Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/0-fFsfIon2NT32lydS_vb0BHBPA.roa
File:                     0-fFsfIon2NT32lydS_vb0BHBPA.roa (raw, json)
Hash identifier:          lJ2vKOA7HdmldS/Ew+u0Ts2rNYpNKpYeVIvaQWOK8Ek=
Subject key identifier:   D3:E7:C5:B1:F2:28:9F:63:53:DF:69:72:75:2F:EF:6F:40:47:04:F0
Certificate issuer:       /CN=532d1e41424819bcc0cd637d8ee141fea585d00d
Certificate serial:       01849E3A0EC845E336CF61C5A5DBC5B9C0B6
Authority key identifier: 53:2D:1E:41:42:48:19:BC:C0:CD:63:7D:8E:E1:41:FE:A5:85:D0:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Uy0eQUJIGbzAzWN9juFB_qWF0A0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/0-fFsfIon2NT32lydS_vb0BHBPA.roa
Signing time:             Tue 22 Nov 2022 07:25:15 +0000
ROA not before:           Tue 22 Nov 2022 07:25:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201403
IP address blocks:        185.49.51.0/24 maxlen: 24
                          185.49.50.0/24 maxlen: 24
                          2a04:b700:185d::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9e:3a:0e:c8:45:e3:36:cf:61:c5:a5:db:c5:b9:c0:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=532d1e41424819bcc0cd637d8ee141fea585d00d
        Validity
            Not Before: Nov 22 07:25:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3e7c5b1f2289f6353df6972752fef6f404704f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:6b:07:6d:1e:f8:2b:4b:08:11:27:0c:cf:e2:
                    81:f1:a3:b0:41:e0:93:df:fa:39:ee:89:3f:81:0c:
                    36:ad:46:9b:17:8c:a5:53:a2:9a:9d:74:2f:ec:4f:
                    75:cf:90:a5:31:9b:92:11:f4:68:04:0a:3d:fc:c1:
                    8e:b1:2f:40:7f:38:18:92:6b:32:71:ec:09:6c:5b:
                    18:52:3c:85:c9:aa:a1:63:9d:f6:a4:d7:36:c2:2b:
                    70:de:d5:98:25:8c:ad:72:47:24:58:ec:b7:96:17:
                    9a:47:93:19:8b:d6:b7:67:65:d1:c8:c2:f9:1e:1c:
                    b4:23:17:89:d8:35:b9:9f:f4:ec:d1:ed:ef:9c:dc:
                    de:ec:b5:5d:0d:74:d9:f7:e2:a3:46:fc:59:43:38:
                    0a:43:5c:43:15:bf:14:5f:65:ff:25:b6:61:d0:3a:
                    39:e2:b4:a7:3a:05:74:f2:70:d1:45:b5:7d:43:0d:
                    7a:4f:f5:f4:ac:d3:6e:24:1c:2d:75:35:e5:56:c5:
                    d3:99:fd:78:bb:92:27:74:74:76:37:cb:4c:14:23:
                    12:96:d3:ee:77:9d:ee:49:f5:99:b5:5c:5d:f9:fe:
                    18:5a:c0:cd:4e:5d:3d:ef:bf:2d:84:bf:f3:44:e8:
                    a4:63:80:b4:f2:8d:72:c8:94:a4:4f:96:2f:c9:a2:
                    b4:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:E7:C5:B1:F2:28:9F:63:53:DF:69:72:75:2F:EF:6F:40:47:04:F0
            X509v3 Authority Key Identifier:
                keyid:53:2D:1E:41:42:48:19:BC:C0:CD:63:7D:8E:E1:41:FE:A5:85:D0:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uy0eQUJIGbzAzWN9juFB_qWF0A0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/0-fFsfIon2NT32lydS_vb0BHBPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/Uy0eQUJIGbzAzWN9juFB_qWF0A0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.50.0/23
