Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0c6716-1715-4320-aa25-279906eb5c85/1/1KtSTMw6x5mJrI8xBEvFXsDIQNE.roa
File:                     1KtSTMw6x5mJrI8xBEvFXsDIQNE.roa (raw, json)
Hash identifier:          ZdACru4QNj6rdG8DxmkK2xDi/xap+j6YYfXEDRz715s=
Subject key identifier:   D4:AB:52:4C:CC:3A:C7:99:89:AC:8F:31:04:4B:C5:5E:C0:C8:40:D1
Certificate issuer:       /CN=382c67b4ab4af86fe61ea8c6e17d11e3e05d0a51
Certificate serial:       27FF79
Authority key identifier: 38:2C:67:B4:AB:4A:F8:6F:E6:1E:A8:C6:E1:7D:11:E3:E0:5D:0A:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OCxntKtK-G_mHqjG4X0R4-BdClE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/0c6716-1715-4320-aa25-279906eb5c85/1/1KtSTMw6x5mJrI8xBEvFXsDIQNE.roa
Signing time:             Sat 01 Jan 2022 00:57:45 +0000
ROA not before:           Sat 01 Jan 2022 00:57:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41743
IP address blocks:        176.115.136.0/24 maxlen: 24
                          176.115.136.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2621305 (0x27ff79)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=382c67b4ab4af86fe61ea8c6e17d11e3e05d0a51
        Validity
            Not Before: Jan  1 00:57:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d4ab524ccc3ac79989ac8f31044bc55ec0c840d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:66:d1:87:b8:c4:0b:fb:3c:bd:e6:d3:1c:07:
                    db:0f:c7:fb:de:b2:8a:4d:be:0e:5d:9d:1f:8f:b7:
                    9f:df:77:e5:d0:c0:ed:a8:2c:3b:17:d0:06:14:a6:
                    73:90:0d:90:cf:79:69:4d:37:94:ad:5c:d6:31:26:
                    0d:18:0e:d8:c0:0d:1a:7e:af:71:ae:a6:8c:dd:36:
                    5a:86:f5:ce:05:bf:fd:e2:9a:b0:74:2d:d5:3e:a9:
                    1b:e4:92:2e:21:5d:0d:b8:e5:f6:a6:36:57:d2:d3:
                    8f:8f:8c:60:75:90:99:23:50:52:6a:16:88:ad:67:
                    91:75:bc:80:84:01:b5:57:32:95:09:a7:af:17:81:
                    e5:63:0c:06:4c:72:b6:d1:25:0a:f2:bb:a5:cf:9b:
                    35:03:1e:3f:65:5e:5a:90:b8:a4:e1:0a:aa:80:26:
                    62:35:f8:22:c8:33:d6:cb:a4:ec:6d:16:0f:d7:33:
                    e6:a4:56:c2:d9:89:90:68:54:04:d3:96:1c:ea:f5:
                    99:b0:33:48:2d:d2:ba:ab:9c:bb:7f:4f:e6:34:f4:
                    80:78:7e:95:80:20:c7:ef:e1:8f:51:df:27:1c:bd:
                    66:c2:65:00:7a:46:ac:6c:5a:f3:b6:c1:af:17:57:
                    54:7f:0e:75:55:9c:97:93:c8:bd:31:dc:8a:87:bf:
                    e0:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:AB:52:4C:CC:3A:C7:99:89:AC:8F:31:04:4B:C5:5E:C0:C8:40:D1
            X509v3 Authority Key Identifier:
