Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OBlZ84tizzTTjH_W730TxbePKBk.roa
File:                     OBlZ84tizzTTjH_W730TxbePKBk.roa (raw, json)
Hash identifier:          EqOJ+BXu6Od0EHe88euq8uD9/kSDPMkuSDCvtosQMnk=
Subject key identifier:   38:19:59:F3:8B:62:CF:34:D3:8C:7F:D6:EF:7D:13:C5:B7:8F:28:19
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       08F2E46E
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OBlZ84tizzTTjH_W730TxbePKBk.roa
Signing time:             Sun 10 Apr 2022 17:50:29 +0000
ROA not before:           Sun 10 Apr 2022 17:50:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202492
IP address blocks:        178.253.0.0/21 maxlen: 21
                          83.147.196.0/22 maxlen: 22
                          83.147.195.0/24 maxlen: 24
                          94.241.188.0/22 maxlen: 22
                          94.241.144.0/21 maxlen: 21
                          83.147.200.0/22 maxlen: 22
                          83.147.204.0/22 maxlen: 22
                          178.253.17.0/24 maxlen: 24
                          83.147.208.0/24 maxlen: 24
                          83.147.209.0/24 maxlen: 24
                          178.253.20.0/23 maxlen: 23
                          178.253.24.0/23 maxlen: 23
                          83.147.218.0/23 maxlen: 23
                          83.147.220.0/23 maxlen: 23
                          83.147.224.0/22 maxlen: 22
                          83.147.228.0/22 maxlen: 22
                          83.147.236.0/22 maxlen: 22
                          178.253.54.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 150135918 (0x8f2e46e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Apr 10 17:50:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=381959f38b62cf34d38c7fd6ef7d13c5b78f2819
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:15:38:1f:2f:3c:9a:60:a0:d5:44:5e:67:f0:
                    db:d5:b4:44:26:b3:a4:27:ef:60:10:f6:54:17:bf:
                    36:3a:aa:8b:92:2b:21:61:75:41:85:e4:81:93:2a:
                    e9:61:40:51:74:42:82:a1:b3:e5:4c:e6:68:3b:b5:
                    fd:26:17:d3:93:5a:8b:3b:a7:59:b2:1e:4d:1b:19:
                    7e:f8:d4:73:42:0c:6c:88:c1:5e:a0:2f:c2:04:0f:
                    f3:f5:79:8b:77:53:d7:41:c2:72:db:3f:06:47:19:
                    f3:68:9e:e8:d6:5a:a5:74:ea:95:cb:1f:d6:61:f7:
                    b7:3e:5e:64:7e:82:e6:d4:a0:93:14:10:18:01:c7:
                    10:c6:04:d5:b4:e2:22:2d:8c:e6:a8:64:5a:a4:77:
                    aa:c0:6e:7c:05:be:7a:0e:e7:45:33:a3:95:7e:ee:
                    2c:10:08:2a:b9:5c:d1:0e:08:2f:b9:16:ce:eb:e2:
                    9d:2e:88:00:df:db:e3:87:be:05:39:4c:c1:2d:63:
                    99:a9:b5:7c:1b:dd:45:49:93:3f:c8:a4:a2:5a:a7:
                    d0:e4:33:b3:6c:dc:07:46:da:af:99:a0:8d:a4:3b:
                    5f:a9:98:2a:22:c0:03:ef:fc:84:a9:87:eb:7e:08:
                    d4:3d:7e:4c:f2:6c:57:78:3b:84:08:fa:be:90:2b:
                    71:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:19:59:F3:8B:62:CF:34:D3:8C:7F:D6:EF:7D:13:C5:B7:8F:28:19
