2022 08:13:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25321
IP address blocks:        193.201.78.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:21:4f:e0:fb:43:3a:81:7a:2a:0a:37:2a:73:1c:e7:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3a898ba1250c8989cc76d9f8b53d1dbc62b2890
        Validity
            Not Before: Sep  9 08:13:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=87b9f3b48d264a7d5568b320791c83ce9780faee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:fb:bc:7b:62:7f:dc:de:b8:ff:7f:9f:37:8b:
                    3f:61:5d:02:18:72:c9:a4:52:44:64:86:67:d7:40:
                    55:f3:8c:92:c3:32:9d:97:c0:e4:4c:b0:eb:64:b2:
                    07:59:1f:cb:1a:58:69:33:ba:e7:62:a9:f3:c2:b9:
                    de:d3:d8:78:ff:40:ac:56:b9:0f:d6:b3:96:34:ae:
                    f3:de:b3:6e:ef:3b:cc:ab:79:35:2e:2b:5d:b4:ee:
                    5e:74:79:60:84:05:52:22:ec:e7:62:59:48:2f:82:
                    13:d1:96:7e:a0:f6:fe:70:4d:98:8d:90:50:ba:75:
                    5d:d5:cd:f7:78:0d:ab:27:46:51:c4:7a:85:35:fd:
                    56:a4:ee:d1:e2:52:20:63:6a:38:a8:d5:31:4d:12:
                    ca:b2:dd:ed:d2:37:90:6c:b4:57:04:76:5a:3a:8e:
                    0b:8e:94:d1:dc:7a:4e:47:e7:b1:cd:68:c6:37:30:
                    45:48:58:03:0c:7b:3b:c9:0f:19:5c:c7:64:2e:8e:
                    d7:d2:78:3a:b1:75:50:bc:e4:0b:55:64:c1:eb:6f:
                    47:66:33:b7:a4:42:3c:59:df:d4:4e:25:3e:8d:24:
                    4a:13:cd:46:b8:bf:4c:a0:6a:3f:13:ef:15:73:e6:
                    2e:cd:4b:02:27:58:9d:86:2b:8a:f1:65:8e:c9:db:
                    34:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:B9:F3:B4:8D:26:4A:7D:55:68:B3:20:79:1C:83:CE:97:80:FA:EE
            X509v3 Authority Key Identifier:
                keyid:E3:A8:98:BA:12:50:C8:98:9C:C7:6D:9F:8B:53:D1:DB:C6:2B:28:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/46iYuhJQyJicx22fi1PR28YrKJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b688da-765c-4481-8eb3-730383211f25/1/h7nztI0mSn1VaLMgeRyDzpeA-u4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b688da-765c-4481-8eb3-730383211f25/1/46iYuhJQyJicx22fi1PR28YrKJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.201.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         97:f3:15:e1:e7:4d:d7:99:77:0a:fd:be:1b:fc:d4:2f:85:04:
         f5:eb:60:d0:09:a4:61:13:11:3c:d8:aa:36:bf:35:8e:38:a0:
         16:c6:bb:84:c3:84:9d:a0:a9:c9:16:37:78:94:e0:b1:1f:51:
         11:72:50:6a:3f:4e:5e:53:36:98:31:52:f0:16:a9:4b:d3:22:
         21:b8:9f:90:ef:f0:10:d7:43:12:b9:db:43:3b:f9:e0:af:b5:
         89:e6:4e:a3:31:6e:28:f0:b5:88:7b:98:27:80:6c:44:31:7a:
         ff:ae:9f:64:d8:6a:24:b8:78:f1:78:12:b8:5d:48:27:dc:03:
         94:fb:a6:6c:9b:98:c8:1f:79:36:cd:eb:0b:85:52:36:6a:00:
         4a:ad:8d:c9:7c:1d:c2:7f:15:8f:87:8d:1b:6a:e0:82:e5:80:
         c6:23:08:36:cf:21:15:17:00:21:40:04:ea:e1:0c:c2:c0:75:
         2f:62:eb:f3:90:bb:56:15:59:15:84:03:c3:c5:4f:f0:79:64:
         13:5b:89:96:19:a9:c3:4f:24:85:6a:4b:73:2c:aa:1f:88:76:
         e4:27:d1:23:3c:f9:72:bc:ae:37:54:0c:77:ec:ff:85:93:ff:
         24:be:97:13:52:81:d8:33:d7:ed:3d:95:9a:46:6f:83:e4:e2:
         e4:81:0b:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMhT+D7QzqBeioKNypzHOfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYTg5OGJhMTI1MGM4OTg5Y2M3NmQ5ZjhiNTNkMWRiYzYy
YjI4OTAwHhcNMjIwOTA5MDgxMzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I5ZjNiNDhkMjY0YTdkNTU2OGIzMjA3OTFjODNjZTk3ODBmYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvu8e2J/3N64/3+fN4s/YV0CGHLJ
pFJEZIZn10BV84ySwzKdl8DkTLDrZLIHWR/LGlhpM7rnYqnzwrne09h4/0CsVrkP
1rOWNK7z3rNu7zvMq3k1LitdtO5edHlghAVSIuznYllIL4IT0ZZ+oPb+cE2YjZBQ
unVd1c33eA2rJ0ZRxHqFNf1WpO7R4lIgY2o4qNUxTRLKst3t0jeQbLRXBHZaOo4L
jpTR3HpOR+exzWjGNzBFSFgDDHs7yQ8ZXMdkLo7X0ng6sXVQvOQLVWTB629HZjO3
pEI8Wd/UTiU+jSRKE81GuL9MoGo/E+8Vc+YuzUsCJ1idhiuK8WWOyds0gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIe587SNJkp9VWizIHkcg86XgPruMB8GA1UdIwQY
MBaAFOOomLoSUMiYnMdtn4tT0dvGKyiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDZpWXVoSlF5SmljeDIyZmkxUFIyOFlyS0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9iNjg4ZGEtNzY1Yy00NDgxLThlYjMt
NzMwMzgzMjExZjI1LzEvaDduenRJMG1TbjFWYUxNZ2VSeUR6cGVBLXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9iNjg4ZGEtNzY1Yy00NDgxLThlYjMtNzMwMzgzMjExZjI1
LzEvNDZpWXVoSlF5SmljeDIyZmkxUFIyOFlyS0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwclOMA0G
CSqGSIb3DQEBCwUAA4IBAQCX8xXh503XmXcK/b4b/NQvhQT162DQCaRhExE82Ko2
vzWOOKAWxruEw4SdoKnJFjd4lOCxH1ERclBqP05eUzaYMVLwFqlL0yIhuJ+Q7/AQ
10MSudtDO/ngr7WJ5k6jMW4o8LWIe5gngGxEMXr/rp9k2GokuHjxeBK4XUgn3AOU
+6Zsm5jIH3k2zesLhVI2agBKrY3JfB3CfxWPh40bauCC5YDGIwg2zyEVFwAhQATq
4QzCwHUvYuvzkLtWFVkVhAPDxU/weWQTW4mWGanDTySFaktzLKofiHbkJ9EjPPly
vK43VAx37P+Fk/8kvpcTUoHYM9ftPZWaRm+D5OLkgQsl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:37 2024 by rpki-client on console-fra.rpki-client.org