Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CSCjBSp1VsIH3DnkQJMKs2q1OJo.roa
File:                     CSCjBSp1VsIH3DnkQJMKs2q1OJo.roa (raw, json)
Hash identifier:          akiar0ZwDjMdjVurigp8H0BxhRfN3W1buh0+M1BmyaU=
Subject key identifier:   09:20:A3:05:2A:75:56:C2:07:DC:39:E4:40:93:0A:B3:6A:B5:38:9A
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       01842EE8F6ED71782EA41B86CDF827EAC7AA
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CSCjBSp1VsIH3DnkQJMKs2q1OJo.roa
Signing time:             Mon 31 Oct 2022 16:38:50 +0000
ROA not before:           Mon 31 Oct 2022 16:38:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211432
IP address blocks:        178.253.33.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2e:e8:f6:ed:71:78:2e:a4:1b:86:cd:f8:27:ea:c7:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Oct 31 16:38:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0920a3052a7556c207dc39e440930ab36ab5389a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:19:bf:a4:fb:65:e6:31:3f:19:2d:79:69:f7:
                    bd:b5:10:44:7d:22:00:46:b4:24:20:32:95:29:f2:
                    80:8a:6e:05:86:24:5e:2d:91:9e:37:2d:39:fd:84:
                    71:28:f5:b0:92:7f:6e:58:a0:4b:3d:48:b3:00:06:
                    1a:b9:cd:92:40:cd:cf:a0:ea:8a:7a:a3:84:9f:9b:
                    91:4a:45:a9:e3:e0:fb:94:bb:4b:5c:74:d5:89:41:
                    2a:08:fc:10:a2:ac:b8:0b:4a:3c:46:cb:f8:9a:e1:
                    aa:ba:0d:30:fe:58:7b:8f:3b:36:ea:ae:7f:d6:bb:
                    22:8f:2d:b6:72:77:f9:0e:95:08:c5:19:b4:b8:e6:
                    a4:1e:fa:64:32:27:94:25:70:69:dc:c3:aa:e6:ff:
                    5a:24:8c:a6:d6:ed:06:44:d6:59:a2:31:4e:99:c3:
                    7a:af:75:0b:30:87:5a:ab:a1:34:24:8b:4d:a5:11:
                    2b:1e:7b:bd:a2:bd:44:89:71:d1:76:d9:6c:03:90:
                    2c:b8:75:9a:cb:96:6e:e7:db:75:58:28:78:e0:89:
                    55:eb:94:07:f5:a3:39:27:da:b1:f5:58:65:f6:74:
                    4e:6f:85:39:6a:f8:95:4a:c1:d6:c1:99:cd:11:bc:
                    1c:58:d5:34:fa:3d:d4:41:84:96:34:1d:96:9e:0f:
                    dc:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:20:A3:05:2A:75:56:C2:07:DC:39:E4:40:93:0A:B3:6A:B5:38:9A
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CSCjBSp1VsIH3DnkQJMKs2q1OJo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:22:3a:6b:d1:b3:36:16:20:88:be:8c:2b:4e:ec:a4:d6:5b:
         ea:bb:e2:2c:ca:a1:2a:33:46:80:64:8c:35:50:7a:64:7b:0a:
         86:90:ab:23:07:e7:3e:eb:4f:d0:07:e4:45:64:f7:10:87:bd:
         06:3a:13:38:01:b8:44:57:38:24:53:31:8f:c3:11:d4:24:36:
         e4:5a:19:eb:d1:1e:c0:3a:34:50:0c:15:43:9e:fe:82:21:b4:
         8b:c7:2f:7c:cb:f8:02:75:c7:41:8f:7a:87:4f:ee:3b:5e:de:
         20:00:d1:c9:f6:16:fd:5a:ef:78:cb:f3:5a:0d:a1:20:cf:4b:
         7f:30:d4:13:90:35:fd:d9:1e:15:84:fd:e9:cd:a6:4f:13:7f:
         5b:ea:8e:c2:3d:38:f4:d6:63:48:46:51:93:14:1c:84:d0:00:
         1f:e6:a6:1a:75:9d:5f:a9:c0:c8:ac:9a:b3:e1:42:64:f1:9a:
         4f:85:d9:7f:bc:af:4e:4b:16:05:7a:ff:7b:8d:d1:88:7e:f9:
         8b:f9:f5:f6:49:7c:48:2b:4a:8b:a9:49:2a:60:10:78:d4:15:
         13:5d:6a:72:a3:24:0d:9b:c4:73:99:f9:63:9c:85:31:e8:92:
         21:7c:0b:95:8a:d1:b0:89:8d:5a:49:17:15:91:0b:33:7b:82:
         fb:c1:d2:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQu6PbtcXgupBuGzfgn6seqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMDMxMTYzODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTIwYTMwNTJhNzU1NmMyMDdkYzM5ZTQ0MDkzMGFiMzZhYjUzODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRm/pPtl5jE/GS15afe9tRBEfSIA
RrQkIDKVKfKAim4FhiReLZGeNy05/YRxKPWwkn9uWKBLPUizAAYauc2SQM3PoOqK
eqOEn5uRSkWp4+D7lLtLXHTViUEqCPwQoqy4C0o8Rsv4muGqug0w/lh7jzs26q5/
1rsijy22cnf5DpUIxRm0uOakHvpkMieUJXBp3MOq5v9aJIym1u0GRNZZojFOmcN6
r3ULMIdaq6E0JItNpRErHnu9or1EiXHRdtlsA5AsuHWay5Zu59t1WCh44IlV65QH
9aM5J9qx9Vhl9nROb4U5aviVSsHWwZnNEbwcWNU0+j3UQYSWNB2Wng/cQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkgowUqdVbCB9w55ECTCrNqtTiaMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvQ1NDakJTcDFWc0lIM0Rua1FKTUtzMnExT0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv0hMA0G
CSqGSIb3DQEBCwUAA4IBAQBaIjpr0bM2FiCIvowrTuyk1lvqu+IsyqEqM0aAZIw1
UHpkewqGkKsjB+c+60/QB+RFZPcQh70GOhM4AbhEVzgkUzGPwxHUJDbkWhnr0R7A
OjRQDBVDnv6CIbSLxy98y/gCdcdBj3qHT+47Xt4gANHJ9hb9Wu94y/NaDaEgz0t/
MNQTkDX92R4VhP3pzaZPE39b6o7CPTj01mNIRlGTFByE0AAf5qYadZ1fqcDIrJqz
4UJk8ZpPhdl/vK9OSxYFev97jdGIfvmL+fX2SXxIK0qLqUkqYBB41BUTXWpyoyQN
m8RzmfljnIUx6JIhfAuVitGwiY1aSRcVkQsze4L7wdJm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:18 2024 by rpki-client on console-ams.rpki-client.org