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OBlZ84tizzTTjH_W730TxbePKBk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.195.0-83.147.209.255
                  83.147.218.0-83.147.221.255
                  83.147.224.0/21
                  83.147.236.0/22
                  94.241.144.0/21
                  94.241.188.0/22
                  178.253.0.0/21
                  178.253.17.0/24
                  178.253.20.0/23
                  178.253.24.0/23
                  178.253.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:d6:9a:15:9d:2b:9d:75:84:c0:09:97:87:c8:cd:8c:06:a1:
         e6:60:03:19:b7:cf:c8:ab:77:97:9d:29:e8:ea:bf:ac:f1:75:
         25:1a:e3:21:5d:12:51:6a:ed:5d:3d:0c:97:3a:4d:a5:3d:ba:
         f9:55:71:57:8a:02:fc:d2:0a:71:32:35:54:95:54:59:39:56:
         57:50:e9:93:63:66:1c:f1:26:2f:96:76:6e:95:04:f8:aa:6e:
         87:84:ff:9e:66:2a:44:b6:12:93:08:a0:86:4b:f6:e3:cc:8b:
         12:15:48:a0:10:08:59:43:70:55:6f:82:d3:04:c3:32:ae:7f:
         34:ac:2a:96:06:ed:70:aa:cb:f5:43:40:3b:97:f2:a9:bf:a8:
         92:0b:1f:fe:8a:39:85:f6:b4:a1:48:7b:f7:ac:49:39:87:3f:
         7d:89:18:91:ec:2a:1e:7d:fb:57:c0:8e:03:c8:97:b3:c1:86:
         ab:84:bc:3c:6f:63:30:be:55:10:5f:c2:35:84:e8:21:72:4f:
         55:fe:ed:d0:c5:5c:95:91:d0:bc:a6:ce:b4:be:3d:3f:ab:ed:
         cb:21:a3:30:b7:30:13:8d:54:ac:13:c2:33:e9:70:52:1d:72:
         79:9a:aa:29:82:d3:1c:0a:60:75:55:16:88:ef:15:9a:bb:ef:
         5f:3b:06:53
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIECPLkbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc3OGRlMmE5YmU5ODAyMTIwMzgyZTc1MGQxNTllOTU4NzJjMmFlMB4XDTIyMDQx
MDE3NTAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzgxOTU5ZjM4YjYy
Y2YzNGQzOGM3ZmQ2ZWY3ZDEzYzViNzhmMjgxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoVOB8vPJpgoNVEXmfw29W0RCazpCfvYBD2VBe/Njqqi5Ir
IWF1QYXkgZMq6WFAUXRCgqGz5UzmaDu1/SYX05NaizunWbIeTRsZfvjUc0IMbIjB
XqAvwgQP8/V5i3dT10HCcts/BkcZ82ie6NZapXTqlcsf1mH3tz5eZH6C5tSgkxQQ
GAHHEMYE1bTiIi2M5qhkWqR3qsBufAW+eg7nRTOjlX7uLBAIKrlc0Q4IL7kWzuvi
nS6IAN/b44e+BTlMwS1jmam1fBvdRUmTP8ikolqn0OQzs2zcB0bar5mgjaQ7X6mY
KiLAA+/8hKmH634I1D1+TPJsV3g7hAj6vpArcWUCAwEAAaOCAlUwggJRMB0GA1Ud
DgQWBBQ4GVnzi2LPNNOMf9bvfRPFt48oGTAfBgNVHSMEGDAWgBTCd43iqb6YAhID
gudQ0VnpWHLCrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8x
L09CbFo4NHRpenpUVGpIX1c3MzBUeGJlUEtCay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8xL3duZU40cW0tbUFJ
U0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBr
BggrBgEFBQcBBwEB/wRcMFowWAQCAAEwUjAMAwQAU5PDAwQBU5PQMAwDBAFTk9oD
BAFTk9wDBANTk+ADBAJTk+wDBANe8ZADBAJe8bwDBAOy/QADBACy/REDBAGy/RQD
BAGy/RgDBACy/TYwDQYJKoZIhvcNAQELBQADggEBACrWmhWdK511hMAJl4fIzYwG
oeZgAxm3z8ird5edKejqv6zxdSUa4yFdElFq7V09DJc6TaU9uvlVcVeKAvzSCnEy
NVSVVFk5VldQ6ZNjZhzxJi+Wdm6VBPiqboeE/55mKkS2EpMIoIZL9uPMixIVSKAQ
CFlDcFVvgtMEwzKufzSsKpYG7XCqy/VDQDuX8qm/qJILH/6KOYX2tKFIe/esSTmH
P32JGJHsKh59+1fAjgPIl7PBhquEvDxvYzC+VRBfwjWE6CFyT1X+7dDFXJWR0Lym
zrS+PT+r7cshozC3MBONVKwTwjPpcFIdcnmaqimC0xwKYHVVFojvFZq77187BlM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org