                IPv6:
                  2a04:b700:185d::/48

    Signature Algorithm: sha256WithRSAEncryption
         a1:0b:fe:a5:12:2c:42:df:1f:50:54:4a:84:19:f7:dd:63:9d:
         30:c2:35:68:91:96:e8:d6:76:14:ae:76:f4:48:e6:18:aa:cb:
         eb:5e:9b:ba:27:60:30:cd:18:a1:d7:83:80:5c:bf:19:94:76:
         80:98:c8:6f:ed:bb:8b:ab:aa:8e:ab:6c:5c:f7:11:28:f8:2d:
         6c:77:5c:81:f0:f8:94:3f:5d:02:e2:a6:e4:b7:7f:f5:26:d2:
         e7:8c:d2:ff:4f:27:fe:54:6f:71:cf:7c:9d:7a:c0:23:ba:65:
         d9:62:22:f6:89:f6:57:8b:bb:4e:4c:d9:90:79:2c:ac:62:c6:
         c7:52:75:90:f6:6d:c0:25:ac:9b:60:77:17:0c:56:4a:2a:7a:
         5d:e6:85:bb:98:8b:43:f7:35:7b:be:ce:9c:af:84:d6:76:71:
         54:be:3f:e1:e9:7a:62:82:58:87:56:ec:ab:78:f8:e4:e4:c3:
         dc:7a:0f:86:46:3b:4a:98:4a:ca:6d:65:88:9d:c7:a9:ef:3f:
         ac:ae:8f:30:1c:01:fe:ef:b5:8f:91:1e:c2:4a:0a:e3:05:1e:
         f3:96:98:82:da:00:cf:d8:04:a9:f7:cd:09:de:f1:b2:10:10:
         11:99:55:52:c7:31:25:fc:28:cc:ac:81:d3:34:ba:4b:5c:9f:
         f2:8d:17:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSeOg7IReM2z2HFpdvFucC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMmQxZTQxNDI0ODE5YmNjMGNkNjM3ZDhlZTE0MWZlYTU4
NWQwMGQwHhcNMjIxMTIyMDcyNTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U3YzViMWYyMjg5ZjYzNTNkZjY5NzI3NTJmZWY2ZjQwNDcwNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWsHbR74K0sIEScMz+KB8aOwQeCT
3/o57ok/gQw2rUabF4ylU6KanXQv7E91z5ClMZuSEfRoBAo9/MGOsS9AfzgYkmsy
cewJbFsYUjyFyaqhY532pNc2witw3tWYJYytckckWOy3lheaR5MZi9a3Z2XRyML5
Hhy0IxeJ2DW5n/Ts0e3vnNze7LVdDXTZ9+KjRvxZQzgKQ1xDFb8UX2X/JbZh0Do5
4rSnOgV08nDRRbV9Qw16T/X0rNNuJBwtdTXlVsXTmf14u5IndHR2N8tMFCMSltPu
d53uSfWZtVxd+f4YWsDNTl09778thL/zROikY4C08o1yyJSkT5YvyaK0swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNPnxbHyKJ9jU99pcnUv729ARwTwMB8GA1UdIwQY
MBaAFFMtHkFCSBm8wM1jfY7hQf6lhdANMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXkwZVFVSklHYnpBeldOOWp1RkJfcVdGMEEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83OGM1NzctOGY5OC00MGIyLWIwMWQt
MTA3NzdmOWUzNjg1LzEvMC1mRnNmSW9uMk5UMzJseWRTX3ZiMEJIQlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83OGM1NzctOGY5OC00MGIyLWIwMWQtMTA3NzdmOWUzNjg1
LzEvVXkwZVFVSklHYnpBeldOOWp1RkJfcVdGMEEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuTEyMA8E
AgACMAkDBwAqBLcAGF0wDQYJKoZIhvcNAQELBQADggEBAKEL/qUSLELfH1BUSoQZ
991jnTDCNWiRlujWdhSudvRI5hiqy+tem7onYDDNGKHXg4BcvxmUdoCYyG/tu4ur
qo6rbFz3ESj4LWx3XIHw+JQ/XQLipuS3f/Um0ueM0v9PJ/5Ub3HPfJ16wCO6Zdli
IvaJ9leLu05M2ZB5LKxixsdSdZD2bcAlrJtgdxcMVkoqel3mhbuYi0P3NXu+zpyv
hNZ2cVS+P+HpemKCWIdW7Kt4+OTkw9x6D4ZGO0qYSsptZYidx6nvP6yujzAcAf7v
tY+RHsJKCuMFHvOWmILaAM/YBKn3zQne8bIQEBGZVVLHMSX8KMysgdM0uktcn/KN
F2E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:05 2024 by rpki-client on console-ams.rpki-client.org