                keyid:38:2C:67:B4:AB:4A:F8:6F:E6:1E:A8:C6:E1:7D:11:E3:E0:5D:0A:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCxntKtK-G_mHqjG4X0R4-BdClE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0c6716-1715-4320-aa25-279906eb5c85/1/1KtSTMw6x5mJrI8xBEvFXsDIQNE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0c6716-1715-4320-aa25-279906eb5c85/1/OCxntKtK-G_mHqjG4X0R4-BdClE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.115.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9f:e8:b6:c1:f9:1b:9b:5f:b0:60:db:96:6c:b5:42:89:87:d3:
         c5:75:2c:29:28:48:f9:0a:23:f1:69:51:73:4c:9d:b7:3b:13:
         76:6e:df:2b:30:d0:ac:ee:8a:55:96:85:4f:56:55:c8:a4:ba:
         69:9e:d0:e1:1b:6d:3d:12:d0:1b:09:2e:a5:db:49:3f:e7:04:
         b9:66:df:cd:78:ca:13:88:46:16:68:d3:ca:4c:20:90:8e:f9:
         b6:80:9c:40:47:c3:3b:9b:dc:20:c2:5c:6d:5b:4d:00:c6:27:
         1f:69:6a:76:61:25:0c:d9:28:dd:35:d4:2e:1a:ef:1c:4c:8d:
         91:3c:26:33:58:e2:70:15:b0:7d:61:68:d1:cb:07:fa:89:f4:
         ee:ed:57:5d:e2:a1:c8:84:dc:ff:37:5c:a2:7b:08:61:c7:b9:
         59:6c:ae:5b:65:96:b4:e7:7d:e5:c6:3a:ef:a5:7a:26:85:32:
         1e:51:2f:99:21:8d:62:40:15:0a:cd:a8:67:44:cd:58:53:e9:
         2a:90:0c:06:08:c8:df:9c:a9:d5:bb:12:6a:6f:65:38:f3:78:
         0f:e5:22:57:30:6b:39:16:b1:fc:34:a9:92:86:25:11:9a:58:
         b4:f9:ab:81:92:0f:1a:ea:74:f5:51:33:22:20:ad:e9:c8:12:
         75:07:1a:e3
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDJ/95MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM4
MmM2N2I0YWI0YWY4NmZlNjFlYThjNmUxN2QxMWUzZTA1ZDBhNTEwHhcNMjIwMTAx
MDA1NzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkNGFiNTI0Y2NjM2Fj
Nzk5ODlhYzhmMzEwNDRiYzU1ZWMwYzg0MGQxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkmbRh7jEC/s8vebTHAfbD8f73rKKTb4OXZ0fj7ef33fl0MDt
qCw7F9AGFKZzkA2Qz3lpTTeUrVzWMSYNGA7YwA0afq9xrqaM3TZahvXOBb/94pqw
dC3VPqkb5JIuIV0NuOX2pjZX0tOPj4xgdZCZI1BSahaIrWeRdbyAhAG1VzKVCaev
F4HlYwwGTHK20SUK8rulz5s1Ax4/ZV5akLik4QqqgCZiNfgiyDPWy6TsbRYP1zPm
pFbC2YmQaFQE05Yc6vWZsDNILdK6q5y7f0/mNPSAeH6VgCDH7+GPUd8nHL1mwmUA
ekasbFrztsGvF1dUfw51VZyXk8i9MdyKh7/g8QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFNSrUkzMOseZiayPMQRLxV7AyEDRMB8GA1UdIwQYMBaAFDgsZ7SrSvhv5h6o
xuF9EePgXQpRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
T0N4bnRLdEstR19tSHFqRzRYMFI0LUJkQ2xFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYy8wYzY3MTYtMTcxNS00MzIwLWFhMjUtMjc5OTA2ZWI1Yzg1LzEv
MUt0U1RNdzZ4NW1Kckk4eEJFdkZYc0RJUU5FLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8w
YzY3MTYtMTcxNS00MzIwLWFhMjUtMjc5OTA2ZWI1Yzg1LzEvT0N4bnRLdEstR19t
SHFqRzRYMFI0LUJkQ2xFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsHOIMA0GCSqGSIb3DQEBCwUAA4IB
AQCf6LbB+RubX7Bg25ZstUKJh9PFdSwpKEj5CiPxaVFzTJ23OxN2bt8rMNCs7opV
loVPVlXIpLppntDhG209EtAbCS6l20k/5wS5Zt/NeMoTiEYWaNPKTCCQjvm2gJxA
R8M7m9wgwlxtW00AxicfaWp2YSUM2SjdNdQuGu8cTI2RPCYzWOJwFbB9YWjRywf6
ifTu7Vdd4qHIhNz/N1yiewhhx7lZbK5bZZa0533lxjrvpXomhTIeUS+ZIY1iQBUK
zahnRM1YU+kqkAwGCMjfnKnVuxJqb2U483gP5SJXMGs5FrH8NKmShiURmli0+auB
kg8a6nT1UTMiIK3pyBJ1Bxrj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:58 2024 by rpki-client on console-ams.rpki-client.org