Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/FdvnZKODzubpns-i7J8vZhhBDrg.roa
File:                     FdvnZKODzubpns-i7J8vZhhBDrg.roa (raw, json)
Hash identifier:          VrwiqFjFpd6KCiOHBCuCqlRC/5PAsuiu0By6r+hUfYI=
Subject key identifier:   15:DB:E7:64:A3:83:CE:E6:E9:9E:CF:A2:EC:9F:2F:66:18:41:0E:B8
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0182AB307D4C75E042FAF71084E41FF0EA81
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/FdvnZKODzubpns-i7J8vZhhBDrg.roa
Signing time:             Wed 17 Aug 2022 09:44:17 +0000
ROA not before:           Wed 17 Aug 2022 09:44:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     272110
IP address blocks:        178.253.22.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ab:30:7d:4c:75:e0:42:fa:f7:10:84:e4:1f:f0:ea:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Aug 17 09:44:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=15dbe764a383cee6e99ecfa2ec9f2f6618410eb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:20:fe:c2:3c:16:13:d0:b2:d7:82:92:de:87:
                    33:93:c2:dd:01:61:b3:4d:84:a0:d8:a3:d2:e5:e1:
                    15:f8:6d:26:4f:0a:18:bc:da:22:67:c9:9c:96:20:
                    32:cc:58:b4:cf:97:f8:9e:95:3f:1c:b3:7d:ab:2f:
                    e1:e5:4f:2d:15:bd:a1:0a:ee:d2:3a:c5:48:99:9f:
                    5b:39:c8:bc:4b:05:48:a1:21:3b:3b:95:6c:a9:dd:
                    dd:ba:b0:b9:a4:2f:d1:45:65:c0:5a:4f:ba:74:cd:
                    87:20:cf:05:d8:77:c7:58:9f:b1:44:81:06:4f:9c:
                    66:27:bd:46:e5:37:79:e4:a7:11:2f:90:63:fc:b0:
                    06:22:26:0e:cd:09:77:34:32:dd:d6:43:be:75:fa:
                    01:43:3b:70:04:90:3a:ba:9c:7b:e4:85:93:27:a5:
                    9a:a3:42:39:bf:36:5f:39:24:e9:f7:04:1e:0a:97:
                    01:03:07:f3:8d:e1:11:d8:74:b5:3e:6b:01:6d:fe:
                    d9:8d:0f:d8:5d:5a:ca:96:96:9f:8e:46:01:bc:bd:
                    da:e0:60:de:8c:26:6a:65:30:8c:49:9f:0a:f6:e1:
                    66:ea:10:16:68:de:a6:2f:5b:4a:d0:ff:b8:65:6b:
                    66:95:8a:bd:90:bd:cf:b7:02:c4:00:d6:13:1d:f3:
                    98:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:DB:E7:64:A3:83:CE:E6:E9:9E:CF:A2:EC:9F:2F:66:18:41:0E:B8
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/FdvnZKODzubpns-i7J8vZhhBDrg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:e3:15:2a:b2:7a:28:ad:7d:39:be:b6:ae:92:2f:96:58:88:
         33:7c:c2:3e:00:b9:51:05:50:84:61:2d:2c:88:bd:0e:8a:e2:
         92:ff:2e:82:1f:b1:cb:c2:e7:33:52:6c:72:41:7d:a7:9f:74:
         47:6f:48:6e:4f:bf:1c:13:c6:ee:3c:9a:5b:10:bf:e5:e6:15:
         b2:78:3f:d1:49:80:5a:f6:5b:13:0f:f5:f8:d2:de:47:7e:ac:
         a1:c3:20:84:82:00:6f:34:96:a8:99:c1:47:16:17:10:2e:f3:
         4c:46:ca:db:b1:85:53:9c:d5:23:12:cf:33:4d:03:f1:d1:7b:
         c3:6f:f4:63:8b:b9:f5:ea:9f:97:a0:72:33:64:2f:99:f8:f9:
         5c:f7:27:a2:fe:8a:ae:84:bc:79:00:6b:1a:85:57:eb:2f:eb:
         22:dd:6d:5b:d8:8c:2e:ae:89:f1:20:e2:8f:76:bd:01:d4:4b:
         e6:c1:6f:4e:32:13:3d:ef:6a:0c:32:ab:2d:34:16:53:0c:69:
         a6:3f:00:45:24:ec:a9:8e:26:7b:0c:07:4f:3a:26:13:d4:b0:
         de:6c:78:0c:83:97:a6:55:3c:89:58:81:40:41:d3:43:16:ad:
         ff:bc:dc:ea:34:08:7b:c5:85:ea:29:3f:28:f0:86:87:85:86:
         27:c3:d1:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKrMH1MdeBC+vcQhOQf8OqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIwODE3MDk0NDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWRiZTc2NGEzODNjZWU2ZTk5ZWNmYTJlYzlmMmY2NjE4NDEwZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiD+wjwWE9Cy14KS3oczk8LdAWGz
TYSg2KPS5eEV+G0mTwoYvNoiZ8mcliAyzFi0z5f4npU/HLN9qy/h5U8tFb2hCu7S
OsVImZ9bOci8SwVIoSE7O5Vsqd3durC5pC/RRWXAWk+6dM2HIM8F2HfHWJ+xRIEG
T5xmJ71G5Td55KcRL5Bj/LAGIiYOzQl3NDLd1kO+dfoBQztwBJA6upx75IWTJ6Wa
o0I5vzZfOSTp9wQeCpcBAwfzjeER2HS1PmsBbf7ZjQ/YXVrKlpafjkYBvL3a4GDe
jCZqZTCMSZ8K9uFm6hAWaN6mL1tK0P+4ZWtmlYq9kL3PtwLEANYTHfOYlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBXb52Sjg87m6Z7PouyfL2YYQQ64MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvRmR2blpLT0R6dWJwbnMtaTdKOHZaaGhCRHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv0WMA0G
CSqGSIb3DQEBCwUAA4IBAQAW4xUqsnoorX05vrauki+WWIgzfMI+ALlRBVCEYS0s
iL0OiuKS/y6CH7HLwuczUmxyQX2nn3RHb0huT78cE8buPJpbEL/l5hWyeD/RSYBa
9lsTD/X40t5HfqyhwyCEggBvNJaomcFHFhcQLvNMRsrbsYVTnNUjEs8zTQPx0XvD
b/Rji7n16p+XoHIzZC+Z+Plc9yei/oquhLx5AGsahVfrL+si3W1b2IwuronxIOKP
dr0B1EvmwW9OMhM972oMMqstNBZTDGmmPwBFJOypjiZ7DAdPOiYT1LDebHgMg5em
VTyJWIFAQdNDFq3/vNzqNAh7xYXqKT8o8IaHhYYnw9Gv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org